What is a Health Record Bank and What Does it Have to Do with Privacy and Security?

by Carol Selvey

Despite the financial crisis that has shaken consumer confidence in lending institutions and banks, we still all have bank accounts and depend on them to provide a repository for our hard-earned money. We trust them to keep our funds safe and handle our financial transactions, whether electronic or manual. Similar to these venerable financial institutions, health record banks are safe, secure repositories to store and transmit your health records.  The concept of health record banks (HRB) is the brain child of William Yasnoff, MD, PhD, and former Senior Advisor in the Department of Health and Human Services.  Yasnoff also  leads the Health Record Banking Alliance (HRBA) today. A narrated overview is available at http://www.healthbanking.org/index.html. NHIN Watch recently reported that three such banks are in operation in Oregon (see http://www.nhinwatch.com/news.cms?newsId=4933) and they merit our attention.

With the federal funding available to encourage the adoption of electronic health records and the creation of a national framework to make protected health information portable and accessible for informed medical decisions-making, health record banks offer an effective solution as a key component in health information exchange (HIE). Use of health record banks were envisioned before Google and Microsoft entered the personal health record market. The concept is elegant in its simplicity and security. A patient chooses a health record bank as the repository for his or her health records and pays a nominal annual fee for the service. The patient determines what data can be shared with whom. There are no conflicts among stakeholders and the patient is assured confidentiality and data integrity.

With health record banks in place, the burden of an HIE  is reduced for providers. While still subject to HIPAA and HITECH privacy and security rules, they would have fewer concerns about administering HIEs, since patients (not providers) would determine where their data was stored and how it was shared. New medical information about a patient would be transmitted to the patient’s account after the patient received care.  The comprehensive records of the patient would be available in one place immediately for care anywhere in the world.  The patient would control access and set his or her own privacy policy.  Each healthcare organization would need only interface to one HRB (or perhaps to a small number in their community).  Furthermore, the HRB would have a sustainable business model based on the patient paying for new value created by the HRB.

Health record banking is a concept patients need to ensure safe and secure exchange of health information.