Patient data privacy and access resources

The AMA seeks to ensure that as health information is shared—particularly outside of the health care system—patients have meaningful controls over and a clear understanding of how their data is being used and with whom it is being shared. Above all, patients must feel confident that their health information will remain private.

News and resources

• Learn more about information blocking requirements (PDF).
• Broader information-blocking requirements take effect: What it means

Privacy by design for developers

AMA releases new guidance for health app developers on equitable data governance and collection.

AMA Patient Records Electronic Access Playbook

Find best practices for efficiently providing patients with electronic access to medical records in one authoritative resource with the AMA's Patient Records Electronic Access Playbook.

The playbook covers elements, including requirements under HIPAA, to help practices provide patients with their own health information. Find legal requirements, real-world scenarios, the world of apps, key points to remember, and a patient records request flowchart.

Patient privacy

Patients have a right to determine how and what parts of their health information is shared. Further, any individual or company seeking to access a patient’s most confidential medical information must comply with federal and state law and develop or have an established trusted relationship with the patient.

Stay informed and up-to-date about the ways the AMA protects patient information and patient privacy.

Electronic health information blocking

Information-blocking practices, which impede the secure exchange and use of electronic health information by practices, patients and doctors can stand in the way of providing quality care. AMA provides online resources for physicians on the information blocking rule that takes a deeper dive into integrating data sharing into medical practices and making medical records more easily available to patients.

• Learn more about information blocking (PDF).
• Find an information blocking educational resource (CME credit) on AMA Ed Hub™

The AMA has created a summary brief (PDF) of a new Final Rule released by CMS and ONC in late June implementing disincentives for physicians and other health care providers participating in specific Medicare programs that HHS has determined have committed information blocking.

EHR interoperability and usability

Patients have the right to access their medical information. Access also improves the overall efficiency of the medical care team. Explore news, information, solutions and statements on EHR interoperability, EHR usability and AMA patient privacy resources.

Health apps

In the digital age, personal health information is not always truly private. Social media platforms, wearable fitness trackers and apps collect health data that can be shared for advertising purposes and, when combined with medical records, allow for profiling and discrimination. AMA has adopted policies designed to help integrate mobile health applications and devices (also known as mHealth) into clinical practice.

Health Insurance Portability and Accountability Act (HIPAA)

As practices and health care organizations become increasingly digitized, physicians must be aware of HIPAA’s Privacy, Security and Breach Notification requirements, that protect the confidentiality of their patients’ medical information.

Ethics of privacy, confidentiality and medical records

Protecting information gathered in association with the care of the patient is a core value in health care.

The AMA Code of Medical Ethics provides guidance to help physicians strike the balance with patient's rights and privacy.

How to ethically utilize AI

When used ethically, augmented intelligence (AI) has the power to serve as a transformative and powerful tool for physicians.