Skip to main content

Advanced Search

Advanced Search

Current Filters

Filter your query

Publication Types



Newsletter Article


CMS Announces New Pilot Program for Personal Health Records

By Neda Semnani, CQ Staff

August 15, 2008 -- The Centers for Medicare and Medicaid Services (CMS) has announced a pilot program designed to enable Medicare beneficiaries to electronically manage their medical records and treatment plans.

The one-year program, slated to start in Arizona and Utah in January 2009, would allow several thousand beneficiaries to choose an electronic personal health record (PHR) tool that allows patients to collect and maintain up to two years of medical information and health records, including personal identification, insurance information, and medication and dosage information, said a CMS news release.

Unlike physician-maintained medical records and electronic health records (EHRs), PHRs are maintained, accessed, and shared by individuals, not health providers. Though physicians can add information directly into the PHR, only patients can remove it and grant access to their electronic records. The scope of information Medicare beneficiaries can include in the PHR may vary depending on the commercial PHR vendor and the individual's health literacy, the release said.

Tony Trenkle, director of the Offices of E-Health Standards and Services with CMS, acknowledged potential privacy issues that can exist with any electronically managed health records because the owners and administrators of health record databases are not regulated or bound by the Health Insurance Portability and Accountability Act (HIPAA) or its privacy standards. "The PHR vendors have to meet certain criteria to participate, including completing the Data Use Agreement," Trenkle said. Such agreements are meant to ensure that vendors comply with CMS' privacy rules and data release policies.

A House health IT bill (HR 6357) contains provisions to address privacy issues and other health information technology concerns. The bill would extend HIPAA privacy and security standards to all business associates of health care providers, not just the health care providers themselves. The House Energy and Commerce Committee marked up the bill in July.

The program is the third PHR program launched by CMS since 2007. A similar yearlong program kicked off in South Carolina in April 2008 using a single PHR vendor, while a health plan-based pilot began in June 2007. CMS is soliciting vendors for participation in the January pilot, the release.

Publication Details