FollowMyHealth and HIPAA

Last Updated: Oct 08, 2014 01:53PM CDT

The FollowMyHealth Universal Health Record is HIPAA-compliant in that it adheres to mandated encryption standards when receiving, sending, and storing a patient's health information.  When a provider invites a patient to create a UHR account, the provider makes that contact directly with the patient or, to the extent Allscripts assists in that process, Allscripts does so as a business associate of the provider, and pursuant to a HIPAA-compliant business associate agreement.  When a patient actually establishes a UHR account, that patient executes a HIPAA-compliant authorization directing his or her health care organization to disclose the patient's medical record information in electronic form to Allscripts, such that it can maintain the UHR on the patient's behalf.  Pursuant to the authorization (and Allscripts' privacy policy on the UHR website), the patient acknowledges that he or she has directed the release to the UHR and that and further disclosure of the information maintained on the UHR is not protected by HIPAA.  As FollowMyHealth is not a covered entity, HIPAA does not apply to it. 

For a less technical explanation, see this article.
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
Invalid characters found