Thank you very much for your interest in FollowMyHealth™. Please see below for an explanation of Allscripts' FollowMyHealth responsibility in securely storing and maintaining your medical data on your behalf.
The "form" that you accept is a legal authorization that allows Allscripts' FollowMyHealth to obtain your medical records from the “organization” (your Doctor’s Office) and to store them for you online. This document is the same as you would sign if you were to request a paper copy of your record from the organization. Just as HIPAA does not dictate to a patient how to share or store their paper copies of medical information, the same is true of your online records with us. No part of your account is shared with your doctors, nurses, or family members without your direction. However, unlike the physical copy of the record you might take home, our HIPAA-compliant security standards keep your information encrypted (unreadable), de-identified (name and other identifiers stripped out), individually stored in your own “container” in the intranet cloud, and only accessible by the username/password by which you access your information.
Allscripts' FollowMyHealth does supply you a Personal Health Record as defined by the Health Information Technology for Economic and Clinical Health ("HITECH") Act. As such, any privacy or security breach of your account must be reported to you by law. So be assured that your health information is stored with methods that meet or exceed federal privacy standards.
The legal wording and explanation around this process is unfortunately complicated and potentially misleading. But rest assured that we have applied security to protect your information for as long as you leave it with us, and will continue to maintain appropriate upgrades to that security. Our goal is to maintain your health records from birth through the rest of your life.
For a more technical explanation, see this article.