06 Mar HIPAA Compliance Explained

Thank you very much for your interest in FollowMyHealth™. Please see below for an explanation of Allscripts’ FollowMyHealth responsibility in securely storing and maintaining your medical data on your behalf. 

The “form” that you accept is a legal authorization. This allows Allscripts’ FollowMyHealth to get your medical records from the “organization” (your Doctor’s Office) and to store them for you online. This document is the same as you would sign if you were to request a paper copy of your record from the organization. As HIPAA does not dictate to a patient how to share or store their paper copies of medical information, the same is true of your online records with us. No part of your account is shared with your doctors, nurses, or family members without your direction. But, unlike the physical copy of the record you might take home, our HIPAA-compliant security standards keep your information encrypted (unreadable), de-identified (name and other identifiers stripped out). They are individually stored in your own “container” in the intranet cloud, and only accessible by your username/password.

Allscripts’ FollowMyHealth does supply you a Personal Health Record. Which is defined by the Health Information Technology for Economic and Clinical Health (“HITECH”) Act. Any privacy or security breach of your account must be reported to you by law. So be assured that your health information is stored with methods that meet or exceed federal privacy standards.

The legal explanation around this process is unfortunately complicated and potentially misleading. We have applied security to protect your information for as long as you leave it with us. We will continue to maintain appropriate upgrades to that security. Our goal is to maintain your health records from birth through the rest of your life.

For a more technical explanation, see this article.