ONC Data Brief No. 27 | Individuals’ Perceptions regarding the Privacy and Security of
Medical Records and Sharing of Medical Records between Health Care Providers
Summary
Building public trust is vital to ensure that all stakeholders are comfortable engaging in
electronic health information exchange (HIE) and the adoption of health IT to achieve the
benefits of an interoperable health care system. Findings from national surveys conducted by
ONC in 2012 and 2013 show that the privacy and security of medical records are significant and
important concerns for individuals nationwide. About 7 in 10 individuals express concerns about
privacy and security although less than one in 10 individuals have withheld information from
their providers due to these concerns. Evidence from this survey suggests that increased
adoption of EHRs is not associated with individuals’ privacy and security concerns. Levels of
privacy and security concerns and rates of withholding have not significantly changed between
2012 and 2013, despite increases in the adoption of any EHR among providers during the same
time period.
2
Furthermore, individuals whose providers use an EHR have similar levels of
concerns about the privacy and security of their medical records as compared to individuals
whose providers use paper records. Continuing to assess this pattern will be important as
evidence is still emerging. Two recent analyses using other national surveys have found similar
findings but another study found an association between EHRs and rates of withholding (3,4,5).
A majority of individuals nationwide also expressed concerns regarding unauthorized viewing of
medical records when information is shared between health care providers. In 2013, about 6 in
10 individuals expressed concerns about their provider sharing their health information with
other providers. However, this level of concern did not significantly differ by whether the
information was sent between health care providers by fax or through electronic means.
Additionally, individuals’ level of concern for sharing of health information through these means
did not change significantly between 2012 and 2013.
Furthermore, we found that individuals’ support for the use of EHRs and electronic HIE, despite
any concerns they may have about the privacy and security of their medical record, continues to
remain strong. In 2013, at least three-quarters of individuals wanted their provider to use an
EHR, and 7 in 10 wanted to share their medical records electronically with other providers
treating them, despite any privacy or security concerns. This suggests consumers’ awareness that
the potential risks associated with electronic health information may be balanced by the
significant benefits (4).
In summary, we found that the concerns individuals may have about the privacy and security of
their medical records are not unique or limited to EHRs. More importantly, in spite of potential
concerns, a majority of individuals want their providers to use an EHR and to share appropriate
medical information electronically with the individual’s other health care providers.