Personal Health Records (PHR) are a befuddling topic to nail down in Health IT because there is a lot of variation in how they are created, sold, and understood. Thankfully, the consistent part of everyone’s definition is that the PHR is a set of information that is accessible to the patient. In fact, a simple definition would be that a PHR is the patient’s view into their own health information. Based on sponsorship, PHRs come in two types: Tethered or Standalone. Both are described below with a deliberate emphasis on extreme ends of feature variations to bring out the contrast.

3.6.1. Tethered PHRs

A tethered PHR is tied to the enterprise EHR of the patient and sponsored by the treating healthcare organization. Being anchored to the formal EHR provides good privacy and security protection for these PHRs. But it also subjects them to the restrictions of the parent organization’s policy controls.

A tethered PHR’s information is supervised and regulated by the organization that bankrolls it. For example, patients can see their usual lab test results in the tethered PHR, but not sensitive test results (like those for sexual health) because the doctor may choose to withhold that information till after they’ve had a chance to talk to the patient.

If you exclude e-mail and chat communication features, these type of PHRs are designed for mostly one-way transmission of health information (from the sponsor to patient). That’s because getting free-flow, unfiltered information back from the patient is a medico-legal risk for any clinical organization. What if the latest self-reported blood pressure is dangerously high and the patient collapses minutes after submitting it via their PHR? Malpractice claim attorneys would salivate at the possibilities.

Some organizations may employ a “Case Manager” to deal with high-risk patients submitting their health information. That intermediary may reduce the burden and risk on the physician. But typically such workflow would necessitate a dedicated care management software with its own PHR-like module. What we are considering here is a PHR available to all patients of an organization, not just the ones at highest risk.

Tethered PHRs are often so limited in functionality that it seems like a stretch to call them health records at all. If you have corporate health insurance, you most probably have experienced a tethered PHR. They are essentially an online way to see claims history, lab reports, and various forms related to the patient’s coverage. Besides that, the bulk content consists of spam-like health education articles and feeble tools like personal risk calculators.

The main drawback of a tethered PHR is the lack of robust access controls and sharing features for patients to use. The web browser’s default print and share capabilities don’t count in that regard. Additionally, if patients switch providers or insurance, there is no genuinely digital way to take their data with them. The bottom line is that the patient has no real ownership with a tethered PHR.

Besides hospital systems and provider organizations, other sponsors of a tethered PHR include insurers or large employers. Usually these records are more restricted and less useful than a provider organization’s tethered PHR.

Patient Portals

We defined PHRs as the patient’s view of their health information at the beginning of this section. If the health information in question doesn’t include the patient’s self-gathered data then it should be called a “Patient Portal,” not a PHR. Portals are just a patient-accessible view of a subset of their EHR’s content.

The current status quo is that most tethered PHRs are just patient portals claiming to be PHRs. They let users access forms, communicate with providers, request refills, review lab results, and schedule medical appointments. But patients can’t enter health information that they’ve gathered on their own. If you have a user account on any website that belongs to your provider or insurer, check if it allows entering your self-gathered data like blood pressure, glucometer readings, or immunizations. Chances are that it doesn’t.

In the last two decades, there were several vendors selling B2B technology to help the sponsoring organization set up patient portals. Most such companies changed course or shut down once enterprise EHR vendors started offering integrated PHRs. More recently, the market for independent portal technology has seen a resurgence due to Meaningful Use regulation that stresses patient engagement measures like secure messaging. But eventually there will surely be a shakeout and only those with integrated EHR and PHR offerings will survive. There is simply not sufficient data interoperability in the industry for independent portal technology vendors to survive long-term.