
Throughout the history of healthcare, the focus of health information aggregation has gradually become more patient-centric. Some suggested that it is due to the growing digitalization of health information, and the needs for innovative health management tool under the interconnected and complicated medical information system [1].
Personal Health Record (PHR), unlike Electronic Medical Record (EMR) and Electronic Health Record (EHR) that serves as a static data repository, captures health data entered by individuals and allows them to combine data, knowledge and software tools for better personal health management [2]. Most of the efforts to build a PHR system have been relatively recent. In this article, I will examine two main categories of the existing PHR systems (Patient Portal & Stand-Alone PHR) as well as some real-world use cases in the United States.
Patient Portal
Patient Portal, or sometimes also known as the Tethered PHR, is typically the healthcare-related online applications that give patients convenient 24-hour access to personal health information and allow individuals to interact with their healthcare providers (such as hospital and physicians) [3].
Patient portals in the US are mostly provided by hospitals and health insurers, therefore are covered by HIPAA regulations. By 2017, 52% of the US population have been given online access to their medical records by a health care provider or insurer. Among those who were offered online access to their medical records, about 75% were encouraged by the provider to use it [4]. According to the Office of the National Coordinator (ONC), the major functionality that individuals access their online patient portals for is to view, download or transmit their medical records.
Table 1: Reported online medical record functionalities used by individuals who have accessed their record at least once in 2017 in the United State.
Source: The Office of the National Coordinator for Health Information Technology (Ap 2018). Individual’s use of online medical records and technology for health needs. Available at: https://www.healthit.gov/sites/default/files/page/2018-03/HINTS-2017-Consumer-Data-Brief-3.21.18.pdf
Use case 1: Kaiser Permanente’s My Health Manager
With Kaiser’s My Health Manager, one can interact with healthcare providers, manage past and future appointments, view medical records (such as test results, immunizations, health reminders), view insurance plan, pay medical bills, manage prescriptions etc [5]. By 2014, nearly half of Kaiser Permanente’s members used My Health Manager [6].
Use case 2: Cleveland Clinic’s MyChart
Provided by the Cleveland Clinic, MyChart is a “secure, online health management tool that connects Cleveland Clinic patients to portions of their electronic medical record, allowing you to see test results, message your physician, schedule appointments and more[7].”
Types of information one can see in MyChart: test results, physician progress notes, medications, preventive care information, upcoming and past appointments, immunization, current health issues, health trends, child’s and dependent’s medical records. One can also download, transmit health summary to healthcare providers, as well as granting access to referring doctors [8].

Stand-alone Personal Health Record
Unlike the patient portal that is normally provided by a single healthcare institution, the stand-alone PHR is a system where “patients fill in the information from their own records and memories and the data is stored on the patients’ computers or on the internet. Patients can decide whether to share the information with providers, family members, or anyone else involved in their care. In some cases, information can be downloaded from other sources into the PHR [9].” That is, patient data management is a key selling point of this type of PHR. Being fully controlled by the patient, even the healthcare providers cannot view the data without the patient’s permission [10].
Besides the traditional players in the healthcare ecosystem, it is interesting to spot a growing number of tech players (big tech giants as well as startups) that join the playing field.
Use case 1: Google Health (2008-2012)
Strongly believing in the role information plays on healthcare and in improving the way people manage their health, Google introduced the ambitious Google Health in 2008 [11]. Google Health aimed to do so by giving people a centralized repository where they can collect, store and manage their medical records online [12].

“We wanted to translate our successful consumer-centered approach from other domains to healthcare and have a real impact on the day-to-day health experiences of millions of our users.” — Google [13]
Some key features of Google Health:
- Privacy and security
Google Health emphasized its understanding of the sensitive and personal nature of personal health data, and promised users that it will not sell or share one’s health data without explicit permission. Yet, it was stated in Google Health’s Terms and Conditions that they may share aggregate, anonymous information from their Google Health records [14]. - Integrated platform
Google Health assembles a directory of third-party services that can interoperate with it. That is, one can automatically import information (e.g. doctor’s records, prescription history, test results) into Google Health for easy access and control. Besides healthcare-related institutions such as Walgreens, CVS, the American Heart Association and the Cleveland Clinic [15], Google Health also integrated with health tracking devices — such as Fitbit and Cardio Trainer [16]. - Free of charge
Many other PHR services available at the time were paid by the users themselves, the employers or the advertisement companies [17]. However, Google Health was free of charge for its users, just like most of the company’s products.
However, Google officially announced plans to shut down Google Health at the beginning of 2012, stating that “[although] there has been adoption among certain groups of users like tech-savvy patients and their caregivers, and more recently fitness and wellness enthusiasts, we [Google] haven’t found a way to translate that limited usage into widespread adoption in the daily health routines of millions of people.” Outside of Google, many argued one of the main reasons for Google Health’s failure is the privacy concern. Two of the major aspects are—
- Google Health is not a covered entity of HIPAA
In the US, the Health Insurance Portability and Accountability Act (HIPAA) is the federal rule that establishes a minimum privacy and security standards for “covered entities (e.g. a health care provider, health insurer or clearinghouse)” when it comes to health information — and Google is not one of it. That is, the health data people put into Google Health does not receive the same obligated legal protections as those in the hospital systems. In fact, Google Health users’ rights were mainly protected by the company’s Terms & Conditions. Although it is possible for Google Health to do a great job of protecting its users from uninformed disclosure or usage of personal health information, many privacy experts raised concerns over the user’s ability to fully evaluate the fairness of such policies [18]. - Security highly depends on the passwords set up by individuals
Logging into one’s Google Health account was no difference from logging into one’s Gmail account — just putting the username and the password that individuals set for themselves. Therefore, some raised concerns that health information in Google Health is only as safe as the account password. And in most cases, individuals tend to have weak and old passwords that they use on various occasions [19].
Some other potential reasons for the shut down of Google Health include — insufficient number of partnerships, lack of motivation from those who with occasional health problems to use, people’s lack of trust for a big commercial company as Google to manage their data, people feel uncomfortable taking the responsibility for the quality and accuracy of their health data etc.
Use case 2: Microsoft HealthVault (2007-)
First introduced in 2007, Microsoft HealthVault aims to “help you gather, store, use, and share health information for you and your family online.”

The main selling points of HealthVault include:
- Be on top of the family’s wellness
Users can keep, organize and access all health records and details of themselves (and their family) in one place. For instance, parents can keep track of the medical records of their children at their fingertips, and be ready when being requested to provide such information to schools or summer camps. - Be better prepared for unexpected emergencies and doctor visits
Via HealthVault, users can create an emergency profile for unexpected needs, as well as bring up-to-date health information of themselves to doctor visits to ensure better care.
- Create a complete picture of one’s health
Users can pull lab results, prescription history, medical imaging and visit records from a growing list of labs, pharmacies, hospitals, and clinics who send information to your HealthVault on request. Moreover, users can also bring in health information from tracking apps & devices (e.g. blood glucose monitor) via the HealthVault Connection Center. - Help achieve fitness goals
HealthVault provides a weight management dashboard where users can set goals and track weight, activity and diet. Users can also share the process with family and friends on selected channels
It is interesting to note that building on the original HealthVault platform, Microsoft debuted the AI-enhanced mobile health platform HealthVault Insights in early 2017 —- but shut it down not long after at the beginning of 2018.
Use case 3: Apple Health Records (2018-)
Despite Google Health failing and Microsoft HealthVault not exactly receiving a huge success over that last decade, the tech giant Apple stepped into the health data aggregation game earlier this year.
In January 2018, Apple announced a significant update to its HealthKit app — a feature for users to view their medical records directly on their iPhones. In the “Health Records” section within the Apple Health app, users can have medical information from multiple healthcare providers organized into one view covering allergies, conditions, immunizations, lab results, medications, procedures and vitals, and will receive notifications when their data is updated [20]. 6 months after the announcement, Apple opened up its Health Records API to developers to create an ecosystem of apps that use health record data to better manage medications, nutrition plans, diagnosed diseases and more [21].
“Medical information may be the most important personal information to a consumer, and offering access to Health Records was the first step in empowering them.” — Jeff Williams, Apple’s Cheif Operating Officer
Some key features of Apple Health Records:
- Win-Win for existing patient portals
Apple emphasizes that the Apple Health Records is not a competitor but a complement to the existing patient portals. By using the same patient login credentials, users can become more aware and engaged with the services provided by the patient portals. - Secured and private throughout
The health record encrypted when being transferred from a healthcare provider to the Apple Health Records. When a user’s iPhone is locked with a passcode, Touch ID, or Face ID, their health data in the Health app is encrypted on-device. Apple is not creating, receiving, maintaining, or transmitting protected health information for or on behalf of a covered entity or business associate [22].
By the end of October 2018, there are more than 100 healthcare institutions in the United States that support Apple Health Records (beta) on iPhone, including Cleveland Clinic, Duke Health, Johns Hopkins, Kaiser Permanente, Scripps Health, Stanford Health Care, UC San Diego Health etc [23].
Down the road…
At this digital age, health data has become the foundation stone for patient engagement, precision medicine and better healthcare. The effort of aggregating personal health data is hardly innovative. Throughout the past decade, many have attempted to build a widely adopted PHR system, and many have failed. Yet with personal health data only getting more valuable and innovative technology being introduced, more players and solutions can be anticipated.
