HIM Professionals and the Patient Portal

One of the hot topics in healthcare that has been consistently developing and growing over the past few years is the patient portal. Since many different EMRs and portal platforms are used across hospitals and physician offices, each facility is left to develop policies and procedures for what will be released through the portals and how they will be used. There are no specific standards for patient portals, aside from those needed to meet Meaningful Use requirements, which results in different experiences and functionality for end users.

HIM involvement with patient portal implementations has been a little spotty over the years from what I gather from my peers. I heard someone say we “missed the boat” on patient portals. I don’t necessarily agree but I do see inconsistencies in the level of HIM involvement. When it comes to developing policies governing the content that will be released through the portal, HIM professionals are the experts on this initiative. HIM professionals have always been the stewards of the medical record and keeping release of information processes secure and appropriate. There has been a focus on encouraging patients to keep a personal health record long before EMRs and patient portals came to exist. So how could some HIM professionals get left out of the patient portal process?

My first assumption is that patient portals came to exist mostly, although not solely, as a result of Meaningful Use initiatives. If you have had similar experiences to mine, you have witnessed Meaningful Use initiatives typically being handled by IT professionals. As a result, patient portals have fallen under that umbrella from a technology standpoint but I see great opportunities for HIM professionals to be involved to optimize the content shared for the end users. Since the main intent of patient portals is to encourage patients to be engaged in their own care, these portal initiatives have much more benefit beyond attesting to Meaningful Use and should be incorporated into organizational strategic plans for patient engagement.

There has been a lot of discussion around the struggle of increasing patient portal participation. A common factor in patient portal adoption is the lack of patient competencies in using the technology involved. Some patient populations do not frequently use computers, email, or mobile applications which are all a part of the patient portal functionality. To address this at my facility, we created a position within the HIM department to coordinate all patient portal functions including enhancing the user experience by creating frequently asked questions and answers, troubleshooting issues that patients may have when attempting to login, and resetting portal passwords as needed among many other initiatives. Policies were developed to address who can have access to the portal information, how the patients confirm their identity to log in, what is released, and the duration of the availability of the information. We have an interdisciplinary team that contributes to the patient portal process but having the point person reside in the HIM department makes the most sense for governing the entire concept.

One thing to remember is that patient portals do not eliminate the need for traditional release of information processes because we release information to many different requestors for different purposes. The portal does not include every patient document due to the sensitive nature of some results therefore requests for entire charts and abstracts are still necessary in some cases. Patients should participate in the portal for the personal benefit of being proactive in their own healthcare but they should not expect it to replace release of information. I encourage HIM professionals to be involved in the patient portal process in an administrative capacity. The strides made with patient portal optimization are key in optimizing the transition to health information exchange (HIE) concepts which also require heavy HIM involvement.

If you’d like to receive future HIM posts by Erin in your inbox, you can subscribe to future HIM Scene posts here.

About the author

Erin Head

Erin Head

Erin Head is the Director of Health Information Management (HIM) and Quality for an acute care hospital in Titusville, FL. She is a renowned speaker on a variety of healthcare and social media topics and currently serves as CCHIIM Commissioner for AHIMA. She is heavily involved in many HIM and HIT initiatives such as information governance, health data analytics, and ICD-10 advocacy. She is active on social media on Twitter @ErinHead_HIM and LinkedIn. Subscribe to Erin's latest HIM Scene posts here.


  • Great post Erin – really like to hear your perspective on portal adoption from an HIM perspective.

    Had a quick question – when you were deciding how the patients confirm their identity to log in, did you ever give thought to moving beyond user names and passwords (or PINs) and implement stronger patient ID security considering the sensitive nature of the data?

    Thank you!

  • Portals seem to be to still be in their infancy. Lots of reasons; trying to decide what should be viewable and doable, difficult sign up processes, poor support from providers and more. Oddly, while I use doctors in a few different ‘systems’, I’m only in 2 portals – as best as I can recall!

    I know how odd that sounds; I’m geek through and through and have been for more then 40 years. But I’m tight for time, overloaded with emails, and only have the time and energy for portals that help me. My PCP’s practice is part of a huge hospital oriented system with EPIC’s portal. She uses it to remind me of things, and quickly responds to queries. Early on it was hard to get in; not so anymore, since most of the providers in the practice are now into it. I may not use it every day, but it is easier for me to use it then other methods of reaching out to the practice.

    Not all my data is available, but enough is, including most lab results. If I go to a doctor outside that practice, I just have to open the app on my phone, and have my most recent lab results – quickly and easily. It really surprises providers who don’t yet ‘get it’.

    As to the login comment, the system still uses traditional log in methods, but it is ‘moderate’ on password strength, helpful since fanatical password strength requirements are enough to keep me, the geek, off a web site.

    The other portal I use, is far less useful. Parts of the ‘system’ still don’t feed the portal, the GUI is horrible, it is very hard to add one’s providers; ie the system is next to useless, but if you can get in, you might find helpful data. This system is run by yet another huge hospital system, one that reminds you they have the portal with more energy then they seem to put into making it useful.

    Clearly, both hospitals are motivated by MU; but only one of the two is motivated enough to make their portal a partner in the patient doctor relationship. One is a benefit, the other a pain in the you know what! 🙂


  • Thank you. We have looked for the most secure way for patients to log in but in a format they will actually remember and use. We currently require patients to have their medical record number as part of the ID verification process. Once they have verified their identity and confirmed the email address, the login and password are used to access the portal.

  • Very true. Promoting the portal just to meet Meaningful Use attestation is ironically just scratching the surface of what portals have to offer. We will definitely see them continue to grow and develop but hopefully with more meaningfulness and interoperability. Thanks for your feedback.

Click here to post a comment