When health data lives everywhere: Rethinking privacy outside the EHR

For years, health privacy programs operated on a simple assumption: health data lives in medical records, and the U.S. Health Insurance Portability and Accountability Act tells us how to protect it. That assumption no longer reflects how care works. 

Today, the patient journey often starts online. People book appointments through third-party platforms, browse condition-specific webpages, use symptom checkers, chat with support teams and even receive text reminders. Each interaction generates data; and while it may not qualify as protected health information under HIPAA, it can still reveal deeply personal information about someone's health.

As digital tools expand, more health-related data lives outside the electronic health record and beyond the controls privacy teams know best. HIPAA still matters. But HIPAA alone is no longer enough. The challenge is governing health-related data wherever it appears.

The old model of managing protected health information was like securing a locked file cabinet in a records room. You knew exactly where the information lived, who held the key and when the drawer was opened. 

Today, managing health data is more like overseeing traffic in a busy city. Information moves constantly through websites, vendors, analytics platforms and call centers. It intersects, merges and reroutes across systems never designed to function as clinical spaces. Privacy teams are no longer guarding a single cabinet. They are managing a network in motion.

How health data moves outside clinical systems

Health information now surfaces in tools designed for convenience and engagement.

Selecting mental health or fertility services while scheduling communicates sensitive context, even without a diagnosis. Symptom checkers capture concerns before a provider is involved. Call centers even record conversations about medications, treatment decisions and insurance barriers.