Who Owns Your Medical Records? The Answer Is More Complicated Than You Think

In 2023, HCA Healthcare disclosed that it had derived and sold patient data from roughly 11 million patients without obtaining explicit patient consent. The company, one of the largest hospital networks in the United States, had monetized behavioral and demographic information extracted from patient interactions. Most of those 11 million people had no idea it was happening, and under current law, HCA had not clearly broken any rules. Then, in February 2024, a ransomware attack on Change Healthcare exposed the medical records of more than 100 million Americans, making it the largest healthcare data breach in US history. Patients received letters weeks or months later. By then, the data was already circulating.

Both incidents share a common thread: patients assumed a level of control over their health information that the law simply does not guarantee. So here is the direct question you probably have not been asked before. Do you know who legally owns your medical records right now? The answer is almost certainly not what you think, and it has direct consequences for your health, your privacy, and your finances.

The Legal Reality Most Patients Do Not Know

In the US

Under the Health Insurance Portability and Accountability Act, better known as HIPAA, the healthcare provider owns the physical or electronic record. You have the right to access a copy of your records and to request corrections, but that is meaningfully different from ownership. You cannot instruct your hospital to delete your file. You cannot prohibit your insurer from sharing certain records with affiliated companies within the bounds the law permits. Access is a right; control is not.

The fragmentation problem compounds this. Your health information is not housed in one place. It exists across your primary care physician's system, the hospital where you had surgery, the specialist you saw once three years ago, the pharmacy chain, the diagnostic lab, and your insurer's claims database. Research from the Office of the National Coordinator for Health Information Technology estimates that the average patient's records are distributed across 15 to 20 separate siloed systems. None of these are under any blanket legal obligation to consolidate or share with each other, or with you, without a formal request.

In Europe

The European Union's General Data Protection Regulation, GDPR, gives citizens meaningfully stronger rights than HIPAA does. You have the right to access your data, the right to portability so you can move it to another provider, and the right to erasure under certain conditions. These are real protections, and they matter. But even GDPR does not establish patient ownership in a philosophically complete sense. It restricts what institutions can do with your data without consent. The fundamental fragmentation problem, dozens of systems holding pieces of your health history with no unified view available to you or your clinicians, persists across EU member states.

Finland and Estonia have made the most progress toward unified national health records, but they remain exceptions. Most European patients face the same practical reality as Americans: getting a complete picture of your own health history requires weeks of requests, phone calls, and form submissions.

The Ownership Gap

Here is the economic reality that rarely appears in patient consent forms. Health data is one of the most valuable commodities in the modern economy. Global health data markets were valued at over $370 billion in 2024, with projections exceeding $800 billion by 2030, according to analysis from Grand View Research. Pharmaceutical companies pay for access to anonymized patient datasets to identify drug trial candidates. Insurance actuaries purchase population-level health trends to price risk. AI training companies license de-identified clinical notes to build diagnostic models.

The institutions that collected your data profit from it. You do not. This is not incidental. It is structural. The current system was built before the data economy existed, and it has never been redesigned to reflect the reality that your health history has financial value that should, by any reasonable ethical standard, accrue to you.

What Fragmentation Actually Costs You

This is not an abstract philosophical problem. It has direct, measurable consequences for your health. When you arrive at an emergency department, the clinicians treating you typically cannot see your full medication list, prior diagnoses, known allergies, or notes from the specialist who saw you six months ago. They work with whatever you can recall and whatever happens to be accessible in that institution's system. Decisions are made under conditions of informational scarcity, not because the information does not exist, but because it is scattered across systems that will not communicate without weeks of paperwork.

The human cost is documented. Research published in the Journal of Patient Safety and cited by the Institute of Medicine estimates that medical errors, substantially driven by incomplete information at the point of care, contribute to at least 250,000 preventable deaths in the United States every year. Data fragmentation is not the only cause, but it is a significant one. Your records exist. They contain the information a clinician needs. They are simply unreachable when it matters most.

Understanding the full scope of this problem requires looking at how decentralized health data infrastructure is being designed to address fragmentation at the architectural level, rather than patching over it with interoperability standards that have been promised for decades and never fully delivered.

Why This Problem Is Getting Worse, Not Better

A decade ago, your medical footprint was relatively contained: a GP's file, a hospital record, a pharmacy database. That world no longer exists. Wearables now track your heart rate continuously. Continuous glucose monitors log blood sugar levels every five minutes. Mental health apps record your mood, sleep, and behavioral patterns. AI health assistants log your symptoms and questions. The data surface describing your body and your health is growing faster than any regulatory framework can keep pace with, and almost all of it flows to private servers owned by companies whose terms of service you agreed to without reading.

Consider a specific case that made it into the peer-reviewed literature. In 2022, a major fitness platform sold anonymized heart rate and activity data to a consortium of life insurance companies. Researchers at Imperial College London subsequently demonstrated that the anonymization used could be reversed for approximately 80 percent of individuals using basic cross-referencing with publicly available datasets, such as social media profiles and census records. This technique, called re-identification, is well understood by data scientists and routinely underestimated by institutions claiming their data is "fully anonymized." The sale was legal. The re-identification was preventable but not prevented.

The trajectory is clear. More data, more parties, more surfaces for exploitation, and no fundamental change in the ownership structure that would give you any say in the matter. The question is not whether the current model is sustainable. It is not. The question is what replaces it.

What Patient-Owned Health Data Actually Looks Like

The Blockchain Approach

Decentralized health data infrastructure works on a fundamentally different principle. Rather than storing your records on servers owned by hospitals, insurers, or technology companies, it stores them in a patient-controlled encrypted wallet. You hold the cryptographic key. No institution, regardless of whether it generated the data, can access, share, or sell it without your explicit, revocable consent. Every access event is written to an immutable blockchain audit trail, meaning you can see exactly who looked at what, and when, in real time. This is not theoretical architecture. Systems built on this model are operational and scaling.

The AI diagnostic systems being built on top of patient-controlled data infrastructure are qualitatively different from those trained on institutionally licensed datasets. When a patient controls access, the data can be richer, more longitudinal, and more complete, because patients have an incentive to contribute when they retain ownership and benefit from the results.

Granular Consent

One of the most important features of patient-owned infrastructure is the precision of consent. In the current system, signing a consent form at a hospital typically authorizes broad access for a broad set of purposes. You consent to everything or you do not receive care. A patient-owned system inverts this. You can allow your cardiologist to access cardiac imaging and ECG records while keeping mental health notes entirely private. You can grant a research institution time-limited, read-only access to anonymized genomic data while retaining full control over your clinical notes and prescription history. Consent becomes specific, revocable, and auditable rather than a blanket signature buried in an intake packet.

This matters particularly for sensitive categories of health information: mental health records, reproductive health data, genetic information, and substance use history. These categories have historically been used in ways that harm patients, from employment discrimination to insurance denial. Granular consent provides the architecture for genuine protection rather than regulatory theater.

The Token Economy

When pharmaceutical companies want access to anonymized patient data for drug research, they currently pay data brokers and health systems. The patients whose data is being used receive nothing. In a patient-owned model, smart contracts, self-executing agreements encoded on a blockchain, can automatically distribute fair compensation to patients when their data is accessed for research purposes. The pharmaceutical company submits a data request, the smart contract verifies consent, delivers the anonymized data, and distributes payment to participating patients without any intermediary taking a cut. This inverts the current economic model entirely.

MyDeMed, built on QuanMed's Lepton Lab infrastructure, is a working implementation of this model. It gives patients a unified, encrypted record, granular consent controls, and participation in the value generated by their data when they choose to contribute it to research. The platform demonstrates that patient-owned health data is not an idealistic future state. It is deployable today, and it works.

What You Can Do Right Now

Systemic change takes time. But there are concrete steps you can take today to understand your current situation and begin asserting whatever rights you do have.

Start by requesting your complete medical records from every provider you have seen in the last five years. In the United States, HIPAA gives you this right, and providers are required to respond within 30 days. Many patients who do this for the first time are surprised by both what is in their records and what is missing. Errors in medical records are more common than most people assume, and errors can affect clinical decisions.

Review the privacy policies of every health-related app on your phone. This is tedious, but it is informative. Look specifically for language about sharing data with third parties, selling de-identified data, or using your information to train AI models. If you find clauses you are uncomfortable with, delete the app or request data deletion under whatever rights your jurisdiction provides. In the European Union, submit a Subject Access Request to any health institution or app you use; GDPR requires them to provide a complete copy of everything they hold about you.

Ask your primary care provider whether their patient portal supports data export in a standard format, ideally FHIR (Fast Healthcare Interoperability Resources), the technical standard that makes records portable across different systems. If your provider supports it, download your records and store them somewhere you control. This simple step puts you closer to having a complete picture of your own health history than the vast majority of patients currently have.

Finally, pay attention to who is building patient-controlled alternatives to the current fragmented model. The institutions that hold your data have no structural incentive to give you more control over it. The pressure for change will come from patients who understand the problem and from technology built to solve it from the ground up, not from the entities that profit from the status quo.