Electronic records have changed the way those in the healthcare industry have shared information—from physician to physician, or with necessary third parties. But because of how quickly the shift to electronic records is mandated to happen, there are a lot of questions being asked about the records themselves—specifically, who owns them?

HIPAA doesn’t say anything about ownership of records, and only New Hampshire has a law stating that records belong to patients. Otherwise, there’s nothing on the books.

The legal situation surrounding the ownership is only one element of the conversation, though. Really, it comes down to data safety. If patients can be identified by the data in their records, then keeping those records locked down is important. However, the ability to share them among physicians and even with the patient can also mean advances in healthcare.

As the debate continues, the best course you can take is simply to keep your patients’ data safe. If you work with partners outside of your walls, make sure that their data protection is up to industry standards, as well.

Read more about the debate over patient records in this article.