One Medical Passport / Unconscionable Terms and Conditions for handling medical data

St Aug 26, 2015 Willington CT 06279 Review updated:

Apparently hospitals and surgeons all over the country are relying on One Medical Passport to collect data online for pre-surgical patients.

Thus, I've been instructed to use One Medical Passport to submit my entire medical history, pills, allergies, etc., in preparation for my upcoming surgery. So I began that process on [protected]. After taking my identification data, it demanded that I click on a box to agree to its Terms and Conditions (T&C). "Everybody" is using it, so this should be OK, right? WRONG!

Those T&C are a nightmare for anyone who reads them all the way through. I won't quote them here -- they're available to anyone who goes to OMP's website. The basic problem is their disclaimer of any responsibility whatsoever to do their job right, coupled with a draconian indemnification clause that makes the patient liable for damages and attorney fees incurred in the course of squashing any complaint relating to their flubs.

In case this needs to be said: I haven't encountered any doctor or hospital that employ T&C agreements, especially one like this. Organizations that do so should not be trusted with medical data.

Desired resolution: OMP must remove the offending clauses from its T&C and take responsibility for its work. Also, hospitals must provide alternate ways to submit medical data without a T&C hassle.

Sort by: UpDate | Rating


  • Cr
      Jun 05, 2016

    Before having Outpatient surgery at a local Surgery Center I was asked to provide my complete medical history via One Medical Passport.
    I checked it out and found they keep their information in the Cloud. They sent their request via unciphered/unencrypted email.
    That didn't give me a warm and fuzzy.
    I wrote and asked them which company they were using to protect them from Advance Persistent Threats (APT). They replied
    with quotes from their Privacy Policy. That has nothing to do with how they protect 'my' Personal Health Information (PHI) while it is under
    their auspices, hanging out there on the internet.
    I wouldn't mind so much if their data wasn't exposed to Chinese professional government hackers or Russian/Ukrainian criminal enterprises
    as low hanging fruit out on the internet, but it is.
    These days Health Information is very valuable as it cannot be changed as Credit Card numbers and Passwords can be changed.
    Once the criminals have your information they have it forever and ever.
    Even the U.S. government Office of Personnel Management that handles all personal information for all people that hold clearances was breached by the Chinese government.
    Given the ease of the bad actors to breach those responsible to hold information on people that hold sensitive Special Intelligence clearances,
    I have no faith in the ability of One Medical Passport to safeguard my PHI. None.
    There are two types of data companies, those who have been penetrated and know it, and those who have been penetrated and
    do not know it.
    I'll take a pass on putting my PHI out there on someone's cloud, especially when they eschew all responsibility for safeguarding my information.
    Thank you stanr for your original complaint and enlightenment on their draconian Terms & Conditions. I was unaware of them.

    +2 Votes
  • Bo
      Jun 11, 2017

    Your review does not make any sense. One Medical passport is only storing information, their T&Cs has nothing to do with medical treatment or responsibility for it.

    -2 Votes
  • Al
      Jul 30, 2019

    @Bookshelf Trafficlight Wow! What part of... a company storing your personal information with nothing more than standard firewall protection don't you get?

    0 Votes
  • Cl
      Aug 03, 2017

    Last week, I provided my personal information on One Medical Passport for a procedure at a Surgery Center. One week later, I am a victim of identity fraud and am now trying to put my life back together. This is the only place in years where I have given this type of information.

    +3 Votes
  • Ro
      Aug 09, 2017

    @clemplum Does not surprise me.

    +4 Votes
  • Di
      Nov 30, 2017

    I totally agree! It would not allow me to submit the form without clicking YES for allowing them all freedom from any lawsuit if anything goes wrong. I HATE this. I also hate that they require you to put in your Medicare card number. This is the same as your social security number. So anyone could hack this & take my identity!

    +5 Votes
  • Ha
      Dec 13, 2017
    Best Best Advice

    This is something that the Dr's office should deal with. You may be going in every two weeks for a shot or something and you need to go through the stupid website every single time and it is a huge WASTE of time. If all Dr's rely on this garbage nonsense then heaven help us

    +6 Votes
  • Fr
      Jul 14, 2019

    It is longer than any medical history form I’ve ever encountered, and the agreement is completely one sided. I would be surprised if any lawyer would advise signing it. Someone above calls it extortionate, which sounds right since it implies that if you want the procedure, even if minor, it won’t happen unless you comply. I intend to discuss with my doctor and will ask that this information be deleted afterword. These agreements are getting out of control and are overreaching in the extreme. Invites government intervention to protect patient rights.

    +2 Votes
  • Ku
      Sep 06, 2019

    I got a robocall, purporting to be from the medical office where my physician worked.
    I was instructed to proceed to OneMedicalPassport and provide all my info.
    When I called my medical office to inquire about this demand, they knew nothing about it.
    Evidently, either OneMedicalPassport is a total scam, or else it has been hacked,
    and is now a puppet of some evil agency.
    Either way, I will never participate in this nonsense.

    0 Votes

Post your comment