June 25 (Bloomberg) -- Microsoft Corp., Google Inc., and dozens of organizations promoting consumer adoption of electronic personal health records agreed for the first time on a comprehensive set of privacy protections.

An 18-month effort by health insurers, Web portals, doctors, hospitals and nonprofit groups produced a framework that will spur growth in the use of personal health records, improving the U.S. health system, they said today in a statement. The negotiations were orchestrated by the Markle Foundation, a New York-based nonprofit group that focuses on uses for information technology.

The framework ends a ``privacy logjam,'' that has inhibited use of electronic records, thought to be able to cut duplication, costs and errors, the groups said. The push for consumer- controlled data parallels U.S. government efforts to promote adoption of electronic medical records by health care providers, an initiative yet to win over most doctors because of costs.

The policies ``will enable the market for information to grow while giving consumers control of personal information and protecting their privacy,'' said Markle President Zoe Baird, a former Aetna Inc. general counsel, in a conference call with reporters. ``It gives new entrants to the market practices to follow without having to figure it out for themselves.''

Access to a patient's personal health record can help doctors and pharmacists know what drugs have been prescribed by other physicians, for example, helping avoid new prescriptions that could cause dangerous interactions. A new doctor could know what tests have already been given.

Audit Trails

The framework includes audit trails so consumers can see who is looking at their records and prevents insurers, employers and others from demanding to see the information. The policies are distinct from federal privacy requirements that already cover the exchange of that data among medical providers and insurers.

``Nobody until today has really fleshed out in detail what a workable privacy framework would look like,'' said James X. Dempsey of the Center for Democracy and Technology, a Washington- based group that promotes privacy and free expression on the Internet. ``It's just a remarkable accomplishment.''

The framework would be enforced by existing federal and state consumer protection laws based on regular oversight by private, independent groups, the foundation said.

The plan was endorsed by health insurers, organizations representing physicians and consumers, electronic prescription benefit managers, government agencies, Google, Microsoft, Cisco Systems Inc., WebMD Health Corp., Intuit Inc. and Dossia, a group of large employers that advocates creating personal health records.

Little Change

``It's a terrific achievement,'' said Steve Findlay, an official of the consumer group Consumers Union who worked on the agreement. ``It's going to enhance the trust of consumers in this area significantly over the next few years.''

In the conference call, Microsoft, WebMD, Intuit and Dossia said the new policies wouldn't require much change in their existing practices. Google, the popular search engine company that opened a Web site last month for storing personal health records, was the only one to acknowledge the framework will change the way it manages files stored on its servers.

``When we work with third parties that may access data under consumers' control, we'll make sure they inform us of any breach they could have,'' said Google Vice President Alfred Spector. ``We have to make sure there is a cascading level of responsibility.''

The program will provide consumers a ``consistency of expectation,'' Spector said. ``It's a good thing.''

To contact the reporter on this story: Avram Goldstein in Washington at agoldstein1@bloomberg.net.

Last Updated: June 25, 2008 16:46 EDT