Slashdot Mirror


Microsoft Working On Health Information 'Vault' System

josmar52789 wrote with an article from the New York Times, discussing Microsoft's new push into the consumer health care market. The plan is to offer personal health care records online via a system called HealthVault. Numerous big names in the medical field have signed up for the service, including the 'American Heart Association, Johnson & Johnson LifeScan, NewYork-Presbyterian Hospital, the Mayo Clinic and MedStar Health'. The ultimate purpose of the service is to provide an online accessible but highly secure service to patients and medical facilities: "The personal information, Microsoft said, will be stored in a secure, encrypted database. Its privacy controls are set entirely by the individual, including what information goes in and who gets to see it. The HealthVault searches are conducted anonymously and will not be linked to any personal information in a HealthVault personal health record. Microsoft does not expect most individuals to type in much of their own health information into the Web-based record. Instead, the company hopes that individuals will give doctors, clinics and hospitals permission to directly send into their HealthVault record information like medicines prescribed or, say, test results showing blood pressure and cholesterol levels. "

1 of 314 comments (clear)

  1. Re:Oh yeah, triple secure. by Em+Adespoton · · Score: 5, Insightful

    This sounds like a horrible idea to me from other standpoints too:

    1) Medical professionals never like patients to have full access to their records, as if a patient misunderstands something on their file, their life could be at stake based on the decisions they make.

    2) The US has this thing called the PATRIOT act, and MS has agreements with some agencies allowing back-door access to data they host. Let's just say that I highly doubt this information will be protected from people working for US "security" agencies.

    3) The system appears to be designed so that MS can sell aggregated data to drug companies and insurance companies. Seems to me though that even with aggregated data, you could reverse-mine it to have a reasonable suspicion regarding individuals (you'd know trends, which would help in searching for more specific details)

    Anyway, the whole thing could be really useful if used correctly, but there are so many ways it could be misused even if the system doesn't have a major security breach that I for one would never use it.