Google to Begin Storing Patients' Health Records

mytrip writes with news that Google's health record archive is about to be tested with the assistance of the Cleveland Clinic. Thousands of patients (who must approve the transfer of information) will have access to everything from their medical histories to lab results through what Google considers a "logical extension" of their search engine. We discussed the planning of this system last year. "Each health profile, including information about prescriptions, allergies and medical histories, will be protected by a password that's also required to use other Google services such as e-mail and personalized search tools. The health venture also will provide more fodder for privacy watchdogs who believe Google already knows too much about the interests and habits of its users as its computers log their search requests and store their e-mail discussions. Prodded by the criticism, Google last year introduced a new system that purges people's search records after 18 months. In a show of its privacy commitment, Google also successfully rebuffed the U.S. Justice Department's demand to examine millions of its users' search requests in a court battle two years ago."

Double-edged sword

[calebt3]

On one hand, it would be convenient to have this archive available so that we can access our records without the hassle of dealing with the healthcare system. On the other side, all that data has only the strength of your password standing between it and the Black Market.

Re:Great...

[jerdenn]

Google isn't actually behind Microsoft, as Microsoft's implementation of healthvault is actually somewhat questionable. It's as if the company paid no attention to existing standards, and decided to implement a PHR system however they damn well pleased. CDA or CCD support? What's that? IHE standards?

If anything, Microsoft is ahead in the game of press releases, but certainly not in a functioning and useful Electronic Health Records system.

HIPAA compliance?

[palegray.net]

I have to wonder how Google is approaching the legal requirements for HIPAA compliance with respect to the storage and retrieval of healthcare information. Anyone got any pointers on this?

Re:Cleveland Clinic

[burner]

But I _do_ want online access to my health records. Does this mean my health provider must build and maintain a health record server onsite in order to provide me this? If I see multiple providers, do I have to carry around a list of URLs so they can share this data?

It only makes sense for a trusted third party (with technical expertise) to hold onto this data. Personally, I trust a government (state or federal) or non-profit program with community oversight to a for-profit corporation for this. Others may simply not want any digital health records, just like some folks don't want to have online access to their bank account.