Computers, Privacy & the Constitution
-- BranwenBuckley - 27 Mar 2008

Search Me: Google and Microsoft's foray into medical records

As laid out in O'Harrow's book, recent years have led to a wide-scale incursion into what many American's would consider to be private zones of personal information. In part, this is due to a troubling lack of transparency in data collection and, in many cases, the inability of individuals to provide anything close to informed consent regarding the use of their information. Even more disturbingly, however, many American's are aware that their information is being mined and archived, and yet seem willing to trade their privacy for increased ease in their daily transactions, believing that, while others may have access to such information, it is unlikely to be used against them in any sort of negative way unless they are 'doing something wrong.'

Even these individuals seem likely to draw the line somewhere, at some sphere of privacy which must remain inviolate. While they may accept that their credit card histories are collected, in exchange for the ease which these cards provide, they would not, most likely, countenance video surveillance of their homes or unauthorized release of their voting records. Where exactly such individuals may draw the line may become an issue sooner rather than later, as both Microsoft and Google are in the process of developing programs which would allow individuals to collect and store all of their medical records on line As with previous forms of data collection, such programs are intended to provide individuals with a large degree of convenience, as well as significant potential improvements in the quality of service However, the involvement of deeply personal confidential medical files may very well strike many individuals as too much of an incursion on their personal autonomy and they may not be willing to make such a trade-off of privacy for convenience.

Both companies are still in the process of finalizing their plans for how such services would work. But, so far, some basic points seem settled. Both would allow individuals to release and consolidate their medical records from doctors, hospitals, labs, prescription drug plans, and other health care providers. Users may also be able to input information themselves and upload data from daily monitoring devices. Medical records would also be supplemented by pages including information on suggested treatments, drug interactions, reminders for prescription refills, specialized health search engines, and the like. In addition to the users, the information would also be available to authorized doctors and other health care providers. The information would be protected by a ID and password, although it is unclear if in either case these would be the same as used to grant access to the rest of the Google or Microsoft systems. Microsoft has indicated that it would also required a separate ID to access health information. Both companies also intend to make the services profitable through the use of accompanying advertisements. Microsoft has said that it will not tie such ads to specific content in individuals' medical records, however it is unclear if Google will do the same.

Having medical records consolidated and easily available in such a way would undoubtedly create substantial benefits for users. It would allow patients and doctors to bypass the lengthy and aggravating process of requesting medical records themselves, which, in turn, would allow for better tracking of medical conditions and swifter identification of dangerous changes or new symptoms. Moreover, it would allow patients themselves to have far greater access to their medical histories and a much more substantial ability to actively engage in the health care process themselves.

Despite these attendant benefits, though, the collection of such personal records on line raises significant and troubling privacy concerns. As with other forms of data collection, consumers are often unaware of the dangers posed to their privacy and disclosure is so inadequate that they are effectively incapable of giving any sort of true informed consent about the use of their information.

Also, as with any form of on line storage, there remain real concerns about the adequacy of technological protections. If such information were to become vulnerable to hackers, vital medical information could be altered and irrevocably compromised. Furthermore, such extremely sensitive data in the wrong hands could have devastating effects on people's lives, if suddenly a history of sexually transmitted disease or a genetic disposition towards an incurable debilitating disease were to become public knowledge.

On an even more fundamental level, people rightly have a reluctance to provide such personal information to these major corporations, which already control a vast amount of information about their users. This is particularly the case with Google, which already tracks and collects huge amounts of information about individuals' emails, chats, and search histories. If Google's collection and targeted use of this information were not troubling enough, it seems even more so when it can be attached to detailed histories of medical health, which may or may not be able to be erased at a later date.

In part, this is due to an instinctual hesitancy to trust such institutional with such a collection of sensitive data. However, it also stems from an uncertainty about who this data may become available to outside of Google and under what circumstances. Most users would be unhappy having sensitive medical information made available to marketing partners to facilitate targeting adversing. Even more worrying, is the idea that confidential information will become available to employers, insurers, or government officials. Generally, medical records are protected under HIPAA (Health Insurance Portability and Accountability Act), which makes these files privileged and requires doctors to notify a patient when a medical record is subpoenaed. HIPAA does not apply to third parties, however. So, in making these records available to Google or Microsoft, users may unknowingly be destroying the protections granted to these records and may it much easier for insurance companies, data collection firms, and the government to have access to them, potentially exposing the owners of these records to serious repercussions.

For all of these reasons, both users and legislators should be extremely careful in monitoring how these services develop. Most importantly, they should demand adequate disclosure, access protection, and the application of HIPAA protections to third parties such ad Google and Microsoft. They should also implement controls over how the information is used and marketed and limit access to it to anyone besides the users and the health care providers.

  • Branwen, you are fifty-three words over the maximum length here. I can't accept a draft that is overlength. There are no shortage of ways to get those words out here, and I need you to revise for that purpose, whatever else you do or don't do. Thanks.

  • This is a basic and competent summary of some issues surrounding the use of medical records aggregation services. It isn't clear, and you don't make clear, why any user would be better off storing their medical records at Microsoft than they would be with a copy on a removable memory device carried with them. Asking questions about the alternatives to centrally-stored and completely-disaggregated data would be a good idea.

  • Your conclusions--everybody should be careful, and HIPAA should be expanded in ways that weren't politically feasible when it was passed (largely as a result of lobbying activity by the very entities--insurers, pharma intermediaries, and drug companies--whose role in all of this you don't analyze)--are at once trite and unworkable. I think it would be useful to explain why what should happen won't happen.



Webs Webs

r3 - 23 Jan 2009 - 15:33:03 - IanSullivan
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM