Feeds

Google eyes Cleveland medical records

World Privacy Forum howls

3 Big data security analytics techniques

Google's efforts to engulf the world's medical records will begin in Cleveland.

Today, the search engine cum world power announced a joint project with the Cleveland Clinic, an 87-year-old not-for-profit medical center, that will see between 1,500 and 10,000 of the center's patients entrust their personal records to Larry Page and Sergey Brin.

Yes, between 1,500 and 10,000. Presumably, Google and the Cleveland Clinic anticipate that a few thousand patients will ultimately decide this idea is way too creepy.

In any event, the project marks the debut of a long-awaited/long-dreaded online health service from the Mountain View, California web giant. Google has previously said that this store-your-medical-records offering would be available to the general public sometime in 2008.

Similar services are already available from arch-rival Microsoft and a startup known as Revolution Health, backed by AOL co-founder Steve Case.

Google bills its password-protected service as "a new kind of healthcare experience that puts the patient in charge of his or her own health information." The Cleveland Clinic already stores patient records on an in-house database, and it will soon give a chosen few the opportunity to move their records onto Google's servers, including information regarding medical conditions, allergies, and prescriptions.

Naturally, this will allow these patients to quickly access their Cleveland Clinic records whenever they spy an internet connection. But Google envisions a time when its service allows any brave soul to shuttle records to and from multiple doctors, pharmacies, and other healthcare providers.

Yes, many will be reluctant to share their records with a company that already stores their search histories and indexes their email. But patient privacy would be an issue even if Google was a piddly startup.

It just so happens that yesterday, as word of Google's Cleveland Clinic partnership spilled forth from The Associated Press, the World Privacy Forum released a report (PDF) explaining that health records hosters like Google aren't covered by the US Health Insurance Portability and Accountability Act (HIPAA).

In other words, the laws that govern what doctors can do with a patient's medical records wouldn't apply to Larry Page and Sergey Brin. "Because of the structure of HIPAA, its privacy protections do not generally follow a health record," the report says. "The basic idea is that if a health care provider (hospital, physician, pharmacist, etc.) or a health plan maintains a health record, the record is protected under HIPAA. However, if a person of business is not a covered entity under HIPAA holds the records, then HIPAA does not apply."

When we asked Google to discuss its health service, it said: "We'll get back to you." ®

High performance access to file storage

More from The Register

next story
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Whoever you vote for, Google gets in
Report uncovers giant octopus squid of lobbying influence
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.