The Register® — Biting the hand that feeds IT

Feeds

In Google We Trust: Health docs depo now open to Americans

Body goes beta, soul effort still in alpha

By Cade Metz, 20th May 2008
  • print
  • alert

Ensure Ease of Recovery with Asigra’s Agentless Software

At long last, Google has asked for America's medical records.

This morning, during a dog-and-pony show at Google headquarters in Mountain View, California, senior vice president/company poster child Marissa Mayer officially took the wraps off Google Health - a long-awaited/long-dreaded service for storing and sharing your personal health records.

"Google Health is our product that takes our users medical records and brings them online, where users can see them and control them and put them to good use in getting better health care," Mayer told a room full of reporters. "And I'm happy to say today that it's no longer just talk. We actually have a product."

Which means Google just released another beta.

If you're comfortable giving Google your health records - and you're in the States - you can do so at www.google.com/health. In some cases, you can import your records automatically - straight from medical institutions, pharmacies, and other health outfits already partnering with Google, including the Beth Israel Deaconess Medical Center, the Cleveland Clinic, Quest Diagnostics, and Longs Drugs Stores.

And once your records are imported, you can do stuff with them. If a woman named Diana gets sinusitis, for instance, she can ask Google to recommend medications, and Google will even go so far as to tell her which medications she might be allergic to.

Diana can also export records to various third-parties. She can send them to them to the American Heart Association, for instance, to assess her risk of a heart attack. Google has also released a Google Health API, giving any third party the power to develop such tools.

Naturally, Google insists that your records will not be shared with anyone you don't want them shared with. "Google Health cares about privacy and puts it into the control of each user," said Roni Zeiger, the Stanford-educated doctor who serves as Google Health product manager. "The user decides who should have access to the records and can revoke access at anytime. We will not sell any end user's data, and we will not share it with anyone unless [the user] specifically asks."

It should be noted, however, that you must share all or nothing. You can't share mere portions of your records - though Ziegler said that Google will explore "a more granular approach" in the future.

It's also worth noting that once you import your records to Google Health, they are not protected by the US Health Insurance Portability and Accountability Act (HIPAA). In other words, the laws that guard your records while they're still in the hands of doctors do not apply once you give them to Larry and Sergey. As John Halamka, chief information officer of the Harvard Medical School, told us "The bottom line is: You have to put your trust in Google."

Google says it has no intention of serving ads based on your medical data. And though it may ship your Health data to other Google services, Ziegler told us that the company will always alert users before doing so. At the moment, if you import your records to Google Health, the company may add your doctors to your Gmail contact list.

But the big concern is that Google is already storing up to two years of your search history. It may be storing your email as well. If you upload your medical records, all this is linked together. Google may say it won't misuse all that data. But what happens when a subpoena arrives? Or a national security letter? Or a hack?

When we asked Ziegler these questions, he pointed out that the use of Google Health is entirely voluntary. "I don't want anyone using the service," he said, "unless they're completely comfortable using it."

So the choice is yours. You can share your medical history with Google. Or not. ®

Cloud based data management

COMMENTS

House Rules Send Corrections
All Reader Comments (21)
Latest Comments
Headstar

@ Vernon Lloyd

>> Of course your medical information is not shared within the medical profession whatsoever.......NOT! <<

Medical professionals, here in the US, are are required under HIPAA to not disclose PHI (Patient Health Information) to anyone that is not required to know. There are strict penalties for those who disregard this requirement.

>>Someone out there knows or has access to more personal information about you that you know yourself.<<

In the states, everyone have the right to request one copy of their own medical record per year at no charge. If you need more than one copy within that year, you are only obligated to pay for the cost associated with producting those records for you.

IT angle: If a user, lets say a medical professional, by sheer stupidity, emails an associate about your health status and uses any identifiable information that could be traced back to you, the BOFH of the outfit is required to place a retention hold on that email for at least 10 years.

All in all though, giving Google your PHI is not a very good idea as you essentially give up your rights under HIPAA for good.

0
0
The Wanderer

@AC 20th May 17:01 GMT and @Chris C

@AC:

Probably not, tho' at least they're making a clear (if inexcusable) moral judgment, instead of trying to hide their profit motive behind PR weasel words. And they can still back up their claims of expertise.

@Chris C.

Oh, dear, what was I _THINKING_?!?!? Ooops, there I go again. I wonder how long I've got until the Thought Police drag me off to the Ministry of Love and the Dreaded Room 101, which will probably be full of Google PR flacks trying to sell me things.

Sigh.

0
0
Sean O'Connor

I knew it would be in the EULA

From Google Healths EULA

=====

9. Changes to this Agreement

Google may change this agreement and will post the modified agreement at https://www.google.com/health/html/terms.html. If you do not agree to the modified agreement, you should stop using Google Health. Your continued use of Google Health after the date the modified agreement is posted will constitute your acceptance of the modified agreement.

=====

The typical we can change this agreement at anytime, its your responsibility to keep checking the page, we wont inform you directly...

Section 11, warranty, of course absolves them of any wrong doing...

But of more interest is Section 13 that states in any LEGAL disagreement, you agree to ONLY challenge them in their home County, Santa Clara, California.

0
0

More from The Register

SCO vs. IBM battle resumes over ownership of Unix
Zombie lawsuit back and wants to suck the brains out of Linux
115
breaking news
Jailed LulzSec hacker Cleary coughs to child porn images, will be freed soon
Some images of infants as young as six months
68
breaking news
Ecuador: All right, Julian, you CAN stay on our sofa - it's your human right
Minister and Wikileaker share cosy chat in tiny London flat
65
Google flings another £1m at online child sex abuse vid CRACKDOWN
See, see, we're trying, ad giant tells Daily Mail UK.gov
41
breaking news
NSA PRISM-gate: Relax, GCHQ spooks 'keep us safe', says Cameron
Whatever they are up to, it's all above board, we're told
90
breaking news
BBC lied to Parliament about doomed £100m IT monster, thunder MPs
Axed DMI ballooned and burst while watchdogs sang Kumbaya
50
NSA whistleblower to tech firms, Obama: 'Grow a pair!'
Ed Snowden: Email tracking grabs 'IPs, raw data, content, headers, attachments, everything'
63
PRISM snitch claims NSA hacked Chinese targets since 2009
Snowden suddenly looks safer in Hong Kong after revelations
33
breaking news
US chief spook: Look, we only want to spy on 6.66 BEELLLION of you
Americans assured they are not in the NSA's sights
68
Not just telcos, THOUSANDS of companies share data with US spies
It's all perfectly legal, trust us
68