Google Wants to Know More About You

Addition below (8am).

There are a number of articles I wanted to point to this morning, but also have limited time. From time to time, over the past few years, Google has made the headlines for their long-term storage of people’s searches. Most search parameter’s I could care less if they saved, but other’s may be misconstrued if some rightiest-SS-type had the notion to check into me. So, I’m a little more than discouraged to read this morning that Google is venturing into storing our health records.

Google Inc. will begin storing the medical records of a few thousand people as it tests a long-awaited health service that’s likely to raise more concerns about the volume of sensitive information entrusted to the Internet search leader.

The pilot project to be announced Thursday will involve 1,500 to 10,000 patients at the Cleveland Clinic who volunteered to an electronic transfer of their personal health records so they can be retrieved through Google’s new service, which won’t be open to the general public.

Each health profile, including information about prescriptions, allergies and medical histories, will be protected by a password that’s also required to use other Google services such as e-mail and personalized search tools.

Now, a reasonable person would first consider the hackability (is that even a word yet?) of such a service. Not that Google isn’t a responsible company, but any company is open to being hacked.

The electronic health record systems that automate the digitized medical histories of U.S. patients are severely at risk of being hacked, a new report has claimed. A fix requires better collaboration between CIOs and vendors.

The warning comes from the eHealth Vulnerability Reporting Program (eHVRP), a collaborative of health care industry practitioners and technology providers. It was formed last year to assess the security of the nation’s electronic health records.

“There was not one system we could not penetrate and gain control of data,” said eHVRP board member Daniel S. Nutkis. “These systems were not any worse than banking systems. But the banking systems have elaborate security mechanisms sitting on top of them.”

If you remember, Google collects and stores your searches. And after a lot of outrage was expressed, they conceded that they would only save your searches for 18-24 months, which says to me that they know too much about you already.

But, the basic idea of storing your medical records is about safety of those same records, and records stored by third-party companies are not required to adhere to HIPPA rules.

The third-party services are troublesome because they aren’t covered by the Health Insurance Portability and Accountability Act, or HIPAA, said Pam Dixon, executive director of the World Privacy Forum, which just issued a cautionary report on the topic.

Passed in 1996, HIPAA established strict standards that classify medical information as a privileged communication between a doctor and patient. Among other things, the law requires a doctor to notify a patient when subpoenaed for a medical record.

That means a patient who agrees to transfer medical records to an external health service run by Google or Microsoft could be unwittingly making it easier for the government or some other legal adversary to obtain the information, Dixon said.

In short, if you are asked to move your medical records to a third-party company — Don’t. You would be giving up the very notion of privacy between you and your doctor.

Meanwhile, in other health-related news, SCOTUS has taken it upon themselves to shield medical device makers.

The Supreme Court yesterday protected the makers of medical devices that have passed the most rigorous federal review standards from lawsuits by consumers who allege that the devices caused them harm.

Except, those so-called rigorous standards aren’t so rigorous, and so far, I cannot find anything about about potentially suppressed medical data by the company during that so-called rigorous process, as we have seen recently with drug trials, having an impact on the pro-business standards in this opinion.