Search
Subscribe

Bookmark and Share

About this Blog

As enterprise supply chains and consumer demand chains have beome globalized, they continue to inefficiently share information “one-up/one-down”. Profound "bullwhip effects" in the chains cause managers to scramble with inventory shortages and consumers attempting to understand product recalls, especially food safety recalls. Add to this the increasing usage of personal mobile devices by managers and consumers seeking real-time information about products, materials and ingredient sources. The popularity of mobile devices with consumers is inexorably tugging at enterprise IT departments to shifting to apps and services. But both consumer and enterprise data is a proprietary asset that must be selectively shared to be efficiently shared.

About Steve Holcombe

Unless otherwise noted, all content on this company blog site is authored by Steve Holcombe as President & CEO of Pardalis, Inc. More profile information: View Steve Holcombe's profile on LinkedIn

Follow @WholeChainCom™ at each of its online locations:

« US Patent 5,418,957: Network data dictionary (Narayan) | Main | US Patent 5,764,973: System for generating structured query language statements and integrating legacy systems (enterWorks.com) »
Thursday
May222008

Personal Health Records, Data Portability and the Continuing Privacy Paradigm

Google began offering online personal health records (PHRs) to the public this last Monday. So earlier this week I clicked over to Google Health and signed up for an account.

I was offered the choice of conveniently entering in my medical profile (e.g., age, sex, blood type, allergies, test results, immunizations, etc.). Or, though it was a moot point, I could also upload any medical information of mine that might already be held by Beth Israel Deaconess Medical Center, Cleveland Clinic, Longs Drug Stores, Medco, CVS Caremark, Quest Diagnostics, RxAmerica, or Walgreens Pharmacy.

And then I did not fill out any of my medical profile information.

I did not because while it looks like a beautiful information garden that Google is offering, it’s nonetheless a garden that has been charted within a continuing privacy paradigm that unnecessarily allocates more power into the hands of the garden's gatekeeper (i.e., Google) than to the actual gardeners themselves (like you and me).

The privacy paradigm in this instance is not perpetuated by the Congressional Health Insurance Portability and Accountability Act, but by Google’s Health Terms of Service …

“If you create, transmit, or display health or other information while using Google Health, you may provide only information that you own or have the right to use. When you provide your information through Google Health, you give Google a license to use and distribute it in connection with Google Health and other Google services. However, Google may only use health information you provide as permitted by the Google Health Privacy Policy, your Sharing Authorization, and applicable law. Google is not a "covered entity" under the Health Insurance Portability and Accountability Act of 1996 and the regulations promulgated thereunder ("HIPAA"). As a result, HIPAA does not apply to the transmission of health information by Google to any third party.”

Now, don’t get me wrong. Google Health is a worthy service by the standards of the prevailing privacy paradigm. There are going to be a number of people who will choose to enter in their medical information.

Notwithstanding, Google Health indeed represents the predominant privacy paradigm of data possession by online companies at a time when the momentum is beginning to shift toward a 'data ownership' paradigm - see Dataportability, Traceability and Data Ownership - for truly empowering information owners and producers with technological possession of their own information.

Furthermore, it is difficult for me to imagine Google convincingly claiming the moral high ground for PHRs when I read about U.S. Senators, in a Congressional hearing held the day after Google Health was made public, pressing executives from Yahoo, Google, and Cisco Systems “to justify their business practices in China and other Internet-censoring countries”. See Senators weigh new laws over China online censorship.

An article in The New England Journal of Medicine was recently published entitled Personally Controlled Online Health Data — The Next Big Thing in Medical Care?

“Most physicians in the United States have paper medical records — the sort that doctors have kept for generations. A minority have electronic records that provide, at a minimum, tools for writing progress notes and prescriptions, ordering laboratory and imaging tests, and viewing test results .... Yet electronic health data are poised for an online transformation that is being catalyzed by Dossia (a nonprofit consortium of major employers), Google Health, Microsoft HealthVault, and other Web services that are seeking expanded roles in the $2.1 trillion U.S. health care system.” [emphasis added]

If you choose not to gain access to the full text of this article by subscribing to The New England Journal of Medicine, see Internet Health Records: Convenience at a Cost? by Joanne Silberner on the National Public Radio website (which is available in both text and a 4m 36sec audio).

Silberner does a professional job but it seems like once you have read (or listened) to one of these articles about PHRs, you have pretty much read them all. What she familiarly relates is that despite the involvement of Dossia, Google Health, and Microsoft HealthVault, creating and maintaining a full health record may be a job for the compulsive and, on top of that, medical records experts are worried about privacy.

Holding that thought ...

... let’s pause for a moment to jump from the world of PHRs over to current events vis-à-vis data portability within social networking. Michael Arrington blogs a very neat summary in Data Portability – It’s The New Walled Garden at TechCrunch.

"A huge battle is underway between Google, MySpace and Facebook around control of user profiles and, therefore, users themselves …. Internet giants know that the days of getting you to spend all of your time inside their walled gardens are over. So the next best thing is to at least maintain as much data about the user as possible, and make sure they identify with your brand while they are out there not being on your site …. The companies with the profiles (mostly MySpace and Facebook) know this. And they know that to keep users happy, and to stop them from entering in all that friend data into other sites, they need to make their data at least somewhat portable. Not too portable, mind you. That means they’d lose control. But just portable enough …. [emphasis added]

 Arrington further states ...

Google is a little different. They don’t have a social networking presence in the U.S., so they are trying to get in the middle between the guys with the profiles (like Facebook) and the sites that want the data. Their Friend Connect product does just that, and makes them an important data middle man. That position can later be leveraged intensely. In fact, in many ways Google can become the most important social network without actually having a social network." [emphasis added]

In other words, Google's Friend Connect provides it with an opportunity to place MySpace and Facebook within a Google ‘picture frame’ from the perspective of internet users. And that picture frame is the opening to a walled garden of data – yours and mine. Whomever controls the entrance to the garden controls ... well, you get the picture, right?

And, coming back to the world of PHRs, it takes no imagination to conclude that Google might do the same with Google Health. That is, Google Health as 'a picture frame' for Microsoft HealthVault, Dossia, etc.

But for all these machinations inside of Silicon Valley the question still goes begging ...

  • Is there to be a critical mass of internet users who will actually put their medical profile online under the current privacy paradigm?

Speaking only for myself, the answer is ‘no’.

PrintView Printer Friendly Version

EmailEmail Article to Friend

References (14)

References allow you to track sources for this article, as well as articles that were written in response to this article.

Reader Comments (1)

Regarding Google: it's the statement "... you give Google a license to use and distribute it in connection with Google Health and other Google services" that troubles me the most.

June 10, 2008 | Unregistered CommenterDennis McDonald

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>