Tara Parker-Pope has an article on the privacy implications of big companies like Microsoft and Google entering the medical records storage business. We have discussed this issue before, stressing the importance of patients needing convenient access to all of their medical records.
Parker-Pope, however, discusses a potential downside to this development: a loss of privacy for patients. Violations of medical privacy have been in the news lately. See, for instance, UCLA Medical Centers’ employees’ violations of the privacy of several well-known patients. If data is stored in Web-based systems by the same companies that track users’ online activities, what kind of privacy can patients expect? These concerns become even more pressing when you consider that HIPAA–the law that guards patient privacy–did not anticipate and most likely will not apply to these proposed personalized Web-based systems. As Parker-Pope comments:
Even more surprising is the response of Peter Neupert, the vice president in charge of Microsoft’s health group, who resisted the suggestion of extending Hipaa to newcomers like Microsoft and Google.
This resistance is predictable but disturbing, to say the least. Privacy should be a huge concern for both creators and users of these systems, and customers should insist on Google and Microsoft addressing these issues.