Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

Google Health offers an interface that allows users to build comprehensive health profiles, including information on conditions, medications, allergies, and procedures. The information may be typed in directly, chosen from drop-down menus, or uploaded from participating providers. The drop-down menus contain mind-numbing lists of conditions, from Aarskog syndrome to Zollinger-Ellison syndrome. And each menu item points patients toward information that can help them manage their health. The link beside diabetes, for instance, takes users to a page featuring lists of symptoms, treatments, and complications, search results from Google Scholar, news items, and illustrations. HealthVault’s welcome page looks more like an interface for online banking, but like Google Health, HealthVault lets users link to third-party applications.

Since they deal with sensitive personal data, however, both HealthVault and Google Health raise significant privacy concerns. Such services are not covered by the Health Insurance Portability and Accountability Act, or HIPAA, under which hospitals, doctors, and third-party payers typically cannot release information without a patient’s consent. Google and Microsoft do promise not to share personal health data without consumers’ permission: “We make a very clear promise to consumers about what we will and won’t do with their data, and we’re happy to be accountable for those claims,” says Peter Neupert, corporate vice president of the Health Solutions Group at Microsoft. But those promises are not backed by law.

Privacy experts are particularly worried about the release of data to vendors of third-party applications. If a drug company offers a medication reminder, and patients opt in, giving the company information about their drug-­taking routines, can that information later be used for marketing? There’s a risk of personal data “leaking out through these applications,” says Kenneth Mandl of Children’s Hospital in Boston, who cochaired the Harvard Medical School Meetings on Personally Controlled Health Record Infrastructure in 2006 and 2007. (Google and Microsoft say that vendors will have to disclose how they intend to use consumer data.) What’s more, many vendors offering advice on medications and treatments could have conflicts of interest–and their advice might not be sound in any case. There’s “really no oversight,” says Mandl. He argues that some combination of regulation and certification of third-party vendors is needed.

The privacy issues aren’t insurmountable. Microsoft and Google could be brought under HIPAA’s umbrella, or new rules could be enacted that give consumers stronger protection–and greater legal recourse if their records are leaked or improperly sold. But it needs to be recognized that medical information–histories of mental illness, paternity tests, genetic information–can be far more sensitive than browsing histories or even financial records. While Google and Microsoft promise to put users in control, they are also inserting themselves between patients and their most intimate data. Until their legal responsibilities to patients are clarified, only a very trusting soul would sign on with the new platforms, however appealing they may be.

Amanda Schaffer is a science and medical columnist for Slate and a frequent contributor to the New York Times.

2 comments. Share your thoughts »

Tagged: Web, Google, Microsoft, software, social networking, personal health, online medical advice

Reprints and Permissions | Send feedback to the editor

Amanda Schaffer Guest Contributor

View Profile »

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me