This posting is an assignment from my ongoing Informatics, the Internet and Future of Patient Care class.
Google Health and Microsoft HealthVault are Personal Health Record (PHR) services that allow people to store and organize their health records online. The following is a description and comparison of each service.
Creating an online medical record
Google and Microsoft allow a user to create their own online medical record and enter personal information. Basic personal information such as age, gender, medications, illnesses etc must be entered. Microsoft account creation differs in that it stipulates that the user’s data will reside in (software and services) located in the USA. While this may be true for Google, it is not explicitly stated. Secondly, when creating an account in the Microsoft PHR. the user does not have to disclose their gender and online videos are available to demonstrate ease of use.
Both services also allow medical records to be imported and partner with 3rd party companies that provide medical record import services. For example, retrieving a medical record from a hospital, converting it into the format required by Google or Microsoft and importing the data into the user’s medical record. A user can also upload files, for example scanned medical records, into their online medical record.
Both services require a username and password to sign-in, the same username/password combination can be used to access other Microsoft or Google services. Microsoft also provides support for a few openid providers pip.verisignlabs.com, openid.trustbearer.com, myopenid.com and myvidoop.com.
Share an online medical record
Google and Microsoft allow the user to share their online medical record with a doctor, caregiver or family member. A patient can share their online medical record with a physician in order to provide up-to-date medical information to their physician or in case the patient is travelling and needs to share medical information with a new physician. An online medical record can be shared with another family member in case of emergency when the patient is unable to share their medical history themselves. Microsoft differs from Google in this feature, since Microsoft provides richer access controls or who can access a person’s online medical record.
Software engineering Application Program Interfaces (APIs)
Google and Microsoft offer interfaces for 3rd party companies to create software products that interface with the Google or Microsoft online health record service. For example, companies that convert paper medical records to online format, write a software interface that allows their software product to interface with the Google or Microsoft product.
Google Health API
The Google health API allows another software product to create new medical records that my contain CCR data or read data from an online medical record. Google Health API is available in Java, .net, php and python programming languages. Samples are here, developer guide and sample CCR.
Microsoft HealthVault API
The Microsoft API is more comprehensive than Google’s. There is an SDK (Software Development Kit) for creating software applications and DDK (Device Development Kit) for creating devices. An entire section of the MSDN (Microsoft Developer Network) is dedicated to HealthVault. Unlike Google Health which is multi-platform, the Microsoft SDK is available on Windows platforms only and only supports the .NET programming language. Microsoft and Google allow third party applications to create a Continuity of Care Record (CCR); Microsoft’s guide and Google’s.
Privacy concerns would hinder many users from using online Personal Health Record services. What are the concerns? That the online health record service could be hacked, data stolen and the health records used for nefarious purposes such as:
- Embarrassing users who have personal health details disclosed, such as STDs. or weight problems.
- Selling medical records to prospective employers who could screen candidates based on private medical data.
- Defrauding health insurance companies or medicaid by submitting false claims under a different name.
- That large companies like Google and Microsoft would collect user information for their own data-mining or statistical purposes.
HIPAA is a federal law that regulates doctors and health insurance companies, to ensure that patient information is kept private and secure. Microsoft and Google not hold designated record sets as defined under the U.S. Health Insurance Portability and Accountability Act of 1996 and the regulations promulgated thereunder (HIPAA), nor medical records as defined under state law.
If personal medical records are now controlled by the patient and stored in computer servers operated by Google or Microsoft, how can the user be comforted to know that their medical records are safe and secure from prying eyes? Standard HIPAA law does not apply to a PHR service from Google or Microsoft, as neither entity provides patient care. (The HIPAA law was written years before online PHRs became pervasive and should be revised to avoid confusion).
HIPAA aside, what about privacy of patient records?
Employees in particular job functions may have access to patient information without patient authorization as reasonably necessary to carry out duties relating to treatment, reimbursement, or health care operations, such as to communicate about health benefit plans or to recommend alternative treatments or therapies.
A limited number of employees in particular job functions may have access to user information in order to operate and improve Google Health. Users consent to this limited internal use when they sign up for Google Health.
Both Microsoft and Google stipulate that user deleted data will still be available in backups for up to 90 days.
Microsoft privacy controls are similar to Google, how Microsoft’s access controls are more granular. With the Microsoft PHR, roles can be created that provide, View-only access (time-limited access), View-and-modify access (time-limited access) and Custodian access (no time limit). (Access becomes active only when the recipient accepts the invitation). Custodian access is the highest level of access. A custodian of a health record can:Read the record, Change the record, Delete the record, Grant to others any level of access to the record, including custodian access, Revoke the access of anyone to a record, including other custodians, and including the custodian who granted them custodian access in the first place.
Microsoft has a developer security policy, as does Google. Microsoft further stipulates that HealthVault servers undergoes extensive security, penetration and testing by “white hat hackers”. Furthermore, HealthVault servers are located in controlled facilities in physically separate locked cabinets, HealthVault traffic in our data centers runs on a virtually separate network, all health information transmitted between HealthVault servers and program providers’ systems is encrypted and HealthVault data is encrypted upon backup. Google does not explicitly state that the same measures are in place.
My assessment – Online PHRs and the future patient care
Privacy and security: Realistically, I am not concerned about a data breach and possible sale of a medical record to defraud medicaid or an insurance company. The possibility and technology has existed for decades for these crimes to occur. Personal health data today is stored in online databases at hospitals, clinics and insurance companies. While this may be disconcerting to new users of a Google or Microsoft PHR, it is in essence no different from data stored by other services. For example, information in your bank, investment and credit card accounts is viewable by employees at the respective financial institution. Secondly, medical data stored in databases at insurance companies, medicaid and hospital/clinic EHRs can be viewed by employees with appropriate access. Most accounts of data theft come from employees breaking with company protocol and copying data to laptops or detachable disk-drives which are subsequently stolen from parked cars or homes. This site tracks such incidents, note how many incidents there are of stolen laptops (lots!)…. Try find one incident of a database breach???
User entered data: A physician or healthcare provider who is presented with medical records entered by a user might ask him or herself, “how can I trust this data to be accurate?” A legitimate question- would an obese patient enter lower weight, might a diabetic patient enter lower blood sugar? In order to make data in a user PHR reliable and trustworthy, that data should be flagged as “user entered”, “entered by physician”, “imported from existing medical record”. A physician would then be able to make a clinical decision based on the data provided.
Benefits of an online PHR:
- Medical records are coalesced from a variety of sources into one comprehensive record. This is useful since electronic exchange of medical records between providers is a long-way-off.
- Patients have direct access, control and view to their medical record.
- Users can control medical records on behalf of others such as an ill-parent or minor child.
- Patients can grant access to care providers of their medical record, for example when traveling beyond the realm of their current medical provider, and the patient visits a new physician, that physician can see the entire patient medical history.
The future: I think online medical records are here to stay and a force to be reckoned with. Medical care providers must become comfortable with the data entered into PHRs; users must become comfortable with PHR providers such as Microsoft and Google that their personal medical history will be safe and secure. American’s fear of the power of large companies and government to spy on common citizens, probably harkens to the fear of big brother.