Comparison of Microsoft and Google PHRs

This posting is an assignment from my ongoing Informatics, the Internet and Future of Patient Care class.

Google Health and Microsoft HealthVault are Personal Health Record (PHR) services that allow people to store and organize their health records online. The following is a description and comparison of each service.

Creating an online medical record

Google and Microsoft allow a user to create their own online medical record and enter personal information. Basic personal information such as age, gender, medications, illnesses etc must be entered. Microsoft account creation differs in that it stipulates that the user’s data will reside in (software and services) located in the USA. While this may be true for Google, it is not explicitly stated. Secondly, when creating an account in the Microsoft PHR. the user does not have to disclose their gender and online videos are available to demonstrate ease of use.

Both services also allow medical records to be imported and partner with 3rd party companies that provide medical record import services. For example, retrieving a medical record from a hospital, converting it into the format required by Google or Microsoft and importing the data into the user’s medical record. A user can also upload files, for example scanned medical records, into their online medical record.

Both services require a username and password to sign-in, the same username/password combination can be used to access other Microsoft or Google services. Microsoft also provides support for a few openid providers  pip.verisignlabs.com, openid.trustbearer.com, myopenid.com and myvidoop.com.

Share an online medical record

Google and Microsoft allow the user to share their online medical record with a doctor, caregiver or family member. A patient can share their online medical record with a physician in order to provide up-to-date medical information to their physician or in case the patient is travelling and needs to share medical information with a new physician. An online medical record can be shared with another family member in case of emergency when the patient is unable to share their medical history themselves. Microsoft differs from Google in this feature, since Microsoft provides richer access controls or who can access a person’s online medical record.

Software engineering Application Program Interfaces (APIs)

Google and Microsoft offer interfaces for 3rd party companies to create software products that interface with the Google or Microsoft online health record service. For example, companies that convert paper medical records to online format, write a software interface that allows their software product to interface with the Google or Microsoft product.

Google Health API

The Google health API allows another software product to create new medical records that my contain CCR data or read data from an online medical record. Google Health API is available in Java, .net, php and python programming languages. Samples are here, developer guide and sample CCR.

Microsoft HealthVault API

The Microsoft API is more comprehensive than Google’s. There is an SDK (Software Development Kit) for creating software applications and DDK (Device Development Kit) for creating devices. An entire section of the MSDN (Microsoft Developer Network) is dedicated to HealthVault.  Unlike Google Health which is multi-platform, the Microsoft SDK is available on Windows platforms only and only supports the .NET programming language. Microsoft and Google allow third party applications to create a Continuity of Care Record (CCR); Microsoft’s guide and Google’s.

Privacy

Privacy concerns would hinder many users from using online Personal Health Record services. What are the concerns? That the online health record service could be hacked, data stolen and the health records used for nefarious purposes such as:

  1. Embarrassing users who have personal health details disclosed, such as STDs. or weight problems.
  2. Selling medical records to prospective employers who could screen candidates based on private medical data.
  3. Defrauding health insurance companies or medicaid by submitting false claims under a different name.
  4. That large companies like Google and Microsoft would collect user information for their own data-mining or statistical purposes.

HIPAA

HIPAA is a federal law that regulates doctors and health insurance companies, to ensure that patient information is kept private and secure. Microsoft and Google not hold designated record sets as defined under the U.S. Health Insurance Portability and Accountability Act of 1996 and the regulations promulgated thereunder (HIPAA), nor medical records as defined under state law.

If personal medical records are now controlled by the patient and stored in computer servers operated by Google or Microsoft, how can the user be comforted to know that their medical records are safe and secure from prying eyes? Standard HIPAA law does not apply to a PHR service from Google or Microsoft, as neither entity provides patient care. (The HIPAA law was written years before online PHRs became pervasive and should be revised to avoid confusion).

HIPAA aside, what about privacy of patient records?

Google and Microsoft inform users know what information is collected when users use the respective PHR services. Standard web surfing rules apply such as the use of cookies to track and personalize the user experience. These cookies do not collect and distribute personal health information. Neither entity sells or distributes user information without explicit acknowledgement from the user first; both companies may disclose health information if required by law – example a subpoena by a court. All fair and well but databases, software and servers must be maintained by Google and Microsoft employees. This begs the question: Can information be seen or used internally by a Google or Microsoft database administrator, software engineer or employee in a similar role?   Google’s response from their privacy policy:

Employees in particular job functions may have access to patient information without patient authorization as reasonably necessary to carry out duties relating to treatment, reimbursement, or health care operations, such as to communicate about health benefit plans or to recommend alternative treatments or therapies.

A limited number of employees in particular job functions may have access to user information in order to operate and improve Google Health. Users consent to this limited internal use when they sign up for Google Health.

Both Microsoft and Google stipulate that user deleted data will still be available in backups for up to 90 days.

Microsoft privacy controls are similar to Google, how Microsoft’s access controls are more granular. With the Microsoft PHR, roles can be created that provide, View-only access (time-limited access), View-and-modify access (time-limited access) and Custodian access (no time limit). (Access becomes active only when the recipient accepts the invitation). Custodian access is the highest level of access. A custodian of a health record can:Read the record, Change the record, Delete the record, Grant to others any level of access to the record, including custodian access, Revoke the access of anyone to a record, including other custodians, and including the custodian who granted them custodian access in the first place.

Microsoft has a developer security policy, as does Google. Microsoft further stipulates that HealthVault servers undergoes extensive security, penetration and testing by “white hat hackers”. Furthermore, HealthVault servers are located in controlled facilities in physically separate locked cabinets, HealthVault traffic in our data centers runs on a virtually separate network, all health information transmitted between HealthVault servers and program providers’ systems is encrypted and HealthVault data is encrypted upon backup. Google does not explicitly state that the same measures are in place.

My assessment – Online PHRs and the future patient care

Privacy and security: Realistically, I am not concerned about a data breach and possible sale of a medical record to defraud medicaid or an insurance company. The possibility and technology has existed for decades for these crimes to occur. Personal health data today is stored in online databases at hospitals, clinics and insurance companies. While this may be disconcerting to new users of a Google or Microsoft PHR, it is in essence no different from data stored by other services. For example, information in your bank, investment and credit card accounts is viewable by employees at the respective financial institution. Secondly, medical data stored in databases at insurance companies, medicaid and hospital/clinic EHRs can be viewed by employees with appropriate access. Most accounts of data theft come from employees breaking with company protocol and copying data to laptops or detachable disk-drives which are subsequently stolen from parked cars or homes. This site tracks such incidents, note how many incidents there are of stolen laptops (lots!)…. Try find one incident of a database breach???

User entered data: A physician or healthcare provider who is presented with medical records entered by a user might ask him or herself, “how can I trust this data to be accurate?” A legitimate question-  would an obese patient enter lower weight, might a diabetic patient enter lower blood sugar? In order to make data in a user PHR reliable and trustworthy, that data should be flagged as “user entered”, “entered by physician”, “imported from existing medical record”. A physician would then be able to make a clinical decision based on the data provided.

Benefits of an online PHR:

  1. Medical records are coalesced from a variety of sources into one comprehensive record. This is useful since electronic exchange of medical records between providers is a long-way-off.
  2. Patients have direct access, control and view to their medical record.
  3. Users can control medical records on behalf of others such as an ill-parent or minor child.
  4. Patients can grant access to care providers of their medical record, for example when traveling beyond the realm of their current medical provider, and the patient visits a new physician, that physician can see the entire patient medical history.

The future: I think online medical records are here to stay and a force to be reckoned with. Medical care providers must become comfortable with the data entered into PHRs; users must become comfortable with PHR providers such as Microsoft and Google that their personal medical history will be safe and secure. American’s fear of the power of large companies and government to spy on common citizens, probably harkens to the fear of big brother.

Advertisements

5 thoughts on “Comparison of Microsoft and Google PHRs

  1. Jonathan, great post! I did want to make one clarification about HealthVault. Our .NET SDK is one option we make available, but we’ve worked hard to make sure that developers on any platform can build apps for HealthVault. The whole API is available as an XML-over-HTTP interface (documented at http://msdn.microsoft.com/en-us/healthvault/cc297280.aspx), and there are open source libraries available for Java, PHP, Python, Ruby and others. In fact, almost half of the apps built for HV today are not running on the Windows platform!

    Thanks again for taking the time to put together a comprehensive assessment … it is early days for these platforms and it’s great for people to be able to get a sense of what’s “under the covers”.

    Take care …
    —S

    • Sean
      Thanks for taking the time to read this, and for connecting in the blogosphere as well as our joint efforts in NHIN-Direct.
      I will update the post to reflect the other API alternatives
      Jonathan

  2. Pingback: Back in the saddle, galloping to secure electronic health data. « The HealthITBlog

  3. nice comparison of the PHRs. It will come in handy for classes in health informatics. I am in a class now and one of the assignments is to compare personal health record solutions using an inventory matrix. PHRs are so different even trying to select the features to compare is almost impossible. The next difficulty is trying to get the information to compare. You did a good job.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s