In an article in The New England Journal of Medicine, two leading researchers warn that the entry of big companies like Microsoft and Google into the field of personal health records could drastically alter the practice of clinical research and raise new challenges to the privacy of patient records.
….But their concern, stated in the article published Wednesday and in an interview, is that the medical profession and policy makers have not begun to grapple with the implications of companies like Microsoft and Google becoming the hosts for vast stores of patient information.
The issue is this:
Microsoft and Google, the authors note, are not bound by the privacy restrictions of the Health Insurance Portability and Accountability Act, or Hipaa, the main law that regulates personal data handling and patient privacy. Hipaa, enacted in 1996, did not anticipate Web-based health records systems like the ones Microsoft and Google now offer.
The authors say that consumer control of personal data under the new, unregulated Web systems could open the door to all kinds of marketing and false advertising from parties eager for valuable patient information.
Microsoft responds saying it’s wary of government regulation. Google is not quoted as responding. I wonder what its response is to this issue?