The notion that Google will conduct their health service with “the same privacy, security, and integrity users have come to expect in all our services” causes me some pause. Google currently tracks my search queries in order to place advertising, scans the content of incoming Gmail messages for similar monetization, and, given their vast suite of products and services linked by a common Google Account, has the ability to create detailed dossiers on users online activities. I hope they treat my personal medical data with greater “privacy, security, and integrity” than how they track and monetize my general search activities and e-mail messages.
Google also states “We won’t sell or share your data without your explicit permission.” This is troubling to me as it signals the possibility exists that Google will want to sell or share my data with third parties. We need to learn more about what Google is contemplating here: What plans exist to sell or share my medical data if I do give explicit permission? How will my data be used, and by whom? How will my permission be granted? Will I know who is using the data and how? Can I decide I want to share it with certain parties and not others?
A bit more information as been made available via the press. This Cnet article notes that:
and won’t put ads on the site, but rather hopes to drive traffic to partner sites where there will be ads. In addition, Web searches will not be used to provide services or information to users of Google Health, Google representatives said.”
This provides a bit more clarity, but I still hope to be able to sit down with Google’s people to discuss these issues in more detail, much in the way Microsoft has made itself available on its HealthVault product.
(As an aside, I’m also tracking various conversations and debates over the extent to which HIPAA applies to these platforms – I hope to assemble my thoughts on that soon)