YOU ARE HERE: LAT HomeCollections

Shield for online medical data crafted

Microsoft and Google agree on guidelines to guard patients' privacy.

June 26, 2008|From the Associated Press

SAN FRANCISCO — Hoping to persuade more people to store their medical records online, Google Inc., Microsoft Corp. and a hodgepodge of healthcare providers and insurers have agreed on ground rules for protecting the privacy of the sensitive information.

The guidelines unveiled Wednesday are designed to reassure patients that they can enjoy the convenience of keeping their medical histories in online "filing cabinets" without worrying that outsiders will be able to peruse the data without their knowledge.

The privacy concerns have become more acute during the last eight months as both Google and Microsoft have introduced Internet storage services for personal health records, or PHRs.

By keeping their medical histories online, patients theoretically will have more control over the information and be able to share it more easily with a doctor if they switch practitioners or are referred to a specialist.

But the concept has been slow to take off. Just 6.1 million adults in the U.S. have electronic PHRs, according to estimates released Wednesday by the Markle Foundation.

"Consumer demand for [PHRs] and online health services will take off when consumers trust that personal information will be protected," said Zoe Baird, Markle's president.

Like other companies outside the traditional healthcare industry, neither Google nor Microsoft is subject to the Health Insurance Portability and Accountability Act, or HIPAA. The 12-year-old federal law strictly shields medical records from unwelcome eyes.

That loophole has caused some privacy watchdogs to warn patients that digitizing their health records could make it easier for the government, a legal adversary or a marketing concern to obtain their medical information.

The new "Connecting for Health" guidelines aim to give electronic PHRs at least the same level of protection already governing paper medical records. The rules also call for patients to be notified in a "timely way" if their medical information is released by mistake, computer hacking or other mischief.

The Markle Foundation, which has been focusing on ways to use technology to improve healthcare, cobbled together the guidelines during the last 18 months with help from more than 40 companies and trade groups with a stake in the outcome.

"This is really an exemplary framework for going forward in this area," said Steve Findlay, healthcare analyst for Consumers Union, publisher of Consumer Reports magazine.

Los Angeles Times Articles