Levy: Web Surfer, Heal Thyself

The Cleveland clinic, the renowned nonprofit medical center, has kept electronic records of its patients for some time. But despite the easy transport of everything digital, by and large those records have been as location-bound as the illegibly scrawled doctors' notes traditionally stored in manila folders. Then there are the records of Cleveland's patients documenting visits to their outside general practitioners. "We can't see them," says the Cleveland Clinic's chief information officer C. Martin Harris. To solve the problem—and point the way for a nationwide system whereby patients would control their own personal medical records—the clinic announced last week that it was participating in a pilot project with a company that's very used to moving and sharing data—Google. Patients can get their outside doctors to send information through Google that the clinic can merge to the existing files. And, more significantly, with the patients' OK, the clinic will export personal records to a special health section of Google, where it will become part of a consumer-controlled dossier, perhaps existing alongside that person's Gmail account, blog postings and purchase history of Google checkout.

The Cleveland program is the unofficial kickoff for a long-awaited project called Google Health, which will be open to everyone later this year. (Google will announce details soon.) This is only one of many programs to put electronic personal health records in the hands of consumers. Alliances such as Wal-Mart and Intel are setting up systems, and start-ups such as AOL founder Steve Case's Revolution Health are staking out their niches in the health-care infrastructure. But the most interesting new players are Google and its perpetual rival. Yes, Microsoft is already offering a beta version of a health-records service, boasting a relationship with the Mayo Clinic.

In one sense, an electronic personal health file—parceled out only with permission to necessary medical providers—seems like a no-brainer. "When doctors have all the information related to the patient, they make better decisions," says the Cleveland Clinic's Harris. "There's also a cost benefit—if doctors don't have the right information, they may (needlessly) repeat tests." But there are treacherous aspects as well. Personal health records contain our most intimate details—information that could affect landing a job, obtaining insurance and even one's social life ("You had what?"). A major hurdle toward implementing the plans will be privacy concerns.

Here's a big snag. Medical files in the care of health providers like doctors, pharmacies and hospitals enjoy legal protections specified by the Health Insurance Portability and Accountability Act (HIPAA). Covered files are strictly controlled, can't easily be subpoenaed, can't be exploited for profit and have to be stored securely. But Microsoft and Google aren't health-care providers. "When you move records from a doctor to a personal health record, your protection evaporates," says Robert Gellman, author of a World Privacy Forum study on the subject released last week. His conclusion was that such systems "can have significant negative consequences for the privacy of consumers." Marc Rotenberg, head of the Electronic Privacy Information Center, says that companies like Google and Microsoft should not start their services until Congress extends the HIPAA protections to cover such businesses.

Obviously, Google and Microsoft think otherwise, and both companies are taking considerable pains to address the privacy issues on their own. In Microsoft's case, the name of its service—Microsoft Vault—addresses the issue head-on. ("It wasn't an accident that we picked that," says product manager George Scriban.) In pitching its trustworthiness, Microsoft notes its history of protecting business-sensitive data. Google makes a similar point. "Google's whole business is based on privacy and trust," says Google VP Marissa Mayer, who heads the project. Both companies have detailed privacy policies drafted after consultations with experts in the field. (Though, like all such policies, these are subject to change.)

Will consumers have to worry that advertisers will be able to target them so vendors can sell treatments for ailments documented in their records? No, say the companies. Although beefed-up searching for medical issues is a big part of both services, personal files, at least as of now, won't be taken into account in search results.

Both firms also vow that the customers will have total control over their records—no releases without explicit permission. But the very existence of a detailed health dossier accessible in an instant can make control difficult. What if the government subpoenas the records? What if a potential insurer demands to see all the records, telling you that you can't get a policy if you don't provide them? What if your spouse—or even someone you're dating—demands to see all your records?

While the tech companies entering the medical-record business spend a lot of effort addressing privacy and security concerns, they much prefer to dwell on the benefits of empowering consumers with their own health files. "If you only talk about the risk of these plans, and not the benefit, you're having the wrong conversation," says Peter Neupert, head of Microsoft's health-solutions group. Fair enough—but underestimating the risk would be computational malpractice.