Microsoft Health Vault
Microsoft recently launched Health Vault promises benefits in healthcare information storage and sharing online but raises concerns on privacy of this information. Health Vault is Microsoft’s “new personal health platform that lets you gather, store, and share health information online.” Service users need a Windows Live ID (previously . NET Passport) to use the service. Once users create both a sufficiently safe username and a strong password, they can enter data from health and wellness devices, or upload documents to their vault. Users can then share this information with other Windows Live ID users, such as doctors and health care professionals.
Google also has a similar website entitled Google Health that is similar to Microsoft’s consumer oriented approach to health information. While Google’s service will probably not be introduced until 2008, both companies’ focus on this field is a result of current trends. In 2007, 52 percent of adults in the
Consolidating healthcare information online can offer many benefits to a patient as well as the doctors. Online storage reduces the risk of data loss and enables access to data regardless of where the patient resides. However, giving patients full control of their health records may mean that patients can selectively disclose healthcare information.
On the other hand, both Google and Microsoft are entering this industry to generate advertisement or software sale revenues, which creates privacy concerns. The Health Insurance Portability and Accountability Act (HIPAA) of 1996 governs the security of personal health information. While Microsoft is aware that HIPAA may apply to it, it is not yet aware of extent of that HIPAA applies to Health Vault.
Microsoft’s Health Vault privacy statement addresses some privacy concerns while it does not specifically address HIPAA regulations. First, the privacy statement asserts that third parties, such as companies Microsoft hires to answer customer service questions, have access to personal information such as IP addresses and email addresses. However, Microsoft also states that these third party companies are required to maintain confidentiality. Second, Microsoft states that this information “may be stored and processed in the