Yup, that's right. Google wants your medical records.
On the surface, what does it really matter? Well, Google has a history of privacy issues, ranging from reading your gmail to keeping track of what websites you go to through the google search bar.
Now they want your health records.
Here's what they have to say:
1. Why is Google offering this product?
It’s what we do. Our corporate mission is to organize the world’s information and make it universally accessible and useful. Health information is very fragmented today, and we think we can help. Google believes the Internet can help users get access to their health information and help people make more empowered and informed health decisions. People already come to Google to search for health information, so we are a natural starting point. In addition, we have a lot of experience storing and managing large amounts of data and developing consumer products that offer a positive and simple user experience.
Well, that sounds nice and all, but making something 'universally accessible' generally makes it less secure. Does that strike anyone else as something odd?
Surely, Lance, they've thought of this and are going to make sure that no third parties get your information, right?
7. How does Google Health protect the privacy of my health information?
You should know two main things up front:
- We will never sell your personal health information or data
- We will not share your health data with individuals or third parties unless you explicitly tell us to do so or except in certain limited circumstances described in our privacy policy.
Wait... "except in certain limited circumstances described in our privacy policy." . . . Uh... WHAT?!
Let's look at the privacy policy, shall we?
Well, they'll share your information if you give consent. That's fine.
They'll share your information to their subsidiaries, affiliated companies or other such groups to process the information on their behalf. That's just ANOTHER person looking at my private information, but not wholly uncommon. That's fine.
Here's a sticker:
We have a good faith belief that access, use, preservation or disclosure of such information is reasonably necessary to (a) satisfy any applicable law, regulation, legal process or enforceable governmental request, (b) enforce applicable Terms of Service, including investigation of potential violations thereof, (c) detect, prevent, or otherwise address fraud, security or technical issues, or (d) protect against imminent harm to the rights, property or safety of Google, its users or the public as required or permitted by law.
Uh, why would my medical records be required for any sort of Terms of Service issues? Why would my medical records be required to protect the rights property or safety of Google? That smells of something VERY fishy to me.
Also, down at the bottom is a note saying that the Privacy Policy may change from time to time. They Claim that they will not reduce our rights to privacy, but as their email system has shown, what they say and what they do are often different.
Here, however, is the creepiest bit, to me:
8. Does the data I store in Google Health get used for other Google products, like Search?
Yes, we share information between Google products to enable joint fetaures. But no personal or medical information in your Google Health profile is used to customize your Google.com search results or used for advertising. For example, you could not search for your personal medical records on Google.com search.
Wait, so the private information that they say they'll keep private unless I give consent (or they randomly decide to use it, to be more accurate) is going to be shared between Google products to 'enable joint features' (note their typo). . . That should be a red flag in EVERYONE'S mind. Why do we get cranky at the government listening in to phone calls from known terrorists overseas when they call someone hiding in the United States, but have no apparent problem with Google wanting our medical information?
definitly a big issue in the Imformational Age, information becomes a commodity and in a world where everything is connected its hard to keep things personal,
but it is difficult at the same time because our health care system is extremely fragmented. its just hard to get everything in one spot and not have that one spot tainted with problems.
I'm glad I'm young and the worse medical problem I have is broken bones from falling down really hard off of things.
It is important to note that there is a big push starting for you to buy a computer with internet access, then use programs and save files wholly online.
It is being billed as 'safer' in terms of losing information if your computer dies.
I am HORRIDLY against this for any private information. If some hacker gets into their system, they now have access to all of your information.
but I think sometimes we are too paranoid about what information is that important, like for me if my medical history was an open book well that wouldn't be that bad, so people would know I had my wisdom teeth out and got stitches for a dog biting my face... I don't see the harm, they say insurance would be able to use this information unfairly , but its a two way sword, I'm healthy so I'd get a good deal were as people who are unhealthy would have to pay more. now thats of course me saying this as a healthy person were I really il'll I'd feel differently . but I dunno, I think sometimes we just need to be more open and let the world know who we are. if companies knew more about us then the commercials we watched would be better because they'd be better targeted, maybe I wouldn't have to watch so many ads for womens hygiene products.
In the world of identity theft, ANY information they can get from you is a way to steal your identity and destroy your credit.
Most people think that it isn't as widespread as it really is. These are people who haven't yet been victims of it.
Identity theft is bad, but if people dont have my credit card # or SS or the other secrety stuff, how much damage can they do knowing my adress and med records? I guess they could fake being me to get drugs or something, I dunno. but I agree that privacy is important with avoiding having someone run up 10 grand in lines of credit
*hacker looks up your medical records and sees that you have a prescription at Wallgreens*
hmm...
*calls wallgreens*
Yes my name is [your name] and I just picked up a prescription for [drug] about a week ago. My insurance company is saying that they never received any bill from you for that, can you tell me which insurance account you charged?
*clerk making maybe a couple bucks over minimum wage gives number*
Ok thanks.
*hacker calls insurance company*
Yes, hi, my name is [your name] and my account number is [your account number]. I've recently moved and I need you to change my address. My current address is [other address they steal mail from]. Could you also please send me a recent statement showing my charges this year? Thanks.
*one to two weeks later, you go to buy a car and your credit score is in the low 600's instead of 700, because you seem to have a loan out on an RV that you've never seen or knew about and because of 20 thousand dollars in credit card debt for credit cards that you didn't get.*
They call it social engineering and it happens ALOT.
It still cracks me up how overly paranoid people are about information online, yet they fail to realize the flaws in allowing a server to take their credit card to a place they cannot see or throwing out intact pieces of mail or paper that include credit card or bank account information. Everyone talks about not giving out your name or other "sensitive" information on the Internet, yet no one thinks twice about the database of thousands of names and phone numbers known as a "Phone Book." The same people that talk of identity theft are the same people that don't give a thought to using their social security number for identification or verification purposes or for applying for, well....anything.
Identity theft has existed for as long as identity has been used for corporate and governmental purposes.
It should also be noted that about a a third of identity theft is through the use of credit card information in general, primarily due to lost or stolen wallets and committed by people the victims know. In fact, Internet use does not correlate to identity theft aside from the 10% or so people falling for phishing scams and the like. In which case, it's as simple as raising awareness and teaching people to be more observant (or in Layman's terms, don't be stupid, Stupid).
Now, that doesn't say that what Google is doing isn't walking on glass when it comes to the boundaries of what is ethical and what isn't. However, they do have a good idea to actually centralize medical information. Think about it, wouldn't it be nice to only have one set of medical records that all your doctors can access, provided they have the right authorization? I don't know about you, but I've never had less than three doctors (primary, dental, and optical), and now that I'm of childbearing age, that number has only increased (add in the ob/gyn), and for each one (and any new ones...and the hospital), I get to repeat the process of filling out medical history, family medical history, insurance, etc. Now, you could say that that's merely a necessary inconvenience, but that time adds up and the repercussions of missing something somewhere can be anywhere from frustrating to costly to deadly, especially if you have a laundry list of medical conditions (be they allergies or chronic illnesses) and having to repeat said process half a dozen times or more only compounds the risks that you'll miss something. After all, we are only human.
The issue that I see, though, is that Google is going about it the wrong way. I agree that such information is privileged even if only for reasons of discrimination. To have something like that on the Internet isn't a wise idea to say the least. However, having a sort of "medical internet," in much the same way the military has a private network, not only would be feasible, but could potentially solve a lot of issues regarding misinformation.
I am treated as evil by people who claim that they are being oppressed because they are not allowed to force me to practice what they do. ~D. Dale Gulledge
The problem with putting information in one spot, concentrating it, is that you make it more desirable for someone to hack into.
Indeed, but that's why I mentioned a separate network, like what the military has.
I am treated as evil by people who claim that they are being oppressed because they are not allowed to force me to practice what they do. ~D. Dale Gulledge
It is possible, but there are always ways in, I'm afraid. When one can't get into the computer system, that's when social engineering takes over.
I do like the RF implant things, though I think they should have a password associated with them that a person carries in their wallet, in case of an emergency. (that way someone can't wander around with something that reads the RF tags and snipe the information.
Mythbusters proved that the RF tags don't explode under a Cat Scan or an MRI, as some urban legends suggest.
I'm afraid I don't know enough about the technology to know if they are updateable, so that as you have procedures or whatever done, you can update the tag with the new information.
Then each person would have it with them.
They seem pretty cavalier about the importance of medical privacy. I think most of the points I wanted to bring up have been hit in the comments, but I have a related anecdote to tell.
My boss' garage was broken into a couple of years ago. This garage has eight bicycles, tons of expensive power tools, etc. It also had a filing cabinet (because they had just moved to the house and hadn't moved the cabinet into the house yet. The ONLY thing stolen from the garage was a few file folders. My boss put a hold on all their accounts and got new social security numbers for the whole family. Apparently, when one reports identity theft, eighteen months is the standard watch period for credit cards. Exactly eighteen months and two weeks after the theft, my boss started seeing bogus charges on her credit card account, and new cards had been issued to a different address. The thieves know what they're doing. They are organized.
You really can't be too careful.
http://www.progressiveu.org/blog/ediblewoman
They are both organized and international.
While most local identity theft is by people who know or have met, much of is is also from breakins and muggings.
Online, most of it comes from places like Russia and Nigeria.