In a previous post, I set out to review Microsoft’s new health-related Web services, including its new online medical-record system, HealthVault. Plans went awry, however, when it took close to two hours simply to register for the service, so I decided to review the medical-records system in this post.
Microsoft clearly has grand plans for HealthVault, the main page of which you can see by clicking the thumbnail at left. Not only has it beaten rival Google to market with its offering (see our previous coverage here and here), it has lined up partners ranging from the American Heart Association to the Mayo Clinic and several other hospitals to a number of online health sites that have all agreed to support the Microsoft service and to make it easy to transfer at least some medical data into patients’ HealthVault account.
This is a fine idea, so far as it goes — which, so far, unfortunately isn’t very far. While all this will undoubtedly evolve over time, for now what’s most surprising about the HealthVault service is how little there is there. What is there is a real mess — a disjointed, confusing service that for now is mostly likely of limited use to the vast majority of patients. (For a screen shot of a classically incomprehensible page, click on the thumbnail at left.) And that’s setting aside perennial questions such as privacy and security, which are obviously going to loom large for many people.
Taking HealthVault at face value, there are two basic problems — one implementational, the other conceptual. The implementation issues are most obvious, starting with the fact that once you finally sign up for a HealthVault account, there simply isn’t much you can do with it at this point. You can add personal details to your profile and upload documents — what sort of documents isn’t at all clear, although there’s an intimidating “code of conduct” to read before you do anything — and set who you’d like to share your information with (presumably family and your doctor or doctors). Beyond that, the only clear suggestion your HealthVault account itself makes is to sign up for a service offered by MaxEmail that will let your doctor fax information directly into your HealthVault account, at a cost of $9/year for up to 100 pages.
There’s no sign, however, of Microsoft’s much-touted partners until you leave your account and return to the public HealthVault page, where you can visit just over a half-dozen sites that can transfer medical information such as blood pressure, blood-glucose values and the like to your personal HealthVault record. (Of course, you have to log in to HealthVault again each time you visit one of these sites.) The one I checked out in detail, the AHA’s Blood-Pressure Management Center, is every bit as confusing as HealthVault itself, since after you enter your profile — again — there’s very little indication as to how you’re supposed to get the data or where it’s going to go.
These are early days, of course, and over time I assume Microsoft and its partners will iron out a lot of these implementation issues — although my quick once-over of the service suggests that this territory is probably trickier to navigate than many people might have previously assumed. (This might also be one reason Google’s health guru, Adam Bosworth, bailed from the company a few weeks ago under less-than-clear circumstances. For an interesting, albeit conspiracy-tinged, take on that, see here.) Putting together an entire infrastructure that supports personal health records is a staggering undertaking — one that might well be beyond the resources of even a company as large as Microsoft.
All of which also leads us straight into the major conceptual question here, which is exactly what good a personal medical record is actually going to be. Ultimately, of course, the vision is for individuals to control every detail of their medical history at their fingertips so they can share it with any doctor or health organization they choose. Setting aside the enormous question of what it takes to get there from here, the big issue this vision raises is whether giving individuals “control” over their records — which is really shorthand for the ability to add, delete or change information — might undermine their usefulness in a significant way. In other words, there’s a downside to the electronic medical-records issue that, so far, virtually no one outside a small coterie of academics has even really begun to address.
I can’t claim to have delved deeply into the subject myself, but I was first tipped to the issue by Graham Walker, a third-year Stanford medical student who blogs at Over My Med Body!. Nearly two months ago, Walker wrote an impassioned post arguing that patients shouldn’t have the ability to cherry-pick and edit their own records if the resulting information is to be at all useful to doctors.
Walker offers several examples that gave me pause. For instance, what about patients who delete or restrict access to their sexually-transmitted disease status? Or those who simply don’t update their records very often? Are patient-controlled records intended to supplement or supplant those maintained by medical institutions? Of course, his questions originate from a doctor-centered perspective, but it’s still one worth pondering as the likes of Microsoft, Google and their ilk start us hurtling down the path to patient-centered medical records.
Tags: co:microsoft, electronic-medical-records, healthvault15 Comments
-
Graham said:
I signed up for it too–and there’s nothing there! What a bogus launch.
-
OPHRAH said:
Two kinds of comments from the people I talk to: Positive and Negative
1. Healthvault is a big joke — a company like Microsoft should not rush out with a product or service in such poor quality. It is half baked and not really usable at this time.
The feeling for this announcement is only for Microsoft marketing purpose and show the immaturity and weakness of Microsoft plan in dealing with consumer healthcare issue.
2. Healthvault brought a great vision — whatever you see in this beta release is the beginning of a grand vision. It is a great leadership play by Microsoft to bring in many software and hardware companies together to serve the goal: consumer empowerment. With the resource (including talent) that Microsoft possesses and gaining idea from public comments, they are going to create another great opportunity in healthcare domain. -
David P. Hamilton said:
Ophrah, that certainly covers the waterfront :-). I’m inclined more toward option #1, as I’m not sure exactly how great the vision here is. Mostly that’s because I’m not entirely convinced that the personal health record is likely to be particularly useful in the first place, especially if individuals get to cherry-pick what information appears in it. That’ll make it more of a vanity health record that no medical professional is likely to trust.
-
OPHRAH said:
David,
Your point is well taken.
The information stored in PHR will be lack of quality and professionalism as it is recorded and responsible by a lay people.However, the more push to have individual to take self-care responsibility (both instruction from doctors and legal responsibility of providing accurate info to communicate with doctors), the better the data quality will be.
Specially, those data captured daily by the medical devices are going to be putted into record (e.g. blood pressure, etc.)
I believe on day those data will be useful in quality and in quantity.
-
David P. Hamilton said:
That’s a fair point, Ophrah. I’d just point out that sufficiently motivated patients — diabetics, for instance — can already record regular vital-sign readings such as blood-glucose levels electronically and then email them to their doctor. Moving from that to a system where such readings are centrally stored seems to me an evolutionary rather than revolutionary concept, and doesn’t yet seem to justify the sort of transformational rhetoric that’s often bandied about with respect to personal health records.
-
David P. Hamilton said:
On a separate note, I just came across this interesting post questioning the privacy protections in Microsoft’s HealthVault. Check it out here.
-
Ford said:
With regard to your question about the document types it accepts, see here: http://support.microsoft.com/kb/942860
-
David P. Hamilton said:
Thanks, Ford. Now if I could just figure out what sort of content we might want to upload to HealthVault in the first place….
-
Ford said:
David,
Exactly. When I realized it was just a way to store and share Word documents, I lost interest. Being able to upload and update documents with some semantic value (e.g., a file using ASTM’s CCR standard) would be much more useful.
-
Greg Starr MD said:
The question of whether Microsoft will protect your privacy if you were to have your records if they were to be put on the MS medical chart. The answer is that there are a lot of easier ways to get to get to confidential medical records than bothering to attempting to work on what might be referred to as a secured database. Medical information is only as safe as the people that use it, and there are numerous ways to have a very clear idea as to who is using the database.
Look at the billions of dollar, yen or euros that pass through computers every day and not even pennies are lost. Is medical information is any different than financial information in regard to sensitivity of the information? I think not. Even if the site were only relatively safe people who handle this information see so much of this data they don’t bother to take notes to what the information actually says unless they are floridly sociopathic and dumb as a post. Its a bit like people who handle money in the mint or at banks. These employees are more concerned about how heavy the money is rather than the dollar amount in the bag. Even if they did get some information, what would they do about it? Maybe sell this information to a lawyer or blackmailer. Who would be interested?
Let’s say a blackmailer wants to ply his/her trade to a person with herpes genitalis. The blackmailer would have a lot of problems. If a person had herpes it is more than likely that release of this information would be significant enough to bother with. With a little bit of thought most would agree, random episodes of unknown people would not produce the kind of motivation that would jepordize a person’s security.
Now a targeted individual is a slightly different variation. If someone is concerned about a person enough to invertigate a person trying to take on the onerous task of hacking into a Medical database as a first activity on the agenda. What happened to breaking into clinic and bribing clinic staff, there would be a much better chance of a return. If people want your information and it is somewhere outside of your head others can get it if it means that much to them. Most likely is a best friend telling someone else. The database in itself is not the weakest point for getting information if it is desired.
Finally there is the danger of having someone abuse access to information by using the information in agregate. Lets take herpes genitalis and lets say that there is a drug that was discovered to be dangerous to patients that have taken it in the past 10 years. Here, of course, it could be any disease. Then he gets a printout of the names and telephone numbers of those in the affected group. The database is not set up for this purpose. It isn’t like googling a person with very special criteria. If it isn’t indexed in a way to retreive this information. If such an clandestine effort were to be attempted, it would take a conspiracy of insiders to acheive such a feat. Once one had gotten raw information what can the do with it. Wouldn’t it be much easier just to run a commercial on television asking the same question. There are alway newspapers or magazines that have reduce the readership into a pretargeted demographic group. There are a great many benefit to the publicity approach not the least of which are simple feasibily and cost.
Finally the whole privacy issue dissappears if the databank chose to use images of the chart rather than text itself. Yes, it maybe all we can do is fax a copy of the chart to a databank rather than have actual text in predictible places. If those that are creating such a product would be true to their stated purpose, the fax, appended file approach is probably all that they need and all that they can do anyway.
GCSMD
-
David P. Hamilton said:
Greg, thanks for your comment. Unfortunately, I don’t think it’s all that useful to think about security from the perspective of trying to work out the motivations of would-be intruders. For starters, there are almost an infinite number of such motivations, so you can spend an endless amount of time on this exercise.
It also just seems mostly beside the point to me. If my medical privacy is breached, I don’t really care if it was a software bug, a human error at Microsoft, a court order (justified or not) or something else entirely. A decent security system will ensure that breaches simply don’t happen. (Lauren Weinstein has some additional thoughts on how you might ensure that here and here.)
In any event, one of the best ways to ensure something like HealthVault is as secure as possible is to make Microsoft (or Google, or whoever) strictly liable for any breaches. That’s where your banking analogy really works for me — one reason electronic banking works so well is that the banks know they’re on the hook for any financial losses that result, so they make damn sure that nothing goes wrong. (It’s also why they’re currently so lax about your privacy, because they mostly aren’t liable for breaches there.) I don’t know enough about HIPAA to know if it’s the right vehicle to ensure security-consciousness on the part of vendors, but it seems clear to me that assigning liability properly is going to be a big part of making these systems reliable and secure.
-
Greg Starr MD said:
David, thank you for your comment. I agree on strict liability. I goes without saying that encryption strategies are enough to keep the the data secure. I still believe that if some wanted some information on **you** there would be plenty of easier ways to get **your** information, and the person looking would know that it was you. For example when I goggled your name I get 84 pages of pages that are said to be a reasonable matches. I checked the lower ranked listings and there still are David Hamilton’s throughout the search. I didn’t count the number of individuals that make up this list they were too numerous to mention. When I add the “P.” there are only 20 pages, but the search really breaks down after 10 pages. Again the list is clearly the same person.
Here is another way of looking at it. Looking at Google (and I’m not selling Google, just a concept), can you find yourself, how do you know it is you? Then how much information can you get about you? Not much and when you’re looking at a search engine every word is indexed. If one is searching for not a name but a code number, and as such the code number is the only fact that a search can see where are you going to look next?
If you have been to the hospital possibly 20 people(O.K. maybe 15) have access to your record and they know the information refers to you. These are people in your community, people that you know, people that you might be friends with, people who maybe don’t like you. All of these people are potential security leaks. I could go on and on. Its not as if these records are lying around. Let’s say I gave you a stack of 1000 take returns, what would you do with it? There isn’t even enough information to allow for identity theft. Let’s say you come across a John Kennedy, a Gerald Ford or others. What would you be able to do with it. Did you know there is a neuroscientist named George Bush?
The idea of centralizing and getting significant information used for other purposes. This is a Herculean jump which would have many, many hurdles. There’s fact that that you are hiring the company to do it. Lets say a court subpoena of information, it would be safer in a data base than in your doctor’s office. There are violation of privacy issues that have upheld for years and many tests of its scope. A database should be private, like a Swiss bank account. If you insurance company wants the information, you don’t have it (game set and match).
This database would be a far cry from what your insurance companies and all affiliated companies have on you right know. Unless you opt out every year this happens. Where was the outrage when that little gem of invasion happened along? I would personally worry more about this information than I worry about a data bank.
These are my ideas and and they are in long entries to protect the casual reader from all these opinions. The only reason I bother is that in my own personal experience such a database would save a lot of lives. My only concern is that the information will be under utilized like most most medical information that already exists in 5 volume records for the people who need the information the most.
Accountability is extremely important and represent one of many layer of protection that is available which all can be applied toward my and your protection. Each subscriber could only sign a contract that is very much slanted to your privacy. Can you imagine a group suit for breach of contract? Boy would some lawyer be anxious to get his/her teeth into that one. Right now it pretty much looks like any data bank will be marketing to a non-market. Fine.
So its time has not come yet, and possibly it never will.Then again, if your privacy bothers you can always use an alias; try Dennis Anderson or Carlos Santana. There is no provision that says that you have to use you legal name. Aliases, I use them, they are great.
-
Kevin said:
With online personal health records we can all take part in protecting our families and our own health. The first step any person can take is by creating a digital health record , this does two important things first it reduces medical errors and second reduces costs so that duplication of services are less likely. It also puts the patient/ consumer in more control of his information which is a powerful tool. A good example of this which is currently free to the public is http://www.medicalrecords247.com. It potentially could save millions of dollars if the public would just take responsibility for there own health, and it starts with the medical record.
-
notgiven said:
just another invasion of privacy to be used to deny you a job or insurance…and no it will not be secure
-
Toni said:
Today is March 7, 2008. Almost one year ago today, I began assembling copies of my medical history. I’m 56 years old. I’d read there can be errors in them, or notes added to them by physicians or nurses and others which I’d never know about unless I had copies to read, and that as we become a more mobile society it would be prudent to have the copies to take with us. I found out what to do, what forms to submit, etc. and set about getting them. I fax’d most requests which was very efficient and mailed some — I heard back in one form or another from every source. It’s what I heard back from some that got to thinking others need to get copies, too, and more sooner than later. I had a complete hysterectomy in 1981, had my gall bladder out in 1979, and spinal fusion in 2000. All of those records are gone — kapoot, shredded, dumped in dumpsters, you name it. Somewhere along the line some stupid person or persons have allowed healthcare providers to destroy patient records at some point and under some circumstances. Mostly the healthcare people see it as 7 years and then bye-bye years and years of health history. The 3 most important and impactive health situations in my entire life and there are not records of them. Only one doctor kept over 30 years of records on me — mainly 1) because he believed in going to microfiche records storage, and 2) I was a continual patient with no breaks in my care with him. He’s passed away recently but the same practice is keeping them. Doesn’t matter now, really, because I have copies of everything that still existed. I’m thinking of using one of these services that are beginning to show up more and more — but I may just scan them and make a CD backup copy. I’m sure there will be breaches to security — seems a common thing with any data storage these days. OH! I saw a psychiatrist a few years ago — I contacted them, too, and learned that shrinks don’t give out medical histories even with patient permissions. For some reason, that was honestly reassuring. What I’m not in support of is anyone storing my records online though. I found a number of very interesting personal comments written in the margins of my records. One doc thought I was pretty, another thought I was crazy! LOL! These little anecdotes will be missed in an electronic record…
10 Trackbacks
2:28 pm
VentureBeat » Microsoft launches HealthVault to manage your health search and medical records — but it will hurt a bit said:
[...] UPDATED: See below. Also, this is now part one of a two-part post; for the second part, which actually reviews the HealthVault service, click here. [...]
2:32 pm
VentureBeat » Microsoft’s HealthVault lets you manage your health records — badly said:
[...] His full, first-take review on the service is here. [...]
4:02 pm
Xbox » Microsoft’s HealthVault puts your medical records online and in … said:
[...] Miguel de Icaza (miguel@gnome.org) wrote an interesting post today onHere’s a quick excerptIn a previous post, I set out to review Microsoft’s new health-related Web services, including its new online medical-record system, HealthVault. Plans went awry, however, when it took close to two hours simply to register for the … [...]
10:42 pm
» Your personal health: Redmonds vault for health information » business|bytes|genes|molecules said:
[...] to write about Microsoft’s announcement of HealthVault. After seeing David Hamilton’s underwhelming review, I almost didn’t bother, but you knew that wasn’t going to happen. There are some who [...]
1:20 pm
VentureBeat » Does Microsoft’s HealthVault really protect your privacy? said:
[...] launched its much-ballyhooed HealthVault medical-records system for individuals (see my review here), it made such a fetish of security protections that it virtually rendered the service unusable. My [...]
7:05 am
VentureBeat » How secure is the vault at HealthVault? said:
[...] HealthVault medical-records system for individuals (see David Hamilton’s original review here), it made a big deal about the built-in security measures. Indeed, they rendered the service [...]
4:47 pm
VentureBeat » Medsphere hires new CEO, a “reinvention” that could boost electronic medical records said:
[...] health records” touted by the likes of Microsoft and Google these days (see my reviews here and here), which allow individuals to add — and presumably delete or change — medical [...]
2:47 pm
Microsoft HealthVault Beats GoogleHealth To Launch « HIPPOCRATech said:
[...] can read more about what others are saying about HealthVault: Venturebeat, NYT, [...]
4:19 pm
VentureBeat » Google Health launching soon? said:
[...] HealthVault (see our coverage here and here) promised much the same thing — minus the doctor directory and personalized advice, at least [...]
11:12 am
Life sciences briefing: Monday, Feb. 25, 2008 » VentureBeat said:
[...] must make use of Microsoft’s HealthVault platform, which we’ve written about here and here as a decidedly mixed bag of technologies and Web applications. Three million bucks sounds like a [...]