Here is another way of looking at it. Looking at Google (and I’m not selling Google, just a concept), can you find yourself, how do you know it is you? Then how much information can you get about you? Not much and when you’re looking at a search engine every word is indexed. If one is searching for not a name but a code number, and as such the code number is the only fact that a search can see where are you going to look next?

If you have been to the hospital possibly 20 people(O.K. maybe 15) have access to your record and they know the information refers to you. These are people in your community, people that you know, people that you might be friends with, people who maybe don’t like you. All of these people are potential security leaks. I could go on and on. Its not as if these records are lying around. Let’s say I gave you a stack of 1000 take returns, what would you do with it? There isn’t even enough information to allow for identity theft. Let’s say you come across a John Kennedy, a Gerald Ford or others. What would you be able to do with it. Did you know there is a neuroscientist named George Bush?

The idea of centralizing and getting significant information used for other purposes. This is a Herculean jump which would have many, many hurdles. There’s fact that that you are hiring the company to do it. Lets say a court subpoena of information, it would be safer in a data base than in your doctor’s office. There are violation of privacy issues that have upheld for years and many tests of its scope. A database should be private, like a Swiss bank account. If you insurance company wants the information, you don’t have it (game set and match).

This database would be a far cry from what your insurance companies and all affiliated companies have on you right know. Unless you opt out every year this happens. Where was the outrage when that little gem of invasion happened along? I would personally worry more about this information than I worry about a data bank.

These are my ideas and and they are in long entries to protect the casual reader from all these opinions. The only reason I bother is that in my own personal experience such a database would save a lot of lives. My only concern is that the information will be under utilized like most most medical information that already exists in 5 volume records for the people who need the information the most.

Accountability is extremely important and represent one of many layer of protection that is available which all can be applied toward my and your protection. Each subscriber could only sign a contract that is very much slanted to your privacy. Can you imagine a group suit for breach of contract? Boy would some lawyer be anxious to get his/her teeth into that one. Right now it pretty much looks like any data bank will be marketing to a non-market. Fine.
So its time has not come yet, and possibly it never will.

Then again, if your privacy bothers you can always use an alias; try Dennis Anderson or Carlos Santana. There is no provision that says that you have to use you legal name. Aliases, I use them, they are great.

It also just seems mostly beside the point to me. If my medical privacy is breached, I don’t really care if it was a software bug, a human error at Microsoft, a court order (justified or not) or something else entirely. A decent security system will ensure that breaches simply don’t happen. (Lauren Weinstein has some additional thoughts on how you might ensure that here and here.)

In any event, one of the best ways to ensure something like HealthVault is as secure as possible is to make Microsoft (or Google, or whoever) strictly liable for any breaches. That’s where your banking analogy really works for me — one reason electronic banking works so well is that the banks know they’re on the hook for any financial losses that result, so they make damn sure that nothing goes wrong. (It’s also why they’re currently so lax about your privacy, because they mostly aren’t liable for breaches there.) I don’t know enough about HIPAA to know if it’s the right vehicle to ensure security-consciousness on the part of vendors, but it seems clear to me that assigning liability properly is going to be a big part of making these systems reliable and secure.

Look at the billions of dollar, yen or euros that pass through computers every day and not even pennies are lost. Is medical information is any different than financial information in regard to sensitivity of the information? I think not. Even if the site were only relatively safe people who handle this information see so much of this data they don’t bother to take notes to what the information actually says unless they are floridly sociopathic and dumb as a post. Its a bit like people who handle money in the mint or at banks. These employees are more concerned about how heavy the money is rather than the dollar amount in the bag. Even if they did get some information, what would they do about it? Maybe sell this information to a lawyer or blackmailer. Who would be interested?

Let’s say a blackmailer wants to ply his/her trade to a person with herpes genitalis. The blackmailer would have a lot of problems. If a person had herpes it is more than likely that release of this information would be significant enough to bother with. With a little bit of thought most would agree, random episodes of unknown people would not produce the kind of motivation that would jepordize a person’s security.

Now a targeted individual is a slightly different variation. If someone is concerned about a person enough to invertigate a person trying to take on the onerous task of hacking into a Medical database as a first activity on the agenda. What happened to breaking into clinic and bribing clinic staff, there would be a much better chance of a return. If people want your information and it is somewhere outside of your head others can get it if it means that much to them. Most likely is a best friend telling someone else. The database in itself is not the weakest point for getting information if it is desired.

Finally there is the danger of having someone abuse access to information by using the information in agregate. Lets take herpes genitalis and lets say that there is a drug that was discovered to be dangerous to patients that have taken it in the past 10 years. Here, of course, it could be any disease. Then he gets a printout of the names and telephone numbers of those in the affected group. The database is not set up for this purpose. It isn’t like googling a person with very special criteria. If it isn’t indexed in a way to retreive this information. If such an clandestine effort were to be attempted, it would take a conspiracy of insiders to acheive such a feat. Once one had gotten raw information what can the do with it. Wouldn’t it be much easier just to run a commercial on television asking the same question. There are alway newspapers or magazines that have reduce the readership into a pretargeted demographic group. There are a great many benefit to the publicity approach not the least of which are simple feasibily and cost.

Finally the whole privacy issue dissappears if the databank chose to use images of the chart rather than text itself. Yes, it maybe all we can do is fax a copy of the chart to a databank rather than have actual text in predictible places. If those that are creating such a product would be true to their stated purpose, the fax, appended file approach is probably all that they need and all that they can do anyway.

GCSMD

Exactly. When I realized it was just a way to store and share Word documents, I lost interest. Being able to upload and update documents with some semantic value (e.g., a file using ASTM’s CCR standard) would be much more useful.