How secure is the vault at HealthVault?

October 17, 2007 | Matt Marshall
View Comments

ms-healthvault-logo.JPGWhen Microsoft launched HealthVault medical-records system for individuals (see David Hamilton’s original review here),  it made a big deal about the built-in security measures. Indeed, they rendered the service virtually unusable.

But a closer at the service shows that it isn’t subject to HIPAA, a federal law that sets strict medical data privacy standards. A closer look by David Hamilton, at VentureBeat LifeSciences, is disquieting.

Microsoft reserves the right to store your medical data offshore, in countries that may not have the same privacy protections as the U.S. It also appears to open the door to a potentially unlimited line of people, entities or programs that can obtain permission to read and alter your health information, since it’s possible to delegate the ability to grant those permissions to others. Read on for more.

Next Story:
Previous Story:

Print
Email
Twitter
Facebook
Google Buzz
LinkedIn
Digg
StumbleUpon
Reddit
Delicious
Google
More...

About the Author,

Matt launched VentureBeat in September of 2006, with the realization that no one else was covering the entrepreneurial and tech innovation scene with the velocity or depth that he was. Prior to founding VentureBeat, he covered venture capital for the San Jose Mercury News from 2001 to 2006. In 2002, Matt was awarded "Journalist of the Year" by the Northern California Society of Professional Journalists. Prior to working at the Merc, he was a correspondent for the Wall Street Journal in Bonn, Germany from 1995 to 1998, and a writer for the Washington Post in 1994. Matt holds a PhD in Government and an MA in German and European Studies from Georgetown University. In addition to VentureBeat, Matt is also the Executive Producer of DEMO, the leading launchpad event for emerging technologies.

blog comments powered by Disqus