VentureBeat

TODAY’S HEADLINES:

• Microsoft launches $3M fund to support online health-improvement tools (release)
• Clarus Ventures raises $660M life-sciences fund (release)
• Iverson Genetics raises $1.1M for blood-clotting tests, seeks $9.3M more (VentureWire)
• Upstart Ventures aims for $30M fund to seed Utah life-science ventures (release)
• CalHealth takes in $750K for blood-pressure monitoring (VW)
• Regenerative medicine co. Organogenesis acquires NanoMatrix (release)
• Electronic health-record firm MediNotes acquires Bond Technologies (release)
• Eclipsys acquires Enterprise Performance for healthcare financial-management (release)
• Healthcare analytics firm Urix acquires Predicted Solutions (release)

Microsoft launches $3M fund to support online health-improvement tools – Software giant Microsoft, hoping to make a splash at the annual meeting of the Healthcare Information and Management Systems Society in Orlando — don’t laugh; HIMSS is apparently the largest healthcare IT meeting in the world — announced a new $3 million fund intended to stimulate the development of online tools that “improve health.” In typical Redmond fashion, the fund will be known as the “Microsoft HealthVault Be Well Fund,” which is the sort of name only a committee could love.

Microsoft is soliciting grant applications in six areas ranging from primary and “secondary” prevention (essentially, the monitoring of vital signs such as blood pressure for hypertension or blood sugar for diabetes) to women’s and community health. The fund will make grants of up to $500,000, with selections made by “healthcare industry leaders” — read, representatives of Microsoft partners — chosen by the Microsoft Health Solutions Group.

Of course, funded applications must make use of Microsoft’s HealthVault platform, which we’ve written about here and here as a decidedly mixed bag of technologies and Web applications. Three million bucks sounds like a pretty trivial amount to spend to in an attempt to jump-start HealthVault, but I guess Microsoft has to start somewhere.

Clarus Ventures raises $660M life-science fund – Clarus Ventures, a Cambridge, Mass., VC firm, closed a second life-science fund of $660 million. The fund will aim to make investments of $20 million to $60 million in biotechnology, medical devices and specialty pharmaceuticals.

Clarus raised its first $500 million fund in Dec. 2006. That fund has made significant investments in a variety of life-science companies including Globus Medical (our coverage), Pelikan Technologies (our coverage) and Taligen Therapeutics (our coverage).

Iverson Genetics raises $1.1M for blood-clotting tests, seeks $9.3M more – Iverson Genetic Diagnostics, a Seattle maker of molecular diagnostics, raised $1.1 million in a first funding round and hopes to close a $9.3 million second round within a few weeks, VentureWire reports. Individuals provided the first round of cash, and Iverson is courting a “strategic investor” — that is, a corporate or laboratory partner of some kind — for the second.

Iverson recently won FDA approval for a genetic test designed to predict patient response to warfarin, a commonly used generic blood thinner intended to prevent dangerous blood clots. Last August, the FDA required the drug’s manufacturers to note that certain genetic factors can help establish proper dosing of warfarin, which can cause internal bleeding at high doses. (See our coverage here.) Although two million people in the U.S. take warfarin every year, adoption of the genetic tests has been slow. Iverson is one of at least three companies now offering those tests, which Iverson plans to roll out first in the Seattle area.

Trust the reliable folks over at Google Blogoscoped to unearth a login page for the long-awaited Google Health service before it actually launches. Neither the login nor any of the links on the page seem to work, but it’s another tantalizing glimpse at what Google may soon be unveiling.

It’s worth noting that Marissa Mayer, who took over the Google Health project after Adam Bosworth unceremoniously decamped to launch his own health-related startup, said last October that Google Health would be coming in early 2008. So the timing is certainly about right.

As for clues — well, the login page doesn’t offer too many. The blurb to the left of the screen (see screenshot below) promises online health profiles, the ability to download medical information from doctors and hospitals, personalized health advice, some sort of physician directory, connections to “time-saving services” and a sharing system so your family and caregivers have access to your medical information.

Microsoft’s HealthVault (see our coverage here and here) promised much the same thing — minus the doctor directory and personalized advice, at least — but initially was so bogged down in heavy-handed security and user-unfriendliness that I’ve heard scarcely a word about it since. (Plus, there are those nagging privacy questions.) Scads of Health 2.0 sites also offer various pieces of what Google appears to be promising, although to the best of my knowledge, no one has really put all these features together before.

Anyway, it will be fascinating to see how Google approaches many of the same issues that have bedeviled Microsoft and the many startups trying to slice off a piece of the Health 2.0 pie. With any luck, we won’t be waiting much longer. (Hat tip to bbgm, where Deepak Singh rightly wonders what personalized health guidance and “time-saving services” might actually mean.)

See also our previous coverage of a Google Health prototype (or so I assume), also featured on Blogoscoped, here.

When Microsoft launched its much-ballyhooed HealthVault medical-records system for individuals (see my review here), it made such a fetish of security protections that it virtually rendered the service unusable. My own effort just to establish a HealthVault account took roughly two hours, much of that devoted to simply coming up with a password the system would accept; I documented the struggle here. One of the company’s PR reps even emailed me to note that Microsoft is taking “extra precautions at every layer of security” because “privacy and security is one of the areas that Microsoft is taking very seriously for HealthVault.”

As I wrote at the time, it’s hard to fault Microsoft for being paranoid about security, given how privacy concerns are going to be a major hurdle to widespread adoption of online health records. But is the Redmond giant really serious about protecting patient privacy?

Maybe not. Earlier this week, Annie Antón, a software professor at North Carolina State University, raised three important questions about Microsoft’s dedication to patient privacy based on a close reading of the HealthVault privacy statements (here and here). Antón’s post at the Privacy Place blog is worth reading in its entirety, but I can’t help summarizing it as well.

The big surprise (to me, at least) is that services like HealthVault aren’t covered by HIPAA, a mammoth federal law that, among other things, sets some strict standards for the privacy of medical data. Privately-managed record repositories like HealthVault apparently weren’t even envisioned when Congress passed HIPAA in 1996, and so they’re exempt from its provisions (which, to be fair, many people consider onerous).

All that makes it even more important to look at what Microsoft actually promises, and what Antón turned up is disquieting. For instance, Microsoft reserves the right to store your medical data offshore, in countries that may not have the same privacy protections as the U.S.

The software giant also plans to merge other personal information it holds about you with information stored in HealthVault. (That certainly puts the intrusive questions Microsoft’s Live.com service posed to me during registration in a new light.) Finally, HealthVault appears to open the door to a potentially unlimited line of people, entities or programs that can obtain permission to read and alter your health information, since it’s possible to delegate the ability to grant those permissions to others.

Antón also questions whether Microsoft’s decisions in these cases leave users with any legal recourse if their data does leak. It’s a great question, and one I’m in no position to answer at the moment, although I’d certainly want to take a hard look at extending HIPAA privacy provisions to these sorts of electronic records. This analysis certainly underscores the wisdom of approaching services like HealthVault very, very cautiously, because once your medical privacy has been breached, there’s virtually no way of getting it back.

In a previous post, I set out to review Microsoft’s new health-related Web services, including its new online medical-record system, HealthVault. Plans went awry, however, when it took close to two hours simply to register for the service, so I decided to review the medical-records system in this post.

Microsoft clearly has grand plans for HealthVault, the main page of which you can see by clicking the thumbnail at left. Not only has it beaten rival Google to market with its offering (see our previous coverage here and here), it has lined up partners ranging from the American Heart Association to the Mayo Clinic and several other hospitals to a number of online health sites that have all agreed to support the Microsoft service and to make it easy to transfer at least some medical data into patients’ HealthVault account.

This is a fine idea, so far as it goes — which, so far, unfortunately isn’t very far. While all this will undoubtedly evolve over time, for now what’s most surprising about the HealthVault service is how little there is there. What is there is a real mess — a disjointed, confusing service that for now is mostly likely of limited use to the vast majority of patients. (For a screen shot of a classically incomprehensible page, click on the thumbnail at left.) And that’s setting aside perennial questions such as privacy and security, which are obviously going to loom large for many people.

Taking HealthVault at face value, there are two basic problems — one implementational, the other conceptual. The implementation issues are most obvious, starting with the fact that once you finally sign up for a HealthVault account, there simply isn’t much you can do with it at this point. You can add personal details to your profile and upload documents — what sort of documents isn’t at all clear, although there’s an intimidating “code of conduct” to read before you do anything — and set who you’d like to share your information with (presumably family and your doctor or doctors). Beyond that, the only clear suggestion your HealthVault account itself makes is to sign up for a service offered by MaxEmail that will let your doctor fax information directly into your HealthVault account, at a cost of $9/year for up to 100 pages.

There’s no sign, however, of Microsoft’s much-touted partners until you leave your account and return to the public HealthVault page, where you can visit just over a half-dozen sites that can transfer medical information such as blood pressure, blood-glucose values and the like to your personal HealthVault record. (Of course, you have to log in to HealthVault again each time you visit one of these sites.) The one I checked out in detail, the AHA’s Blood-Pressure Management Center, is every bit as confusing as HealthVault itself, since after you enter your profile — again — there’s very little indication as to how you’re supposed to get the data or where it’s going to go.

These are early days, of course, and over time I assume Microsoft and its partners will iron out a lot of these implementation issues — although my quick once-over of the service suggests that this territory is probably trickier to navigate than many people might have previously assumed. (This might also be one reason Google’s health guru, Adam Bosworth, bailed from the company a few weeks ago under less-than-clear circumstances. For an interesting, albeit conspiracy-tinged, take on that, see here.) Putting together an entire infrastructure that supports personal health records is a staggering undertaking — one that might well be beyond the resources of even a company as large as Microsoft.

All of which also leads us straight into the major conceptual question here, which is exactly what good a personal medical record is actually going to be. Ultimately, of course, the vision is for individuals to control every detail of their medical history at their fingertips so they can share it with any doctor or health organization they choose. Setting aside the enormous question of what it takes to get there from here, the big issue this vision raises is whether giving individuals “control” over their records — which is really shorthand for the ability to add, delete or change information — might undermine their usefulness in a significant way. In other words, there’s a downside to the electronic medical-records issue that, so far, virtually no one outside a small coterie of academics has even really begun to address.

I can’t claim to have delved deeply into the subject myself, but I was first tipped to the issue by Graham Walker, a third-year Stanford medical student who blogs at Over My Med Body!. Nearly two months ago, Walker wrote an impassioned post arguing that patients shouldn’t have the ability to cherry-pick and edit their own records if the resulting information is to be at all useful to doctors.

Walker offers several examples that gave me pause. For instance, what about patients who delete or restrict access to their sexually-transmitted disease status? Or those who simply don’t update their records very often? Are patient-controlled records intended to supplement or supplant those maintained by medical institutions? Of course, his questions originate from a doctor-centered perspective, but it’s still one worth pondering as the likes of Microsoft, Google and their ilk start us hurtling down the path to patient-centered medical records.

Microsoft has finally unveiled its first stab at managing personal health records on the Web, and it’s an interesting, if underwhelming, effort to give people control over their personal health information, writes David Hamilton, over at VentureBeat LifeSciences.

His full, first-take review on the service is here.

Microsoft appears to have sacrificed initial quality in exchange for pulling off the coup of beating Google’s similar project to the table. The rush to aggregate personal information doesn’t stop there; Cisco and Intel also have their own projects still in the works, according to the New York Times.

Both patients and doctors can to use Healthvault to enter medical records. Over time, data transfers from doctor’s offices and hospitals could become automatic, with patient’s approval.

Healthvault will also act as a portal for information, allowing searches for particular conditions or treatments. Any such searches would not be connected to stored data.

However, it does seem likely that some level of privacy will eventually be sacrificed in exchange for targeted advertising, an extremely lucrative proposition. Microsoft chief Steve Ballmer stated earlier this week that advertising would account for 25 percent of Microsoft’s income within a few years.

Whether patients will be willing to hand over their most private information to a giant corporation like Microsoft remains to be seen. The company claims that the process will be similar to consumer’s acceptance of online banking.

UPDATED: See below. Also, this is now part one of a two-part post; for the second part, which actually reviews the HealthVault service, click here.

Microsoft has finally unveiled its first stab at managing personal health records on the Web, and it’s an interesting, if underwhelming, attempt to realize a future in which individuals have much more control over their personal health information.

Called HealthVault, the Microsoft offering combines yet another healthcare-info search engine with the record-storage application itself. Both are very clearly Microsoft products, with all the clunkiness and user inconvenience you’ve come to expect from the Redmond giant.

For starters, to use any of this you apparently have to give up Firefox, and possibly any other browser alternative to Microsoft’s own Internet Explorer. For instance, the search engine, dubbed HealthVault Search, doesn’t seem to want to display results in Firefox (click the upper image at left to see it full-sized).

Viewed in IE, however, the page displays perfectly. (In the lower-left image, I’m using IE Tab, a Firefox extension that renders pages using the native IE engine).

To be fair, the Firefox version eventually does display the same information a scroll or two down the page, past the field of hypnotic green boxes. But this is still an inauspicious sign.

Once you can see it, the information provided by HealthVault search seems generally well organized, with a few exceptions. The display is somewhat reminiscent of RightHealth.com, which I reviewed here, although a bit cleaner if less comprehensive. Searching on conditions like “heart disease” or “diabetes” returns a set of organized links grouped under heading such as “personal health,” “conditions,” “procedures,” “drugs” and so forth. One major omission, however, is anything pertaining to symptoms, so if you have chest pain and jump straight to “heart disease” on this engine, you’re not going to find what you’re looking for. For that, you need to search on “chest pain.” While this makes sense in a logic-chopping sort of way, it almost certainly doesn’t map onto the way ordinary people are actually going to use health search. Surely it makes more sense to cross-index such info six ways from Sunday just to make sure people can find it when they need it.

The search results also pop up a major article on the subject from sources such as the NIH, Wikipedia or the Mayo Clinic, as well as a series of Web links via MSN search and some sponsored links that are clearly identified and in many respects even helpful, such as a widget that proffers related books on Amazon. Overall, it’s a decent effort if not exactly a knockout, particularly given that Microsoft is on more of an even footing with other startups in this area given its historical difficulty driving traffic to its Live.com service in the first place.

And small wonder, for when I try to get a look at HealthVault medical records, I’m immediately plunged into Microsoft Hell. My first attempt to create a HealthVault account forces me to register a Live.com account, which in turn wantsrequires me to divulge a bunch of personal information (birthdate, gender, occupation, industry, state of residence and Zip code) to MSN for no particularly good reason. It also asks for my marital status and the number of children in the household, but fortunately both questions are “optional.”

Then we get to HealthVault itself, which doesn’t consider my Live.com password strong enough and asks me to change it to something harder to crack. There’s a link to click for advice on how to do this, but clicking it somehow causes the site to resize my entire browser window to a narrow bar on the right-hand side of the screen. (The help file that opens there also doesn’t actually contain any advice on making a strong password, just standard FAQbait on what to do when, say, you forget your Live password — an option I’m already strongly considering.) I’m actually kind of bewildered here — you’ll just have to take my word when I say that I worry a lot about password security and that the one HealthVault is rejecting involves a mix of alphanumerics and in no way, shape or form resembles any word or phrase in English or any other language.

Aha. Turns out the FAQ does have the info I was looking for — buried in a link under “How to change your password.” You can see it here, assuming that link actually works. (I was only using lowercase letters and numbers.) I can’t blame Microsoft for wanting individuals to feel their medical info is safe, but this quickly runs into the central paradox of password security, which is that if you make the requirements too stringent, people won’t be able to remember their passwords and will jot them down on a Post-It, which is not exactly the most secure medium in the world.

With the addition of a capital letter or two, my password is in business. Or so it seems until I try to actually log in with it, at which point the site refuses to recognize it. I go through the password reset process, and it dings me because a new password can’t be the same as the old one — which would seem to imply that it should actually recognize the old one, right? No dice — the login page still barfs on me. So I change the password and finally the site logs me in. If Google gave users even a fraction this much trouble, it would be lucky to be worth $180,000, much less $180 billion.

But it’s not over. I answer a few more personal questions (name and birthdate, mostly) and then get an error page: “Could not return to program: The location information is missing for this program.” Well, that’s charming. Oh, it turns out I haven’t yet validated my e-mail address for either Live.com or HealthVault. A few moments later and I’m finally in.

At this point, I think I’ll cut my losses and review HealthVault itself in a separate post, which I’ll link here when it’s up. (UPDATE: My review of HealthVault and some overarching issues about personal medical records is now up here.)In the meantime, the NYT and the WSJ have more on the background of all this.

UPDATE: Description of search engine expanded considerably.

UPDATE REDUX: I descend into Microsoft Hell in order to establish a HealthVault account.

FINAL UPDATE: Added a link to my HealthVault review.