- The Washington Times - Monday, August 25, 2008

COLUMN:

When it comes to personal health records, privacy protections should be balanced with “the need for a simple and easy user experience,” according to Eric Sachs, a product manager at Google Inc.

In May, the Mountain View, Calif.-based search giant began offering Google Health, a service that lets users store and their medical records online with a username and a password, much like an e-mail account. The company currently has partnerships with 10 organizations, including CVS, Walgreens and Quest Diagnostics Inc., which allow users to import prescriptions, test results and medical histories into one place.

Other technology firms are pursuing their own personal health record (PHR) initiatives. Revolution Health Group, led by AOL LLC co-founder Steve Case, lets users create an online portfolio of health information. Microsoft’s HealthVault service is similar.

Supporters of PHRs describe them as a way of empowering consumers, giving them increased ownership of their own information and an easier way to access it.

“Patients currently have the right to get copies of their medical records, but so few go through the tedious process of requesting copies or faxes of their records or paying any necessary administrative fees to get them,” Mr. Sachs wrote on the Google Public Policy Blog, echoing comments that he made at the Harvard Privacy Symposium.

However, privacy advocates have raised a red flag, citing data-security risks and legal concerns. Many question whether a third party like Google would be subject to the federal Health Insurance Portability and Accountability Act, which protects doctor-patient privilege and prevents patient information from being used or sold for marketing purposes, among other protections.

Mr. Sachs last week reiterated that the company has endorsed an industry-sponsored set of standards called the “Connecting for Health” framework.

“We want our users to be assured that we will never sell their health data or share it with others unless they authorize us to do so,” he said. “We believe our users should have control over who views their health information and who can add to it, and we make it possible for users to revoke access rights at any time.”

Unwanted calls

My column last week - on the issue of telemarketers and expired auto warranty warnings - must have hit a chord because I received more e-mails and calls than I have in quite some time. Here are some of your comments.

One reader writes: “I received probably the 30th call from these ‘warranty specialists’ today, so I gave them some [fake] info in yet another effort to dig some info out of these people … They tried to get my [vehicle identification number] because my vehicle was ‘one of the vehicles affected by mechanical failure’ and they ‘need to make sure mine was not affected.’”

Another says: “I must have gotten 20 to 25 calls. I repeatedly asked them to stop calling me, and the response was that I would be removed from the list. Then I began to get ‘this is your last call … .’ I got a ‘last call’ about 15 times.”

Finally, a reader offers a suggestion: “My VOIP provider (Packet8.net) permits me to use a browser to block calls. Now after every unwanted call, I update the list of blocked calls.”

E-mailKara Rowland