68 comments

[ 102 ms ] story [ 518 ms ] thread
Maybe it's just me but there's something deeply disturbing about the idea of Google also hoarding medical data...
Definitely not just you. Google is just about the last company I’d want my health records stored.
Can you name a more trustworthy one for this purpose?
Anybody who doesn't base their whole business around ignoring privacy so they can target their ads better?
Without turning into a complete shill, there are many companies well known for abusing and selling your data.

Having seen that abuse first-hand, Google is still one of the better ones when it comes to having good internal safeguards and policies -- but they get so much attention for their scale and breadth of data.

One big problem I see is that Google already has a lot of data. Just having that much aggregated data makes any company a bad choice.
It needs to be a regulated nonprofit independent entity. Trusting an ads corp your medical data is as good as asking a bunch of junkies to look after your home while you're away on vacation.
> regulated nonprofit independent entity.

Which will be hacked in 2 weeks of its existence..

Nonprofit doesn't mean cheap. I see it as a defence contractor of some sort: it gets big money from the gov, hires the best staff, but is also regulated and doesn't report to wall st.
Maybe it's just me but there's something deeply disturbing about the idea of Google also hoarding medical data...

If you have ever googled a symptom, they know, and unlike HIPAA there is no regulation on what they do with that data.

I don’t want to be the product with my medical data, thanks.
Didn't they try to do this as Google Health > 10 years ago?
Yes, it was ok and annoying when they shut it down because all the health records were proprietary so a huge pain to move stuff over.

I wonder if the product managers know that Google tried this.

I’m not sure I’d ever trust Google again with a health record. Also since they can de-identify and advertise based on health condition across all of Google that’s a privacy nightmare for me. And I think since a health record where you enter your data isn’t HIPAA protected, then who knows what they’ll do with the data.

"all the health records were proprietary" is, as I understand it, the description of the broad status quo. There's no standard format, and many functionally-ok versions running at thousands of different hospitals, so it's apparently nigh impossible to solve the problem. See the other comments about everyone trying this and failing...

It's honestly the sort of thing where you should have a standard created by an independent group designing a standard, which is then implemented by the government (handling storage and release of records to local providers).

> “There's no standard format, and many functionally-ok versions running at thousands of different hospitals, so it's apparently nigh impossible to solve the problem.”

this is actually the perfect breeding ground for a highly serviceable solution. thousands of at-bats to solve a thorny complicated problem. the challenge is bringing that whole breadth of knowledge to bear on said standards-making process. inter-/intra-group politics often gets in the way, but that is also solvable with good leadership and trust-making processes.

I feel like every Google sized entity in the computer industry has tried to solve this problem over the past 30 years. Microsoft spent ages at it too:

> https://en.wikipedia.org/wiki/Microsoft_HealthVault

Apple have been trying similar with the Health app too I'd argue, even if it's not nearly as integrated with medical records yet. Why does no one ever succeed?

Maybe because nobody trusts any of them.

I hate to say it (because it makes me groan) but I really think a trustless blockchain based solution would work best where medical professionals/researchers require active consent before pulling your records, a trustless form of anonymization/pseudonymization is built into the platform and an immutable record of every query made and why is held forever.

Wouldn't a blockchain make you vulnerable to a 51% attack? Imagine someone now has access to most people's health data - I'd imagine that's worth billions even on the black market.
You're assuming a mining based system. I don't think it would be a good idea to run this on Ethereum (for instance) at all.
I am admittedly not an expert on blockchain. So without mining, what makes this different from just having a voting mechanism where you need a majority?
Many comments here are saying that the problem is lack of trust of the tech entities. I disagree - I think the problem is capture and rent-seeking.

Hospitals and service providers in America have no incentive to do anything that would reduce switching costs and increase the quality of care that you get if you do switch. Moreover, since this is a low-information landscape with respect to both pricing and outcomes, consumers have little way of differentiating and thus service providers also have less incentive to adopt practices that improve outcomes.

Because an EHR is not just about collecting patient history and outcome. It often includes billing, accounting, and management.

Then you have to consider multiple decades of paper records, and records from other systems. Then there's many hospital systems composed of multiple health entities (hospitals, clinics, stand-alone emergency rooms). Some hospital systems span across multiple states and each state have their own set of rules (don't forget about the federal rules as well - HIPAA).

Then when you are building out your EHR system. You have to take into consideration the aspect from the doctor. There are many specialties within medicine. An EHR record from the point of view of an emergency medicine doctor vs a radiologist is very different.

"any health data gathered as part of the feedback program will not be sold or used for Google ads"

But not after the feedback program has finished?

"The information will be encrypted"

So that only Google can read it?

"and stored in the cloud"

Yes, of course. What can possibly go wrong.

Hope this fails in the grandest of fashions long before they go to market.

If it's encrypted and only you have the key, then it doesn't matter where it's stored. You can even publish it, it would just be random gibberish without the key.

They just need to ensure that's the client side that deciphers the data, and that the private key never leaves the browser side neither. I think that can be audited through JS debug tools.

It would need to be audited one each time the browser downloaded the JS. Otherwise, the server can trivially decrypt the data by serving malicious JavaScript once the audit is complete.

Anyway, this is Google. There’s no way they’re planning to client-side encrypt. Even if they did, they’d eventually realize it wasn’t generating enough indirect ad revenue to be too big to kill. At that point they’d ungracefully shut it down.

> If it's encrypted and only you have the key, then it doesn't matter where it's stored.

Until advances in mathematics or computation obsolete the crypto. We might decide that it doesn't matter within each respective patient's lifetime (a debate) but that is getting longer and longer.

Sounds great in theory, but in practice end users suck at key management. Just look at how many Bitcoin wallets are gone forever because the wallet owner lost the private key.
I have zero faith in a system that relies on giving keys to the layman without backups. People already lose their phsical keys all the time. Digital keys will get lost a lot more often and you will end up with lost patient records. You will need to provide a backup option, which in turn makes encryption obsolete.
Not used for ads, but surely for prioritizing search results, youtube videos, and probably many other things.
those are just ads with extra steps
Actually that's something really needed.

Most of the time, the more detailed reports you show to your physician the more they are overwhelmed, so I hope it would manage to become a new standard where the doctor can easily find what they look for.

(comment deleted)
Luckily it’s unlikely to gain traction. Hospital execs still bring up how they were screwed over by Google 10 years ago whenever you try to sell them on consumer health records products. Their malfeasance is legendary at this point.
Aside from the privacy concerns, I'm not sure I'd want to put data my life may depend on in a product from a company with a track record of randomly dropping products with little to no lead time.
And randomly locking accounts.
I already trust Google with my email, search, and location history. Health records feel like a very small addition to that. I would trust a health records service from Google far more than I would from any insurance agency or health care provider I can think of.
Right? Existing health records systems are all either obviously insecure (Windows systems where everyone is using a shared account/password, no MFA, uncertain disposal of broken and obsolete storage devices, etc) or pure theater (you are emailed links to fly-by-night vendor sites that pretend to make a big deal out of serving you a "secure" blob). Google cloud provides protection from the actual privacy threats I care about: insider access, hacked account credentials, and disposed hard disk drives.
Very curious why you threw Windows under the bus there.

>> Google cloud provides protection from the actual privacy threats

Even if everyone in the clinic uses the same credentials?

Probably yes. An account that logs in from numerous devices will get locked out promptly.
Windows systems where everyone is using a shared account/password, no MFA, uncertain disposal of broken and obsolete storage devices, etc

This was true back in the 1990's. But hardly ever happens anymore. Healthcare operations are very strictly regulated, and everyone, even small offices, goes through security training. If they don't, they lose access to the things they need to operate.

The company I work for puts everyone in the company through HIPAA training once a year, and IT security training every six months. It doesn't matter if you're a receptionist, or a doctor, or the Director of IT. Everyone gets the training.

All I know is what I've put into practice. I was in a physical rehab for a couple of weeks so naturally I installed a keylogger on the PC in my room. Everyone had weak passwords. Everyone had separate passwords for Epic, which I guess for some reason doesn't have SSO with windows. Nobody had MFA, despite the fact that they all wore prox cards around their necks. Security, in short, was a complete nightmare.

Security training is one of those things that are required by policy but which have no beneficial effect in practice. HIPAA is a thing that organizations use as a tool to keep you from getting your own data, but which again have no real benefit.

I already don't trust Google with my email, search, and location history. As for health records, I doubt I'd be able to make the same choice.
Health records feel like a very small addition to that.

Health records feeling like a "small" addition to something is an indication that you've never had anything seriously wrong with you.

I would trust a health records service from Google far more than I would from any insurance agency or health care provider I can think of.

You trust Google knowing about your health more than you trust a doctor? That seems... odd to me.

You have to trust your data to the insurance company because it pays your bills. If you don't trust the insurance company, then you pay for your healthcare yourself.

You're right, so far I've been very fortunate with my health.

I don't think I'm unusual that there are things about health (my own and in general) that I've searched on Google that I've never told or asked anyone.

Congrats, the ad networks that track you and your Google search history will never forget this. Or did you use "incognito mode" and think you're safe somehow?
(comment deleted)
Google Health was a disaster and there weren’t very many hospitals that adopted it in the end. Medical information record databases are notoriously siloed. Not to mention I have a difficult time trusting the longevity of many of googles projects
I work in healthcare, but I only build web sites and portals and things like that. The people who work on the data and records side have some of the hardest jobs in the company. I don't envy them.

This feels like yet another case of Google thinking it can throw machines and algorithms at a problem and a solution will magically appear. It won't. Search is hard. Healthcare is harder. Way harder.

Healthcare data is a never-ending log flume of exceptions, regulations, exceptions to regulations, and laws that change from week to week, or sometimes even day to day. And the data can sometimes be exceptionally dirty, in a way that only human intervention can clean it up.

The only way it all gets managed is with people. And Google hates wetware. Its entire reason for being is to abstract away the humans and replace them with math. That may work good enough for e-mail, or games, but it doesn't work for people. And it certainly doesn't work for healthcare, where "good enough" means people die.

Only those in healthcare understand this. The thought of Google trying to pull data out of an Epic or an eClinicalWorks cracks me up.
While I see you have insider knowledge, your comment implies that the complexity in healthcare is due to software being “too careful because lives are at stake”. From my limited exposure, the “mess” is not in actually delivering medicine or medical equipment - it is the 50 different companies with entrenched interests to serve billing, manage data, patch work made on top of arcane old systems because people are afraid to touch old systems. I don’t see the “Big tech will write sloppy code and kill people” angle at all. Please help us understand with an example.
Having actually worked at Medicity (later acquired by Aetna) I had the not so great priviledge of integrating Medicity's health record systems with both Google Health and Microsoft Healthvault. Neither gained the adoption rate that was anticipated by anyone. Medicity did a great job working towards more unified systems from all the siloed systems but it's (as others in healthcare have noted) notoriously complex and ever changing.
"any health data gathered as part of the feedback program will not be sold or used for Google ads"

The right thing would have been to commit to exclusively specific use. Instead we have an incomplete enumeration of what it would not be used for.

Currently the most common and advanced practice I've seen is the FHIR format (https://www.hl7.org/). This is not your usual step-tracking app, it's a data exchange format for hospitals and clinics. I think that's what this release is about because I know that Google has been interested in the FHIR protocol specifically. Microsoft and other large corporations are also exploring FHIR and similar systems, it's not as dreadful as you might think.

It looks like the idea is to bring the real data sharing protocols to the patient level, which is going to be an interesting challenge for them.

The comments regarding traction etc. are all valid, there are many angles in the healthcare technology business. Google might be one of the few companies which can get the money and momentum in it. Whether that's desirable or not is for you to ponder.

FWIW FHIR is also the protocol that Apple Health uses to integrate with the NHS records system.
There's a massive world of health data out there beyond FHIR.

If Google thinks it can do something useful with FIHR, then good for Google. But it will only solve a very small part of the healthcare data problem.

It's not that simple. Epic provides a FHIR API but if you try and use it you'll see that they do not adhere to the spec at all. And each different EHR provider that I attempted to interface with through FHIR all had different, broken, implementations of the spec.
Google needs to stay out of our health data.
With google's track record for keeping services up and also their general attitude with data I don't see a good outcome for this project.

It would make more sense if they were taking wearables / pixel phones more seriously but I guess this is primarily a data grab.

Based on previous stories of people losing access to their Google accounts and can't get answer as to why, no thanks.
Other than facebook I can't think of a company that I would trust less with my health data than google.
Google has way too much information about everyone, even if they try to avoid them. I do not want them or Amazon becoming the new healthcare gatekeepers. I would much rather see them split up and have healthier, more diverse competition in the market. I would also want health information to be very siloed, away from any other interests such as advertising.
The unspoken fact is that the people who make the decisions about adopting EHR are very conscious that 'he who controls the information, controls the reimbursement'. There is no way on this planet that a hospital will hand over its data to someone who could actually make sense of it and make them look bad. The outrageous and inconsistent bills they send to the uninsured compared to the deals they cut with insurance companies run by their buddies would look bad. very bad.