Microsoft Working On Health Information 'Vault' System 314
josmar52789 wrote with an article from the New York Times, discussing Microsoft's new push into the consumer health care market. The plan is to offer personal health care records online via a system called HealthVault. Numerous big names in the medical field have signed up for the service, including the 'American Heart Association, Johnson & Johnson LifeScan, NewYork-Presbyterian Hospital, the Mayo Clinic and MedStar Health'. The ultimate purpose of the service is to provide an online accessible but highly secure service to patients and medical facilities: "The personal information, Microsoft said, will be stored in a secure, encrypted database. Its privacy controls are set entirely by the individual, including what information goes in and who gets to see it. The HealthVault searches are conducted anonymously and will not be linked to any personal information in a HealthVault personal health record. Microsoft does not expect most individuals to type in much of their own health information into the Web-based record. Instead, the company hopes that individuals will give doctors, clinics and hospitals permission to directly send into their HealthVault record information like medicines prescribed or, say, test results showing blood pressure and cholesterol levels. "
Oh yeah, triple secure. (Score:3, Insightful)
This sounds like one horribly, terribly bad idea to me from a security standpoint.
Also, I can't help but believe that 'anonymous' information will be handed over to drug companies so they can 'research' their 'market'.
Some things are still best done with paper and pen.
Uh uh. (Score:3, Insightful)
The last thing I need is an employer or potential employer tracking down my medical records. Or the CIA, NSA, ATF, or cybercriminals or any other organization or individual who wishes to covertly steal my personal data for nefarious purposes.
Do you know what your medical history contains and how it can be used against you? I do.
Hailstorm (Score:4, Insightful)
Privacy experts freaked out, but Microsoft never cancels anything.
microsoft vs security (Score:2, Insightful)
There are range of tools and cookie cutter stuffs already written for in asp/net allows very powerful function to exist especially inter-operate ability with different MS product like sharing outlook generated schedule via exchange server out to web portal.
However, putting medical records requires requires middleware between ms platform and medical softwares. I see this use of middleware becomes security problem here. Windows do not work very well when 3rd party glue is applied to the what seems to be rigid architecture it shares between products of ms. This inability to have full control over the protocol, situation usually involving previously unthoughtful of...should I say out of boundary for what original purpose of the software calls for...ends up becoming the problem.
Oktokie
Re:Oh yeah, triple secure. (Score:5, Insightful)
1) Medical professionals never like patients to have full access to their records, as if a patient misunderstands something on their file, their life could be at stake based on the decisions they make.
2) The US has this thing called the PATRIOT act, and MS has agreements with some agencies allowing back-door access to data they host. Let's just say that I highly doubt this information will be protected from people working for US "security" agencies.
3) The system appears to be designed so that MS can sell aggregated data to drug companies and insurance companies. Seems to me though that even with aggregated data, you could reverse-mine it to have a reasonable suspicion regarding individuals (you'd know trends, which would help in searching for more specific details)
Anyway, the whole thing could be really useful if used correctly, but there are so many ways it could be misused even if the system doesn't have a major security breach that I for one would never use it.
And sell your health info back to you (Score:4, Insightful)
No thanks.
Just look at what Microsoft is planning to do with Office Live or whatever they are calling it. You need to have Microsoft Office installed locally on your HD. All you are storing is your data. GNU Linux OSes probably won't even be able to run WINE to access those Office Live files. So even if they don't actually charge to access the data, it extends their reach into your life.
Re:Oh yeah, triple secure. (Score:5, Insightful)
Try to fight the Electronic Health Record is like trying to fight the use of computers in any other field -- it's inevitable.
Except for the tinfoil hat crowd...not a bad idea (Score:4, Insightful)
Re:Monopoly Abuse. Re:Microsoft's successful formu (Score:4, Insightful)
One hell of a pony
Re:unsubscribe (Score:5, Insightful)
It already is. Look around your doctor's office next time you are there. See the computers? They aren't Macs now, are they?
You're easily troubled (Score:3, Insightful)
MS has the marketing, economic, and political clout to get themselves the contract for keeping the health records for everyone in the USA. Washington is already salivating over the prospect of:
One way or another, though, giving MS (or possibly someone else, but MS is the main chance) custody over your health records is well on its way to being a requirement for getting any kind of medical care in the USA.
[1] Sort of the way the FCC is drooling over all the money that the carriers will make from the spectrum they buy.
I worried that health companies will fall for it (Score:3, Insightful)
Unfortunately, it will sound nice to health care companies. I am involved in the healthcare sector, and I am worried that this will succeed, without the health care companies knowing (or caring) about the issues. Microsoft has the cash, the clout and the reputation for this. (Remember, to non-geeks, Microsoft is the premier computer company --lay people can't even tell whether Microsoft is software or hardware.)
The health care industry is greatly dependent on information technology, and is beholden to IT --without realizing it. People in healthcare have this attitude, for better or worse, that they are more important and special and have a unique place high on the totem pole, so they don't really see their vulnerability to some run-of-the-mill thing like IT, which is held with the same regard as the people who answer the phones or clean the medical instruments.
I just pray that Microsoft can have some high-profile screw-ups, maybe a few databases hacked here and there, that can reveal to non-geeks the dangers of having a convicted monopolist at the reins of the nation's healthcare info.
Re:Oh yeah, triple secure. (Score:2, Insightful)