Comments on: Why Google Health and HealthVault are not covered by HIPAA http://www.healthcareguy.com/2008/05/24/why-google-health-and-healthvault-are-not-covered-by-hipaa/ Shahid's healthcare IT, EMR, EHR, PHR, medical content, and document managment advisory service. Enjoy. Thu, 09 Feb 2012 13:50:00 +0000 hourly 1 http://wordpress.org/?v=3.1.3 By: Privacy http://www.healthcareguy.com/2008/05/24/why-google-health-and-healthvault-are-not-covered-by-hipaa/comment-page-1/#comment-718 Privacy Sat, 20 Jun 2009 18:46:53 +0000 http://www.healthcareguy.com/index.php/archives/428#comment-718 I found your blog on google, and read a few of your other posts. I just added you to my Google News Reader. Keep up the good work. Look forward to reading more from you in the future. I found your blog on google, and read a few of your other posts. I just added you to my Google News Reader. Keep up the good work. Look forward to reading more from you in the future.

]]> By: David Szabo http://www.healthcareguy.com/2008/05/24/why-google-health-and-healthvault-are-not-covered-by-hipaa/comment-page-1/#comment-717 David Szabo Sat, 12 Jul 2008 00:44:03 +0000 http://www.healthcareguy.com/index.php/archives/428#comment-717 Trotter's column misses the point entirely, and clearly does not understand privacy law. The reason to put Google under the HIPAA privacy and security rules is not to control Trotter's ability to use and disclose the information. The purpose is to control Google's ability to use and disclose the information. Under current law, Google can change its privacy policy at any time. Under current law, no minimum standards of IT security apply to Google as a matter of law. This situation will adversely impact on Google's ability to get a critical mass of users for this service. Trotter’s column misses the point entirely, and clearly does not understand privacy law. The reason to put Google under the HIPAA privacy and security rules is not to control Trotter’s ability to use and disclose the information. The purpose is to control Google’s ability to use and disclose the information. Under current law, Google can change its privacy policy at any time. Under current law, no minimum standards of IT security apply to Google as a matter of law. This situation will adversely impact on Google’s ability to get a critical mass of users for this service.

]]> By: Dr. Brown http://www.healthcareguy.com/2008/05/24/why-google-health-and-healthvault-are-not-covered-by-hipaa/comment-page-1/#comment-716 Dr. Brown Fri, 11 Jul 2008 05:14:29 +0000 http://www.healthcareguy.com/index.php/archives/428#comment-716 Few people are talking about the risks of sending emails through unsecure connections and the possible legal implications of someone intercepting or accidentally receiving protected health information (PHI). There are free secure email encryption services out there like www.hisecure.net. Nice Blog! Some info on hisecure.net: up to 4096 bit encryption all email communications take place over a secure connection (https://)-->Not just the login! secure sever, climate controlled, only authorized staff has access to server firewall, anti-virus, logs of any/all attacks secure off-site backups, fail over email system, redundant power, RAID HDs Few people are talking about the risks of sending emails through unsecure connections and the possible legal implications of someone intercepting or accidentally receiving protected health information (PHI).

There are free secure email encryption services out there like http://www.hisecure.net.

Nice Blog!

Some info on hisecure.net:
up to 4096 bit encryption
all email communications take place over a secure connection (https://)–>Not just the login!
secure sever, climate controlled, only authorized staff has access to server
firewall, anti-virus, logs of any/all attacks
secure off-site backups, fail over email system, redundant power, RAID HDs

]]> By: Steve Holcombe http://www.healthcareguy.com/2008/05/24/why-google-health-and-healthvault-are-not-covered-by-hipaa/comment-page-1/#comment-715 Steve Holcombe Mon, 26 May 2008 23:41:38 +0000 http://www.healthcareguy.com/index.php/archives/428#comment-715 Shahid, Even if Google Health, Microsoft HealthVault, Dossia, etc. WERE covered by HIPAA the question would still go begging ... Is there to be a critical mass of internet users who will actually put their medical profile online under the current privacy paradigm? I believe the answer is proving itself to be a clear and resounding 'no'. There must be a shift from the prevailing privacy paradigm (whether enforceable through HIPAA or the contractual Terms of Service provided by Google Health, etc.) toward a paradigm of technological data ownership. When that happens, then I'll say, "Now you're talking!" Shahid,

Even if Google Health, Microsoft HealthVault, Dossia, etc. WERE covered by HIPAA the question would still go begging …

Is there to be a critical mass of internet users who will actually put their medical profile online under the current privacy paradigm?

I believe the answer is proving itself to be a clear and resounding ‘no’.

There must be a shift from the prevailing privacy paradigm (whether enforceable through HIPAA or the contractual Terms of Service provided by Google Health, etc.) toward a paradigm of technological data ownership.

When that happens, then I’ll say, “Now you’re talking!”

]]>