Why Google Health and HealthVault are not covered by HIPAA

Home > Why Google Health and HealthVault are not covered by HIPAA

Fred Trotter sent out this note to several health IT bloggers recently.

Recently slashdot referenced two uninformed comments on Google Health offering.


The problem here is that HIPAA should NOT cover Google Health or HealthVault. This issue now dominates this debate, and I wanted to specifically point out some of the problems with this thinking.


Fred does a great deal of wonderful healthcare and IT writing. His latest argument for why HIPAA does not cover Google’s or Microsoft’s PHR offerings makes a lot of sense and is well worth reading. Vendors of technology are generally not covered entities unless they are somehow participating in the care process and I think everyone’s making a big deal about “Google is not HIPAA compliant” or “Microsoft has privacy problems” for very little reason.


Shahid N. Shah

Shahid Shah is an internationally recognized enterprise software guru that specializes in digital health with an emphasis on e-health, EHR/EMR, big data, iOT, data interoperability, med device connectivity, and bioinformatics.