Update at 12:19 PM PT: This story was updated to reflect the World Privacy Forum's position on PHRs in general.
Google is set to announce on Thursday that it will be using the Cleveland Clinic hospital in Cleveland, Ohio as the pilot site for its new personal health records initiative.
Between 1,500 and 10,000 patients at the Cleveland, Ohio, facility will participate in the project's test run, volunteering to have their medical records transferred to their Google accounts. The hospital already keeps electronic records for over 100,000 patients in an internal system called MyChart, but when those personal health records, or PHRs, are shared with Google, patients will be able to use them outside of the Cleveland Clinic. Included in the data will be prescription information, medical histories, and details about conditions and allergies.
"Patients are more proactively managing their own healthcare information," Dr. C. Martin Harris, the Cleveland Clinic's chief information officer, said in a statement. "At Cleveland Clinic, we strive to participate in and help to advance the national dialogue around a more efficient and effective national healthcare system."
"We believe patients should be able to easily access and manage their own health information," Marissa Mayer, Google's vice president of search projects and user experience, said in the same statement. "We chose Cleveland Clinic as one of the first partners to pilot our new health offering because as a provider, they already empower their patients by giving them online tools that help them manage their medical records online and coordinate care with their doctors." Additionally, Cleveland Clinic president and CEO Delos M. Cosgrove is a member of Google's Health Advisory Council.
Google isn't the only tech titan looking to. AOL founder Steve Case , Revolution Health; InterActiveCorp in several health-related start-ups; and Microsoft has been working on a medical record service.
But all these "health 2.0" initiatives will inevitably raise privacy concerns, and critics of such projects have already begun to make themselves heard. The World Privacy Forum, which has highlighted concerns about medical identity theft in the past, has already issued a report voicing concerns about third-party PHR systems that aren't covered by the Health Insurance Portability and Accountability Act (HIPPA), which has been in effect since 1996 and requires individuals to be notified when a party other than a patient's doctor wants to access confidential medical data.
Not only is security an issue, the nonprofit has said, so is the likelilhood that marketers and other corporate entities will be able to exploit otherwise confidential data. The World Privacy Forum has not taken a specific stance on Google's new project or on others like Microsoft's.
Google is of particular concern to some privacy advocates because the company already has so much data about its users.
"While PHRs may have some laudable goals," the report by privacy consultant Robert Gellman read, "they are also a tempting target for companies or others that want to evade whatever privacy protections remain in the health care system in order to make a profit."