Google Health expands deal with CVS

Customers of CVS' pharmacy will be able to import their prescription records into a Google Health account as a result of an expanded deal between the two companies. The deal was announced Monday.

An earlier deal already allowed workers whose company uses CVS Caremark to handle drug benefits to use Google Health to store their drug records. The new deal expands this to customers of CVS' network of retail pharmacies.

"We now offer all of our consumers the ability to download their prescription and medication history into their Google Health Personal Health Record, whether they are CVS/pharmacy customers, CVS Caremark plan participants or visitors to our MinuteClinic locations," said CVS Caremark Executive Vice President Helena Foulkes in a statement. "By enabling patients to download their prescription information directly into their personal health record, we are helping to close the gap in today's fragmented health care system and provide a full view of a patient's health."

To use the tool, the companies said, consumers need to sign up for the prescription management feature on CVS.com as well as be authenticated. With the latest deal, Google said it now believes more than 100 million Americans will have the option of viewing their drug history within Google Health.

Microsoft, which is also trying to sign consumers up for its HealthVault service, announced a deal with New York-Presbyterian Hospital on Sunday which will allow patients of that hospital system to export their records to a HealthVault account.

[dargon19888]

Only an idiot would actually do this...
Google claims that since they are not a health care provider, they are not required to follow the patient data privacy outlined under HIPAA.

If CVS were to release this information on their own, I can guarantee that it would become a major class action lawsuit.

[monkeyfun14]

Something tells me if Google wants to keep their rep clean they won't release anything.

[freemarket--2008]

You have to initiate the transfer yourself. Neither Google nor the pharmacy will do it without your consent.

Google may not be required by law to protect the records, but they do agree to a privacy policy:

http://www.google.com/intl/en-US/health/privacy.html

[skshrews]

"Something tells me if Google wants to keep their rep clean they won't release anything."

There's this little thing called "money"...

Google isn't doing this for the benefit of mankind, it's doing this as a publicly traded company. They have repeatedly stated HIPAA regulations do not apply to them.

They might not overtly release this information, but there are all sorts of ways to release this information surreptitiously, and plenty of people willing to pay for such information. Users of Google records would have no legal leg to stand on.

[freemarket--2008]

Google openly acknowledges in their privacy statement that the HIPAA does not cover their service. So if you do have sensitive health info, you may want to avoid putting it in their database.

On the other hand, please show me a single instance of Google surreptitiously violating agreements with its users to justify your claims. I don't seem to recall any myself.

As much as I despise MicroSoft, I don't think even they would be that stupid.

[CanUDigIT]

I wonder if Google is going to put a vault around this data, instead of just leaving it on the internet under the leather strap door lock of username and password?

The biggest concern I have is that access to these records will be protected only with usernames and passwords, which means, at best, that there is no in-house privacy of these records, since a husband and wife will likely know each others favorite usernames and passwords. Add to that the growing count of hacked twitter, gmail accounts, and it should be apparent that the username and password approach will not provide real protection to your most sensitive data. At the same time, requiring people to carry a token or smart card adds not only costs, but inconvenience, to the process.

Healthcare uber-CIO John Halamka has blogged about a new super-secure web-based fingerprint identification technology from BIO-key that they've used at Beth Israel. http://geekdoctor.blogspot.com/2008/12/cool-technology-of-week_12.html

I'd feel more comfortable knowing that I could secure my records with my biometric data, using my laptop fingerprint scanner. It doesn't have to be the only way in, but it would make sure that if I was using a less secure, alternative approach, they would be more careful to assure it's me. Plus I could use the same technology to affirm the release of my records to any party who needs them (pharmacists, doctors, etc) - all they would need is a web browser and a fingerprint scanner - built into most of the tablets and laptops being sold today.

[DrollTroll]

to freemarket...it's not a matter of being "stupid" enough, but more of being arrogant enough. CEOs, Ponzi fund managers, etc. and large corporations (like MS or Google) or accounting firms aren't stupid enough to do things that in hindsight seem obviously dumb, but they are guilty of sheer arrogance that blinds them. As a result, they do such things and most times get away with it. That my friend, is capitalism and the free market...

[freemarket--2008]

That's your version. Mine is the thousands of companies which value their reputations and treat their customers with respect.

Madoff is not a capitalist, he's a criminal.

Those few who become arrogant and cheat and steal are eventually held accountable.

[Dalkorian]

If I was forced to pick between Google Health and that M$ bastardization, I'd pick Google Health hands down every time. But it's like picking between being anally raped by a broomstick or a baseball bat - it's not the decision that's difficult but coming to grips with the fact that you're about to be raped either way.

RANT ON
I'm outraged by this. My medical history & my prescriptions are my private business and I certainly don't want Google or Microsoft to have access to them. Goggle will sell the data; that's what they do and how they make money. Microsoft would have no clue what to do with it but because their security is so bad, some 13 year old will get rich after he hacks their system and sells the data. Furthermore Mr. CVS, I don't even want my medical data on your internet connected computers and I'm certainly not signing up for your "Prescription Management Service". I think I will cancel my CVS & Walgreens accounts and start using the local independent compounding pharmacy. And I will be supporting a locally owned small business instead of some faceless mega corporation.
RANT OFF

[TGChic]

it seems like a good idea in theory, its only a matter of time that the entire healthcare industry goes completely digital. google is pretty much taking over the world so i am not surprised that it is involved in online healthcare. it does get a bit scary with all your medical information online, then again all your financial information is online too, as well as your entire life so it seems, but its just making sure that you are smart about what?s online and how to protect your information, take a look that this article on <A HREF="http://www.justaskgemalto.com/en/personal-data/tips/my-medical-information-secure-online">JustAskGemalto.com</A>, it has a lot of good information and tips about securing your medical information online

[21stCenturyRox]

I use HealthVault myself, and I decide what goes in my account and what doesn't. There's nothing in my background that I'm especially anxious about revealing, but if there was, I'd just keep it out -- though I'd be more than a little worried about the insecurity of paper records! Healthcare is going digital for sure, and I think that more patient control can only be a good thing.