Google to retire Google Health

It was interesting to hear today that Google has decided to close down it’s Google Health service. This service was set to be a great service to individuals that wanted to create an online health record and to get advice online that would help them manage their health.

There has been much discussion over the last few years regarding what Google’s motivation was in creating such a service, with many leaning towards the standard view that Google was just interested in gaining the advertising revenues associated with marketing of products to people who use this service. There was also concern about compliance of Google health with such laws as HIPPA (Health Insurance Portability and accountability Act). I also remember signing up for the service when it launched in 2008 and being told the service only applied to American citizens which I thought was a bit limiting.

It is great to see that Google has allowed users to extract their data in certain formats (CSV, Excel, PDF etc) which gives me encouragement that Google is taking the view that personal information belongs to the individual not to Google. The service will continue to operate until January 2012 so you have a few months to extract your data.

Microsoft’s HealthVault on the other hand shows no sign of stopping. It seems that Microsoft’s implementation has found more favour with health professionals and is being adopted on in the UK and other countries. Thos familiar with the health industry will know that the best way to get things working in this space is to make sure you are on side with the health professionals.

Regarding our own health record in myINFOSAFE, we are looking to move the format of health data stored towards open portable data standards so users have the option to import data from other compliant services or similarly export their data if they choose to. Watch this space.

Some relevant links for further dialogue on this subject for those that are interested:

Tech.bloge - http://tech.blorge.com/Structure:%20/2011/06/25/does-the-death-of-google-health-mean-the-end-of-online-health-records/

PC World - http://www.pcmag.com/article2/0,2817,2387568,00.asp

Privacy of Personal Information

How private is information you post on the internet? Is it more secure than if you store that information on your PC?

The reality is that information can be very secure or very insecure on both platforms.
In regards to the Web, I found a helpful view in David Siegel's book "PULL". He states that there are three basic levels to the Web and area findable by public search engines like Google and Bing.

The Public Web which we normally see when searching and browsing for information online.
The Deep Web which includes large data repositories that public search engines usually do not see. E.g. Craigslist, Grainger etc.
The Private Web which we can only get access to if we qualify or have access rights. E.g. Corporate intranets or subscription based services. Again, this information is not searchable by public search engines.

So your data is more secure in the private web than the public web, but, in all these systems there are people that have the ability to access your information if they wish to. There is always a systems administrator or similar with super admin rights to each database and can just about always get to see what data is stored anywhere.
On your PC you may think your data is safe, but there are two main ways that people can gain access to information on your PC.

Remotely - If your PC is connected to the internet, even if you have firewall protection or security software, there are ways that people can gain access to your PC and search your information.
Physically - If someone gains physical access to your PC, and even if your PC is password protected, people who know how can access your PC and search your information. This can also be that case if they get hold of any of your back up devices for your PC.

On either platform the best way to ensure that your data is not compromised is to have it encrypted with a strong cryptographic key that is kept confidential (and separated from any systems administrator). This way, even if information is found it cannot be read or understood as all the information is encoded using this key.

The cracking of a strong encryption key of about 192 or 256 bits is considered infeasible.

So, be careful what you do with your information. If you want it shared then that is fine. If you want it safe and protected, encrypt it – end of story.