Celebrity or not, HIPAA applies

Posted 10 October, 2007 in news

Actor George Clooney was admitted last month to the the Palisades Medical Center after a motorcycle accident. The temptation to look at Mr. Clooney’s medical file was just too much a couple dozen unauthorized employees to withstand. 27 people looked. 27 people are now suspended for a month without pay according to CNN.com. Sadly, the impetus for the investigation was not that they viewed Clooney’s records without cause, but that they leaked information to the press… HIPAA, it’s got (some) teeth now.

HealthVault: Microsoft Insecurity

Posted 4 October, 2007 in news

Microsoft, the megalithic, oft-hated vendor of  only marginally-useful software, announced today in the Wall Street Journal that it would be offering free personal health records on the Web via its HealthVault system. Why *anyone* would trust the likes of Microsoft with their health information is beyond my comprehension. Still, proving once again that CEOs continue to make technology decisions instead of CIOs, Microsoft managed to signup an impressive roster of partners, including: American Heart Association, Johnson & Johnson LifeScan, NewYork-Presbyterian Hospital, the Mayo Clinic and MedStar Health, a network of seven hospitals in the Baltimore-Washington region.

On the upside, they did get the permissions model right, “Its privacy controls, the company said, are set entirely by the individual, including what information goes in and who gets to see it.” That said, the WSJ article goes on to mention that the data, stripped of some identifiers, will be data mined by third parties.

The news of this launch prompted a Slashdot reader to quip, “[this brings a] whole new meaning [to the blue screen of death.]

Would you trust Microsoft with your personal medical information?!?