Google Health not HIPAA Compliant

In my regular day I am constantly viewing various RSS feeds using Google's iGoolge page. So the irony of this is pretty exquisite.

One of the main feeds I troll on a regular basis is Slashdot, and just now I found a very interesting and relevant post regarding Google Health, which has been featured on this blog now for a few weeks. LINK to the original Slashdot article.

"Security researcher Robert 'RSnake' Hansen discusses numerous concerns with Google's new Google Health application, which aims to integrate user's medical records online. We discussed Google Health's opening to the public earlier this week. RSnake mentions that Google has found a loophole allowing them to provide this service without having to follow HIPAA regulations, which, combined with Google's track record of having numerous flaws leading to private information disclosure, draws serious concern.

The referring site is ha.ckers.org in which they bring attention to the fact that Google has left itself a legal out from the industry standard HIPAA protocol, which does not bode well for Google fanboys, like myself. I am hoping that this new scrutiny via the huge readership of the Slashdot will  focus attention to this very important  issue, if not stopping people from blindly putting up their medical information, at least  causing Google to re-examine it's position.

"Security researcher Robert 'RSnake' Hansen discusses numerous concerns with Google's new Google Health application, which aims to integrate user's medical records online. We discussed Google Health's opening to the public earlier this week. RSnake mentions that Google has found a loophole allowing them to provide this service without having to follow HIPAA regulations, which, combined with Google's track record of having numerous flaws leading to private information disclosure, draws serious concern.

LINK to the post on ha.ckers

Google Health Opens !

Google Health opened up to the public today after several months of private beta testing. The long-anticipated health records project now allows Google users to manage their doctor records, prescriptions, and test results, as well as find out information about drug interactions and search for new doctors. All you need is a Gmail account and a healthy dose of trust to get started with Google Health, although some are still skeptical about the terms of service.

Signing into the service is extremely simple. If you already have an account with Google (already required in order to use Gmail, Google Docs, Google Calendar, and the like), then you have already skipped a major step. This is also one of Google Health's possible downfalls, however, as it is now exceedingly easy for a hacker to discover someone's universal Google login (which, by the way, has no minimum requirement for secure passwords) and not just access their e-mail but their health records too.

Still, logging in and using the site is easy—"Google easy," one might say. Using easy-to-find links on the landing page or in the left-hand column, users can add their own personal information (such as date of birth, height, and weight), list out their existing medications and allergies, and, most importantly, import their medical records.  LINK to Ars Technica article

WebMD to merge with parent HLTH Corp.

Health information corporation HLTH Corp. has announced it will merge into its subsidiary WebMD Health Corp. in a deal valued at $2.31 billion.

Upon completion of the merger, HLTH shareholders will own about 80 percent of WebMD, based on the shares currently outstanding at HLTH and WebMD.

The transaction is expected to close in the second or third quarter of 2008.

WebMD's senior management team is expected to continue to lead the organization under president and CEO Wayne Gattinella.
Meanwhile WebMD Health Corp. posted 2007 results stating earnings of $48.3 million, or 81 cents per share, compared with $6.0 million, or 10 cents per share, a year ago.

The company, which provides health information through its Web site, said profit soared in the fourth quarter on a hefty tax gain and strong demand for online services.

WebMD's revenue for the fourth quarter and full year excluded about $1 million and $4 million, respectively, related to its offline professional medical reference and textbook publication business, which was sold on Dec. 31.

Patients' Health Records to be Stored by Google

SAN FRANCISCO (AP) - Google Inc. will begin storing the medical records of a few thousand people as it tests a long-awaited health service that's likely to raise more concerns about the volume of sensitive information entrusted to the Internet search leader.
 

The pilot project to be announced Thursday will involve 1,500 to 10,000 patients at the Cleveland Clinic who volunteered to an electronic transfer of their personal health records so they can be retrieved through Google's new service, which won't be open to the general public.

Each health profile, including information about prescriptions, allergies and medical histories, will be protected by a password that's also required to use other Google services such as e-mail and personalized search tools.

Google views its expansion into health records management as a logical extension because its search engine already processes millions of requests from people trying to find about more information about an injury, illness or recommended treatment.

But the health venture also will provide more fodder for privacy watchdogs who believe Google already knows too much about the interests and habits of its users as its computers log their search requests and store their e-mail discussions.

Prodded by the criticism, Google last year introduced a new system that purges people's search records after 18 months. In a show of its privacy commitment, Google also successfully rebuffed the U.S. Justice Department's demand to examine millions of its users' search requests in a court battle two years ago.

The Mountain View-based company hasn't specified a timetable for unveiling the health service, which has been the source of much speculation for the past two years. Marissa Mayer, the Google executive overseeing the health project, has previously said the service would debut in 2008.

Contacted Wednesday, a Google spokesman declined to elaborate on its plans. The Associated Press learned about the pilot project from the Cleveland Clinic, a not-for-profit medical center founded 87 years ago.

The clinic already keeps the personal health records of more than 120,000 patients on its own online service called MyChart. Patients who transfer the information to Google would still be able to get the data quickly even if they were no longer being treated by the Cleveland Clinic.

"We believe patients should be able to easily access and manage their own health information," Mayer said in a statement supplied by the Cleveland Clinic.

The Cleveland Clinic decided to work with Google "to create a more efficient and effective national health care system," said C. Martin Harris, the medical center's chief information officer.

Google isn't the first high-tech heavyweight to set up an online filing cabinet in an effort make it easier for people to get their medical records after they change doctors or health insurance plans.

Rival Microsoft Corp. (MSFT) last year introduced a similar service called HealthVault, and AOL co-founder Steve Case is backing Revolution Health, which also offers online tools for managing personal health histories.

The third-party services are troublesome because they aren't covered by the Health Insurance Portability and Accountability Act, or HIPPA, said Pam Dixon, executive director of the World Privacy Forum, which just issued a cautionary report on the topic.

Passed in 1996, HIPPA established strict standards that classify medical information as a privileged communication between a doctor and patient. Among other things, the law requires a doctor to notify a patient when subpoenaed for a medical record.

That means a patient who agrees to transfer medical records to an external health service run by Google or Microsoft could be unwittingly making it easier for the government or some other legal adversary to obtain the information, Dixon said.

If the medical records aren't protected by HIPPA, the information conceivably also could be used for marketing purposes.

Google, which runs the Internet's most lucrative ad network, typically bases its marketing messages on search requests and the content on Web pages and e-mail contained in its computers.

It's not clear how Google intends to make money from its health service. The company sometimes introduces new products without ads just to give people more reason to visit its Web site, betting the increased traffic will boost its profits in the long run.

Google begins testing health records system with Cleveland Clinic

Google plans to begin testing its long-anticipated health records project this week by partnering with an Ohio hospital group over the next couple of months. The pilot will involve transferring the health information of between 1,500 and 10,000 patients who have records at the Cleveland Clinic, which already has over 100,000 records stored in its own digital database. Patients will then be able to have access to their own records online, wherever they go (with an Internet connection), which Google thinks will help reduce conflicts in diagnoses and prescriptions between doctors.
Related Stories

    * Google to follow Microsoft to market with health records repository next year
    * Microsoft wants your health care records, trust

The pilot project is expected to last six to eight weeks, Google health VP Marissa Mayer told The New York Times, with a public launch expected sometime later this year. Patients will be able to approve the secure transfer of any number of records—from lab results to known allergies to other medical conditions—to Google's system, allowing them to take the records to another doctor or have them available while traveling. One doctor pointed out to the Times that many Cleveland Clinic patients are retirees that travel for nearly half the year, so the clinic's own digitized system isn't very helpful during that time. If the records are accessible through Google's system, patients won't have to worry as much about keeping accurate records on hand in the case of an emergency.

Google isn't the first company to dip its toes into the online health records pool. Microsoft managed to beat Google to the punch by launching a beta of its own health records system, HealthVault, last October. The system allows users to manage records for not only themselves, but also spouses, children, relatives, guardians, patients, and even pets. Information can be transferred directly from a healthcare provider like Google is doing with Cleveland Clinic, but it can also be uploaded directly from a PC, entered by hand, or transferred from a device (such as a glucose monitor).

Google did not give any indication as to whether its health records database would be tied into the same Google login required to access Gmail, Google Calendar, Google Docs, and other Google services. Hopefully it will not (or at least require an additional level of security), as privacy and security have become major sticking points for companies attempting to launch online health record systems. Microsoft's system requires both a Windows Live ID and a HealthVault account that are tied together and require complex passwords, and the company has a strict privacy policy about who can have access. That is, no one has access to your health records unless you specifically grant them permission, and Microsoft makes an effort to ensure that you know exactly what you're doing when you do so.

There is another issue that has skeptics doubtful that such an initiative could ever take off. The level of freedom allowed in Microsoft's HealthVault means that patients can enter (or omit) anything they want, meaning that any healthcare provider that bases diagnoses on what they find on HealthVault is taking a serious risk—the data available there is no more reliable than a patient survey at the doctor's office. We observed in October that a system that restricts write access to doctors, with patients being granted read-only access and the ability to request changes if they find inaccuracies, would be much more reliable.

There are not enough details about Google's system to know whether it will be implemented like HealthVault, though. From the description of what's happening with Cleveland Clinic, it sounds as if records will only be transferred by healthcare providers and not by patients themselves—if that's the case, then doctors can have a little more confidence in the information there. But with several months to go before Google's public launch, anything can change.

Cardiocom - preventive solutions

MINNEAPOLIS, MN — Cardiocom® Multi-Disease Management, an industry leading developer and manufacturer of remote patient monitoring equipment and disease management software, announced that it has entered into a relationship with Heritage Provider Network, Inc., a Management Service Organization (HPN, Inc.) extending over Central and Southern California service areas.  The two partners will combine the benefits of well-managed Medical Group/IPA networks, which offer value-added clinical resources to community-based physicians, with the innovative and cost-effective technology of an experienced telemonitoring company.  The overall goal is to improve the care and clinical outcomes of Heritage Provider Network patients.

            

“The Heritage physician groups are committed to providing quality clinical programs that empower patients to actively participate in the management of their clinical diseases in an effort to improve their health and life,” says S. Ian Drew, M.D FACP FRCP FACEP, Executive Vice President, Clinical Affairs of Heritage Provider Network, Inc.  “By using the flexible Cardiocom technology-based management solutions, we can offer new benefits to help people improve their self-management skills, remain in constant communication with their treating physician and reduce unnecessary emergency room visits and in–patient hospitalizations.” 

            

The Cardiocom Telescale® and Commander equipment are placed in the homes of HPN Network patients. The sophisticated software system provided by Cardiocom allows nurses at remote locations to monitor daily vital signs and health status of patients.  Nurse case managers intervene to provide education and coaching designed to assist HPN patients with the management of their chronic conditions.  The telemonitoring system enables physician groups to provide high quality care that follows national practice standards.

A nationwide medical license ?

"Healthcare Licensing Services, Inc. is the next best thing to having a nationwide medical license."

Once you have created an account with HLS all it takes is a simple phone call for us to begin the medical licensure process for a new state. We can help you attain a medical/telemedicine license in any or all of the fifty states while you spend your time doing what you want to do. HLS has helped dozens of telemedicine groups attain telemedicine licensure all over the US.

Our telemedicine licensing service facilitates the entire licensure process from start to finish, including but not limited to the following:

* Complete research of your professional history to obtain mailing addresses and contact information to aid in verifying your credentials
* Professional completion of the telemedicine license applications 
* Collection of all board required credential verifications (including: undergrad transcripts, medical school transcripts, reference letters, letter of good standing from other licensing boards, examination transcripts, postgraduate training evaluations, hospital staff evaluations, AMA profile, NPDB query, federation query, and malpractice claims history report/documents)
* Tracking/follow-up with the boards and the credential verifying agencies to ensure accurate and timely processing of your medical license application and credential verification requests
* Frequent progress updates
* We provide detailed instructions for any step of the process that must be completed by the physician (i.e. signature, notarization, finger printing)

Philips Remote Patient Monitoring

Philips Remote Patient Monitoring
Telemonitoring technology and comprehensive services for effective remote patient management and home care visits

With Philips Telemonitoring Services, clinicians can remotely monitor patients' vital signs data and send them short surveys about their health status. This combination of objective data and subjective responses enables the clinician to make more timely care decisions and helps prevent unnecessary hospitalizations. Philips Remote Patient Monitoring provides an efficient, effective solution to treating chronically ill patients.

Service delivery and implementation support includes a host of services designed to help home care agencies set up a telehealth program or make their existing program more efficient.

Telehealth

Every day, patients take their own vital signs measurements as prescribed by their doctor: weight, blood pressure, pulse, glucose level, blood oxygen level and/or ECG rhythm. They also answer survey questions sent by their clinician, which may include general health assessment questions and/or targeted follow-up questions, and enter self-reported data as directed. The information is then automatically transmitted through an ordinary phone line via modem to secure web-based Clinical Review Software. Clinicians can track daily patient measurements, store and retrieve historical data in both tabular and graphical format, and generate reports - promoting faster follow-up and intervention.

* Award-winning wireless measurement devices allow clinicians to remotely monitor patient vital signs.
* TeleStation home hub transmits vital signs data and daily interactive surveys to and from the patient.
* Web-based clinical software   sorts and flags patients with out-of-range data for timely clinical intervention. Customizable survey questions, risk assessment tools and care protocols provide support for clinicians so they can focus on patient care.
* Service delivery and implementation support includes a host of services designed to help home care agencies set up a telehealth program or make their existing program more efficient.

Exhibit One

INNOVATION

            

ExhibitOne integrates audio, visual, communication and computer technologies in new and creative ways in order to address evolving communication challenges faced by various industries and markets.

            

The company’s innovation isn’t in developing technology, but rather applying those technologies in innovative ways. It’s what makes ExhibitOne unique.

            

IMPROVING THE COURT SYSTEM
             
              A significant backlog of cases challenges America’s court system.

            

To help expedite trials, ExhibitOne sought to streamline the piece-meal process by which evidence is presented. Prosecutors and defenders alike were using everything from chalkboards to computer simulations to explain evidence, prove people’s points and clarify complex concepts.

            

ExhibitOne recognized that both sides could be more effective if
they presented their respective sides of a case through an “evidence presentation system” that integrated a wide variety of audio, visual, communication and computer technologies. As was surmised by ExhibitOne and proven in the courtrooms, this solution not only expedited trials, but also improved juror comprehension – providing an innovative solution for our court systems.

            

TRAINING HEALTH CARE PROFESSIONALS
            
  A shortage of well-trained medical providers is a problem affecting health care in America. To help enhance training while enabling instructors to handle more students, ExhibitOne integrated technologies that included cameras, microphones, digital recording, sophisticated video conferencing and more into what is now known as ASTEC (Arizona Simulation Technology and Education Center), one of the busiest medical simulation centers in the United States. Allan J. Hamilton, MD, University of Arizona professor of surgery and ASTEC executive director, says, “Research studies have shown that skills learned in the virtual reality environment lead to more efficient and effective learning and have the potential to reduce errors, ultimately saving thousands of lives every year.” With more than 170 medical students and health professionals using the lab a month, ExhibitOne’s innovation is having an impact on America’s health care.

            

Virtual Medical Team for Amazon Swimmer

It's old news, my bad, I have just got Google Adsense working on this site and this was one of the ads.          

Professional audiovisual design services and next-generation telemedicine video conferencing, for the University of Arizona Telemedicine program, were provided by ExhibitOne.

            

UofA Doctor Leads Virtual Medical Team for Amazon Swimmer
              Jan. 3, 2007

            

Physicians at The University of Arizona are leading a virtual medical team to assist Martin Strel, a Guinness record marathon swimmer, as he swims the Amazon River from Atalaya, Peru, to the Atlantic Ocean at Belém, Brazil. On Feb. 1, Strel will take his first stroke toward his goal of swimming 3,375 miles (5,430 km) in 70 days.

            

Trauma surgeon Rifat Latifi, MD, UA professor of surgery and associate director of the Arizona Telemedicine Program, was asked to serve as medical director for the Amazon Virtual Medical Team for the Amazon Swim Project. He has assembled a team consisting of physicians from Arizona, Virginia, California, Missouri, Pennsylvania, Slovenia and Brazil. Team members also from the UA are Joseph Mills, MD, professor and chief of vascular surgery, and Eskild A. Peterson, MD, professor and chief of infectious diseases.

            

For the majority of the swim, Dr. Latifi will be in Arizona monitoring Strel through the telemedicine program and consulting with his virtual team of medical specialists. He will periodically make house calls on board Strel’s boat, working closely with the team physician, Mateja deLeonni Stanonik, MD, PhD, from the University of Tennessee.

            

“This is the first time that telemedicine technology will be used to help in this type of mission,” Dr. Latifi says. “The use of telemedicine will allow the medical team to include specialists and experts from all over the world.”

            

The Amazon Swim Project will take Strel through some of the most dangerous, unknown regions of the Amazon, says Dr. Latifi. Using telemedicine technology, the medical team will provide health care services for Strel and his support team of more than 20 individuals 24/7 for the duration of the swim. 

            

“The team will be responsible for the treatment of any injuries or disease that may occur during the swim,” Dr. Latifi says.
             
Strel and Dr. Latifi hope the project will be the catalyst for specific collaborative endeavors in the Amazon region and in the Andes that include telehealth initiatives, such as floating clinics and remote hospitals, as well as programs to enhance the emergency medical services and training programs in the remote areas of the South American region.

            

Strel swam the length of the Danube River in 2000, the Mississippi in 2002 and the Yangtze River in China in 2004. Strel has dedicated this swim to the preservation of the rainforest, to raising awareness for Alzheimer's disease and other neurodegenerative disorders, and to promoting telemedicine as a valuable tool in bringing modern medicine to remote areas.