Launched yesterday, Thursday October 4th 2007, at a Microsoft hosted event in Washington, D.C., the Microsoft HealthVault site's explicit purpose is to help people better manage their own health information. Peter Neupert, Corporate Vice President of the Health Solutions Group at Microsoft, stated:
"People are concerned to find themselves at the centre of the healthcare ecosystem today because they must navigate a complex web of disconnected interactions between providers, hospitals, insurance companies and even government agencies. Our focus is simple: to empower people to lead healthy lives. The launch of HealthVault makes it possible for people to collect their private health information on their terms and for companies across the health industry to deliver compatible tools and services built on the HealthVault platform."
The admirable goal of saving people's lives by making their health information accessible to healthcare providers quickly, by taking their files out of the cabinets and centralising them online, is not without its critics however. The principle concern seems to be that of an individual's privacy and the security issues related to holding such sensitive information. With this in mind, the HealthVault site states that it was "created in cooperation with leading privacy advocates, respected security experts and dozens of the world's leading healthcare organisations."
The Microsoft HealthVault fact sheet, provided to journalists, is also at pains to emphasise the security precautions that have been put in place, some of which include;
- A "minimal access" data model which ensures that only necessary information is shared.
- HealthVault traffic is isolated onto a virtually separate network.
- Servers are located in physically separate, locked cages.
- All traffic between HealthVault and people who use HealthVault is encrypted.
Currently the Microsoft HealthVault platform is only available to consumers in the United States. However, the security issues surrounding the centralisation of patient records are already a hot topic in the UK. One of the main aims of the UK's 10 year National Programme for Information Technology (NPfIT), which was launched in 2002, is to implement Electronic Patient Record (EPR) systems. The controversy surrounding these plans led Health Minister John Hutton to announce in 2005 that patients concerned over the security of their personal medical history could opt to have it removed from the new national electronic database.
However the data security debate rumbles on as evidenced in a recent report by the Commons Health Select Committee, published September 13th 2007, which suggested that the current architecture of the system "maximises" the risk of patients' confidential details being leaked, stolen or breached and provides "both a bigger target and a larger number points of attack".
It would seem that the 'technology means progress' brigade still have a lot of 'fear of change' sufferers to win over. Let's hope that Microsoft's HealthVault stands up to the challenge and shows us the way forward.
