IN SUMMARY: Google now has access to detailed medical records on tens of millions of Americans and popular health websites are sharing people’s sensitive data — including medical symptoms, diagnoses, drug names and menstrual and fertility information — with dozens of companies around the world. This is very concerning but it’s unlikely to affect online health seekers.
Hundreds of millions of people now turn to the web each day for online health. Despite the illusion of privacy that exists between users and their computers, the reality is starkly different. The Finacial Times investigation uncovered some disturbing facts on data sharing
-Drug names entered into Drugs.com were sent to Google’s ad unit DoubleClick.
-Symptoms inputted into WebMD’s symptom checker, and diagnoses received, including “drug overdose”, were shared with Facebook.
Menstrual and ovulation cycle information from BabyCentre ended up with Amazon Marketing, among others.
-Keywords such as “heart disease” and “considering abortion” were shared from sites like the British Heart Foundation, Bupa and Healthline to companies including Scorecard Research and Blue Kai (owned by software giant Oracle).
Patient data shared with Google includes names, birth dates, addresses, family members, allergies, immunizations, radiology scans, hospitalization records, lab tests, medications, medical conditions, “and some billing claims and other clinical records,” according to a followup article in the Journal. The partnership “covers the personal health records of around 50 million patients of Ascension,” the Journal wrote.
Will this affect online health searches?
My guess is no but the real question is “do you trust tech companies with your health data?” I sure don’t. Google’s acquisition of Fitbit is going to kill the brand but what people should really fear is that in the not too distant future personal health data can be used against them from setting insurance rates to making decisions on hiring people with preexisting conditions.
Pharma companies need to be proactive when it comes to online health seeker privacy. A simple privacy statement is not enough, they need to take proactive steps to ensure patient privacy.