Health attorney: Google's new privacy policy does not violate HIPAA

Could Google's new privacy policy violate of the Health Insurance Portability and Accountability Act? That's the concern of several members of Congress, who late last week discussed their worries with Google Director of Public Policy Pablo Chavez and Michael Yang, the company's attorney, according to an article on Search Engine Land.

In a nutshell, the new policy combines all of Google's privacy policies, ultimately enabling it to share user information across services. Rep. Mary Bono Mack (R-Calf.), one of the meetings attendees, said in an interview with USA Today's Technology Live blog that such sharing could create a HIPAA violation under certain circumstances.

Bono Mack talks about a hypothetical situation in which a user performs a search for cervical cancer using Google, but forgets to log out, causing him or her to be tracked across other products.

"That's a violation of HIPAA," she says. "We've gone to great lengths in our society to protect people's medical information."

Healthcare attorney and consultant David Harlow, author of HealthBlawg, disagrees with Bono Mack's assessment on a number of different levels.

"I don't see the change in Google's privacy policy as leading to the erosion of protected health information under HIPAA," Harlow said in an interview with FierceHealthIT. "If you search for cervical cancer and Google shares that information across platforms, that doesn't violate HIPAA; all you've done is type in a search on a public platform."

What's more, Harlow says that by searching for such information on a platform like Google, a user is releasing the information themselves.

"Some may say that people wouldn't understand that they're releasing information by typing it into a search box," he says. But in this day and age, people are smarter than some assume, he adds.

Harlow says he understands some concerns associated with elderly patients using Google to search for health terms, but ultimately says the privacy policy is sound.

"From a strict legal constructionist's standpoint, the policy is sufficient," he says.

To learn more:
- read this Search Engine Land article
- here's Bono Mack's interview with USA Today

Suggested Articles

Nearly 10,000 patients involved in research studies were impacted by a third-party privacy breach that may have exposed their medical diagnoses, test results…

Veterans Health Administration medical facilities currently have a paper medical record backlog that if stacked up would be 5.15 miles high, according to the…

The Department of Health and Human Services announced proposed changes to privacy restrictions on patients' substance use treatment records.