Microsoft’s uphill battle with HealthVault
Monday, October 29th, 2007Earlier this month Microsoft announced the launch of HealthVault, a website designed to store medical records and health information which can be accessed by health care providers and patients alike. The goal of the site, according to Microsoft VP Peter Neupert, is “to empower people to lead healthy lives. The launch of HealthVault makes it possible for people to collect their private health information on their terms and for companies across the health industry to deliver compatible tools and services built on the HealthVault platform.” It’s undoubtedly a lofty goal, since some 94% of consumers polled currently use a paper-based method to track their health information. However, the advantages of having instant, online access to medical records is a no brainer. Wouldn’t it be nice if your primary care physician and a specialist were able to communicate with each other through your online records? Wouldn’t it be convenient to track your blood pressure/cholesterol/glucose levels online? Or if you switched physicians, you wouldn’t have to move your records from a previous doctor’s office? The idea is appealing, but there are as many obvious benefits as there are obvious pitfalls.
With the motto “Be well. Protected.” splashed atop HealthVault’s home page, Microsoft is clearly reaching out to users who have concerns about the privacy of these records. Industry watchdogs and bloggers alike have pounced on HealthVault, attacking the idea for the security and privacy nightmare that it is. One blogger amusingly offers five reasons why HealthVault is unappealing: “One, because it is a Microsoft offering… Two, because it is a Microsoft offering… Three, because it is a Microsoft offering… Four, because it is a Microsoft offering… Five, because it is a Microsoft offering.” A common refrain is, “If I can’t even trust Microsoft with Windows updates, why should I trust them with my health care information?” It’s a valid point.
The criticisms usually focus on Microsoft’s tendency to absolve themselves of lost/misplaced data, reliance on users to add privacy and security upgrades to systems, and the legal ambiguity about how HIPAA applies to online records. In spite of all the criticism, Microsoft is determined to make HealthVault a success. They have hired hacker organizations to test the security of the site, and the very branding is meant to reassure users (what do you think when you hear “vault”?). They are going about this by trying to convince health care industry companies to offer web services and devices which are compatible with HealthVault. Some 40 organizations have signed on, including the American Heart Association, LifeScan (a glucometer manufacturer), and the American Diabetes Association. The website will generate income through a web search tool which features sponsored links. The potential for success is huge, but unfortunately, so is the potential for disaster.
Other high tech and health care companies, including Aetna, WellPoint, and Google, are working on similar systems. The key for any of these initiatives to take off is gaining the trust of consumers. Privacy and security are increasingly important in the Web 2.0 atmosphere of identity theft, and Microsoft presents too juicy a target for hackers to ignore. They have not cultivated a brand of trust, and they may pay the price for it with the failure of HealthVault. Let’s not forget, also, that the main target group for a website like HealthVault is baby boomers, and people of that demographic are far less likely to share personal information online.
HealthVault is still in beta, and hopefully this will allow Microsoft plenty of time to make tweaks as users find holes in the system. The buzz surrounding this initiative is not likely to die down soon, and if it’s true that there’s no such thing as bad exposure, Microsoft may have the leg up on competitors in the health information field.
By Haley January Eckels
