Privacy issues loom over Google Health

Share this article:
As Google launches its Google Health, security experts are concerned that personal medical records are at a greater risk of being breached.

Google Health allows patients to view and manage their own health care records while also allowing that data to be shared with doctors, pharmacists, and other medical personnel.

According to a recent survey conducted by SecureWorks, a managed security services provider, health care information is attacked up to three times as often as banking and financial information. By allowing medical records online, the risk of having that information attacked increases, Don Jackson, director of threat intelligence at SecureWorks told SCMagazineUS.com on Tuesday.

“It's not a question of how good the security is,” Jackson said, “When you put all this information is one central location like this, a single compromise will affect a lot of data.”

Heath care data is valuable on the black market, Jackson added.

“You get social security numbers, mother's maiden name, home address," he said. "It's a soft target that turns out to be a treasure trove of information.”

In response, Google said it uses software, hardware, and strict policies to keep user health information safe and private.

“The health information users store with us is protected by state-of-the-art technologies, including Secure Socket Layer (SSL) encryption, firewalls, alarms, and other technology we build ourselves or buy from other experts in the security industry,” a Google spokesperson told SCMagazineUS.com. “We have extensive backup systems in place to protect the integrity of this information. Google's servers are protected by strong physical security at our facilities, including passcodes, locks, and security personnel.”

On Google's own blog, readers raise a concern of Google employees having access to health records.

According to Google, “a limited number of employees at Google have access to confidential information of any sort, and even fewer have access to what we consider very sensitive data. This is primarily because there's very little reason to provide that access; most of our processes are automated and don't require human intervention.”


Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Information sharing requires breaking down barriers, White House cyber guru says

Information sharing requires breaking down barriers, White House ...

The White House has advanced an agenda to promote and facilitate information sharing on security threats and vulnerabilities.

Worm variant of Android ransomware, Koler, spreads via SMS

Worm variant of Android ransomware, Koler, spreads via ...

Upon infection, the Koler variant will send an SMS message to all contacts in the device's address book.

Patch for Windows flaw can be bypassed, prompts temporary fix from Microsoft

Patch for Windows flaw can be bypassed, prompts ...

The Windows zero-day received a patch last week, but the fix can still be bypassed by crafty attackers.