Comparing Google Health with HIPAA-compliant Electronic Health Records

There has been a surge in the number of Electronic Health Record configurations that have been introduced in the healthcare industry. However, not every healthcare facility has endorsed them since some put forth minor technological challenges and some are operationally tedious. However, the Google Health service is witnessing an increasing acceptance particularly among the individuals who want personalized access to their medical records. Google Health has emerged as the perfect bridging medium between the healthcare professionals who are still apprehensive about using electronic health records and patients who have been waiting for an undemanding method of accessing their own medical history. It is worth mentioning that although Google Health has gained acceptance among the people and it does endorse the highest benchmarks for protecting the personal and health-related information of an individual, it is not regulated by the rulings of the federal-controlled Health Insurance Portability and Accountability Act or the HIPAA. Since, Google Health does not provide services to the healthcare professionals, it is under no obligation to abide by the standards set by HIPAA.


However, Google Health has itself ensured that it is able to provide data security standards that are at par with the medical record retention yardsticks that are set by federal rulings of HIPAA. There are many individuals and healthcare professionals that might deem the non-HIPAA compliance feature of Google Health as a deterrent for choosing it as the preferred mode for maintaining their medical records. This is why it is necessary to be make an educated decision by equipping oneself with the basic differentiating aspects between HIPAA-compliant Electronic Health Records and Google Health’s method of functioning:

Access to Individual Medical Records
HIPAA — a patient has the liberty to request a copy of his medical records from his healthcare provider. The process is a bit demanding since it requires some typical paperwork to be completed and in some cases, it may also need the deposition of a token fee for copying/printing the personal health record.
Google Health — gives every registered user absolutely unargued and free-of-charge access to his medical records since they are saved in an online Google account and can be accessed at the sole discretion of the user.

Nature of Medical Information
HIPAA — there are some limiting rulings under HIPAA, as result of which only Personally Identifiable Information is saved for immediate or future reference. There is some apprehension regarding the use of HIPAA-compliant electronic health record system since de-identified information of a patient can be shared with third parties under some intricate HIPAA clauses that are beyond the comprehension of an average individual.
Google Health — here, both kinds of information, i.e. personally-identifiable and de-identified is protected with a very stringent Privacy Policy. Sometimes Google may use the conclusions interpreted from logs of its electronic health records to publish Google’s patient information access trends but this does not include displaying or sharing any user’s medical history records.

Degree of Information Sharing Permitted
HIPAA — being dictated by federal rulings, healthcare providers can be forced to share medical and related personal information of a patient when such information is sought for legal purposes such as subpoenas. Further, HIPAA allows healthcare professionals to share patient information under certain clauses of law enforcement even without seeking permission from the patient.
Google Health — being regulated under the ECPA (Electronic Communications Privacy Act), Google does not voluntarily approve of sharing a registered user’s information with law enforcement agencies. However, Google too cannot avoid sharing medical record or personal information when it is legally asked to do so by court orders. However, Google Health makes a more sincere effort in ensuring that the sharing of such information is transparent and the patient is duly informed when such circumstances arise. However, Google Health totally prohibits sharing or selling of its Electronic Health Records with third parties.