Developers Warned on Protecting Microsoft HealthVault Data


Microsoft unveiled its HealthVault solution for medical records earlier this month, and now an item is warning developers to be careful about keeping patient records available to outside applications when it's used in "offline mode."

In a posting on the Microsoft Developer Network, a Microsoft program manager writes: "In the offline scenario, the user is prompted to log in once, and the application is then permitted to access the user's data without a future login." As a result, developers are warned:

It is in the interest of both the application developer and the consumer to limit both the breadth and duration of data access to what is essential for the application to provide the full range of services it wants to offer to the user. When an application wants to connect to HealthVault for the first time, the user will always get to see which data subset and access privileges are requested. It is important to understand that applications requesting an offline connection raise the trust bar to a higher level.

Microsoft launched HealthVault earlier this month as a three-pronged service, promising privacy, compatibility and security. The company is also providing a HealthVault SDK to the developer community.

Microsoft is now starting to encounter some of the questions and issues that other vendors have hit when trying to marry technology to the health industry. Beyond privacy and data security, there are still more issues that some are raising, such as from one medical technology consultant:

How is data quality ensured when various applications can read and write that resides on (HealthVault)? Let's say data is edited or a calculated value is generated and then rewritten to HV. Does it overwrite the existing data? If there are multiple sets of the same data, how do you know which set is the best and most accurate data? Do you assume that the most current values are correct? What if they're not? What if that "better" data is not rewritten to HV but remains in the clinical information system in which it was generated - and another application comes along and uses the "wrong" data?

The suggestion being that instead of just a blue screen of death, the discussion could shift to, simply, life or death.