Posted by Frank Torres 
Consumer Affairs Director

Information about our personal health is arguably the most sensitive data we own.  From chronic conditions to medications to genetic makeup, our personal health information reveals intimate details about who we are, what we do, and what we may be like in the future.  As a result, ensuring its privacy and confidentiality is a principle that simply cannot be compromised. 

The Congress has started an important conversation about how to balance progress and privacy: Progress toward building an electronic health system and protecting the privacy of those who are part of it.  As part of that conversation, Michael Stokes, Principal Lead Program Manager for Microsoft HealthVault, testified earlier this week before of the Senate Judiciary Committee to provide our view of how this can be done at a hearing titled “Health IT: Protecting Americans' Privacy in the Digital Age.”

Microsoft has been working closely with the advocacy groups focused on patient and consumer privacy.  We share the same focus on placing consumers in control of their health information, and making that information secure and private.

At Microsoft, we envision a healthcare ecosystem that places patients at the center of a protected and connected network, with everyone having the right information at the right time to make the best health decisions.  Health data is the precious asset that drives the system. 

We also understand that for the system to succeed, participants must be willing to share health data.  Because health data can be highly sensitive, consumers and healthcare providers will only share data if they trust that their privacy will be protected.  When trust is established and data flows freely, everyone – notably consumers and healthcare providers – stands to benefit.

The necessary components of this trust are transparency, control, and security.  Transparency can help stakeholders understand how their data is used.  Control can help stakeholders manage their data effectively.  Security can give stakeholders the confidence to adopt health IT innovations. 

Transparency, control, and security protect privacy in ways that are flexible enough to accommodate all stakeholders in the healthcare system, not just consumers.  These principles are also sufficiently flexible to support today’s complex mixture of legacy technical solutions and business models.

It was encouraging to see a broad consensus around the hearing room both about the considerable potential of health IT to improve medical outcomes as well as the importance of trust to assuring adoption and engagement. We saw an almost universal enthusiasm from both Senators and witnesses for the stimulus bill as a singular opportunity to “get it right” in terms of health IT privacy…and so now we wait to see how our legislators strike a balance that serves the privacy needs of both consumers and providers.