One Wall Street Journal reader asserted that Google and Ascension are violating HIPAA:
John Travelstead
This is a direct violation of HIPAA laws. Google has no legal right to obtain personal health information.
The Federal government requires Business Associates Agreements for information sharing of personal health information and data between a vendor and covered entity to occur. GOOGLE QUALIFIES FOR NEITHER AND SHOULD BE REPORTED TO FEDERAL AUTHORITIES AT U.S. DEPARTMENT OF HEALTH AND HUMAN SERVICES. PERIOD.
The wee problem is that even if Mr. Travelstead is correct, HIPAA enforcement appears to be non-existant. The Wall Street Journal reported in 2007 that in a bit over three years, Department of Health and Human Services Office for Civil Rights had received over 23,000 complaints of privacy abuses, yet had taken no action. The only enforcement example listed in Wikipedia is an $885,000 settlement by UCLA over investigation findings that unauthorized employees repeatedly read protected electronic patient health care records.
However, Journal readers (at least as far as I read, and I got pretty far into the hundreds of comments) were without exception very upset about the prospect of Google having access to their medical data. Given that Big Tech is in the crosshairs of more than a few Congresscritters, one can hope that Google and Ascension officials will soon have to ‘splain themselves.