A Microsoft-hosted online service called HealthVault offers personal medical data storage and enables users to share selected data with healthcare companies. If widely adopted by patients and healthcare organizations, the service could help lower administrative costs and reduce medical errors in the highly decentralized U.S. healthcare system and give Microsoft and its partners a stronger position in that system. However, HealthVault faces some of the same problems that scuttled Microsoft's earlier foray into online personal data storage, and competitive initiatives have a head start.

Health Data Sharing and Acquisition

HealthVault, currently in beta, is an online service for storing patient data and accessing other types of healthcare information. Microsoft hopes that the service will simplify data transfer for patients, providers, and payers in the fragmented U.S. healthcare system, reducing costs and medical errors. A particular beneficiary will be what Microsoft calls "family health managers"—users (typically women) who manage healthcare records for their families.

HealthVault users access a Web site, where they can view and update healthcare records, and a search engine (based on technology acquired with Medstory) that lets them search their own data as well as healthcare information from the Web.

HealthVault also provides Web-based APIs and an SDK so that Web sites and client applications can access patient data. Several Web applications have been developed by Microsoft partners. For example, patients can upload blood pressure, weight, and other data to evaluate their cardiovascular risk factors, using an application from the American Heart Association and American Stroke Association. Microsoft has developed a Connection Center client utility and device driver model which enables data uploads from several types of home medical devices (e.g., blood glucose monitors from Johnson & Johnson).

Sharing Architecture and Policies

Users who create records in HealthVault become the "custodians" of those records and can grant access to other users or applications. Users can set an expiration time on a grant, but they cannot prevent data they have released from being stored outside HealthVault and remaining available after expiration. HealthVault authenticates users with the Windows Live ID service, which checks that users have a valid e-mail address but does not require other proof of identity. Consequently, a user cannot easily verify the identity of someone with whom they share data.

Microsoft's privacy policy allows the company to mine HealthVault patient data and release aggregated results to advertisers. Microsoft can also disclose personal information to "defend its own rights or property," or to "protect the safety or welfare of others." Organizations whose applications access HealthVault data must sign a business agreement with Microsoft, obtain digital certificates for their applications from an approved provider (such as VeriSign), and get express permission from custodians before disclosing data. However, data released to a third-party application are subject to the application owner's privacy policy, which need not match Microsoft's.

Some Barriers Removed

HealthVault recalls Microsoft's .NET My Services project (code-named HailStorm), which aimed to develop a similar storage service for medical and other purposes. However, .NET My Services never offered clear benefits to customers and partners, and technical and privacy concerns contributed to its eventual cancellation in 2002.

The HealthVault initiative has some advantages over .NET My Services: HealthVault will be funded by paid search results and targeted advertising, a proven business model, while .NET My Services relied on user and developer fees. Also, many more homes have full-time Internet connections, making online data storage more practical.

Nevertheless, the HealthVault service still faces serious reliability, security, and privacy barriers. The service presents a "fat target" to online attackers, and HealthVault depends on Windows Live ID's weak user authentication and Microsoft's loose privacy policy. An operational slipup, like the one that led to the Aug. 2007 failure of the Windows Genuine Advantage antipiracy service, could have devastating effects if it led to the release of patient data.

Moreover, HealthVault is one of many projects to speed exchange of patient data. Major insurers and employers have already created similar systems, and the U.S. Health and Human Services agency is testing a decentralized National Health Information Network run by healthcare organizations. Insurers, employers, and healthcare providers already have some patient data and relationships with patients, something that Microsoft (or any other IT company) cannot readily build from scratch.

However, the HealthVault technology could gain traction for more limited patient data sharing among healthcare organizations. The Microsoft Health Solutions group that developed HealthVault is also testing a separate data integration product (called Azyxxi) for access to patient data inside hospitals and other providers. A future software product that combined Azyxxi and HealthVault could support patient data sharing in closed networks of providers and insurers.

The HealthVault site is www.healthvault.com.

Developer resources for HealthVault are at msdn.microsoft.com/healthvault.

The Medstory acquisition was summarized in "Health Search Engine Purchased" on page 30 of the Apr. 2007 Update.

For background on .NET My Services, see "New Strategy Devised for .NET My Services" on page 20 of the Apr. 2002 Update.