Members of the House Energy and Commerce committee grilled Pablo Chavez, Google’s director of public policy, and Google attorney Michael Yang for about two hours. After the meeting, several of the Representatives expressed their unhappiness with Google’s answers on a variety of privacy issues — questions brought on by Google’s recent announcement that it will combine all of its privacy policies into one, which will allow the company to share user information across its services.
That last point, according to Representative Mary Bono Mack, may leave Google in violation of HIPAA, a law that protects how personal health information may be shared. Bono Mack explained her concerns to USA Today:
“…say you do a Google search for cervical cancer and you forget to sign out. Are you being tracked across all of the other products, and if so, that’s a violation of HIPPA. We’ve gone to great lengths in our society to protect people’s medical information. That question was raised.”
Bono Mack is suggesting that Google might be violating HIPAA if it remembers the “cervical cancer” search after the user moves on from search to another Google product, like Gmail or YouTube (or any other).
But is Google actually compelled to follow the HIPAA requirements? According to the Health & Human Services website, the law applies to groups that meet the definition of a “covered entity” — health care providers (like doctors and nurses), health plans (like insurance companies and HMOs) and health care clearinghouses.
Google is certainly not a health care provider or a health plan, but is it a clearinghouse? My non-expert reading of the definition suggests the answer is “no.”
Unlike a doctor or health plan, Google Health is not regulated by the Health Insurance Portability and Accountability Act (HIPAA), a federal law that establishes data confidentiality standards for patient health information.
When showing you tailored ads, we will not associate a cookie or anonymous identifier with sensitive categories, such as those based on race, religion, sexual orientation or health.
Bono Mack tells USA Today that there will be more Congressional hearings about online privacy and that she “pressed” Google to be there. But, based on my non-expert reading of the law, the HIPAA angle may not get very far in those hearings.
- No, You Don’t Need To Fear The Google Privacy Changes: A Reality Check
- Google “Myth Busts” Microsoft’s Privacy Claims
- Microsoft Slams Google Privacy Changes With “Putting People First” Ad Campaign
- House Committee Has Privacy Questions For Google; Google Says Bring It On
(Stock image via Shutterstock.com. Used under license.)