Vince Kuraitis has some very interesting speculation, that Google may be moving into the Personal Health Record Management Biz. I believe this would be a radical move for Google and a big bonus to the US Health Care System.
Centralization of people’s health information is a must. This is not the 1900’s where I may only see one or two doctors in my whole life. I have probably seen 50 doctors in my lifetime and I am only 25 years old. Who knows what it says in my chart in rando hospital in CT where I was treated for Torticollis (Stiff neck but it hurt like hell). My health information is scattered throughout the US, in hospitals, doctors offices, etc. It would take a monumental effort on my part to track down the scattered bits of information to form a full personal health record, but connecting all these dots would make me feel more comfortable with the information out there, and would produce a better medical histories which would lead to better diagnosis…
But after writing the blog post, many people commented on Vince’s speculation, often asking why should I trust Google with this information. Vince “nicely responds to this question, but I would go on to say most people already trust google with important information, maybe not the all sacred Personal Health Information, but important information nonetheless.
Actually I am more scared of someone hacking Google and obtaining my search history, (Yes they keep that info) (man I have had some weird searches), than I am of someone finding out my blood pressure. I understand that people’s health information is incredibly important to them, that is why I would rather have it centralized so I know who is accessing it, and what it says. So i hope the rumor is true.
As more and more medical devices try to become networked entities this creates an added burden on hospital IT administrators. Unfortunately hospital admin’s WS* and in particular SOAP based protocols are gaining traction and becoming the defacto standard. WS Death Star as DHH aptly nicknamed is a complicated standard that has plenty inherent security problems
Paul Prescod states the problem perfectly in this post
SOAP is designed to slip through firewalls as HTTP. There is no doubt that this is a design goal. Microsoft advertises it as such. Don Box (one of SOAP’s inventors) is quite open about this: “if you look at the state of the average organization, they use proxy servers and they use firewalls to prevent normal TCP traffic from making it from one machine to another. Instead, they set up this infrastructure to allow HTTP to work. So part of the problem was replacing the transport, which is the way DCOM does framing, with an ACDP-based transport. That was the first part of the SOAP effort.”
Firewalls exist to monitor activity. To create a standard that makes this harder is ridiculous.
Why ruin a good thing? SOAP adds layers and layers of unnecessary complexity, so much so that most SOAP toolkits have trouble communicating. HTTP is a proven commodity, used billions of time a day, embrace it.
Medical Device manufactures look to a RESTful solution. Don’t be deceived, poorly thought out complexity does not increase security.
