Tuesday, May 20, 2008

Google Tentacles Grad Hold of Healthcare

Ars Technica formally announced it's acquisition by Conde Nast, which seems to tilt it more in favor of Ars Technica staying as is, only with deeper pockets. A hint of hiring, too, perhaps...

But the big news today is the public (beta) launch of Google Health, which, you can imagine, has added more fuel to the privacy fire. There are posts from the usual suspects, the Official Google Blog, Tech Crunch, Ars Technica, NYT, Tribune via AP...list goes on. Google Health was being tested by the Cleveland Clinic, and not surprisingly, there was a waiting list for the limited number of open slots for the test. The thinking seems to be that Google has built a strong brand, a trusted brand, so people will flock to the service without giving it a second thought. Those who do stop and think for a second ask: what about HIPPA?

Most people have heard of HIPPA, or the Health Insurance Portability and Accountability Act; it's impossible to see a doctor without signing something about it, but few understand exactly what it does. In a nutshell, it protects your health care information by setting standards for electronic transmission or exchange of data, it protects your health insurance coverage if you find yourself out of work or change jobs and has various other rules, such as privacy, transaction and code sets, etc. You can read a simplified version from Wikipedia, or the whole statute. There is also a section on the HHS Office of Civil Rights website.

HIPPA, you'll notice, is mysteriously, or perhaps purposefully, missing from Google Health. Actually, you can't even access Google Health without a Google Account, which makes sense after you've read the first point of their Privacy Policy:
You control who can access your personal health information. By default, you are the only user who can view and edit your information. If you choose to, you can share your information with others.

So unless you have my login information, you can't access my health information, or any other Google service normally accessed through a Google Account. Makes me feel slightly more secure, but then there is point two:
Google will not sell, rent, or share your information (identified or de-identified) without your explicit consent, except in the limited situations described in the Google Privacy Policy, such as when Google believes it is required to do so by law.

That makes me nervous. Having studied Google's Privacy Policy as part of my grad school education, I'm leary about Google products that store rather personal information. Yes, I use Blogger, I use Gmail, I use Google Docs, but not for anything I consider to be sensitive information. I don't, for example, keep track of my expenses through Google Docs. I don't do more than share and collaborate on documents that have little or no value if my account were to be compromised.

So its privacy policy is a little too open-ended for me. I like how it explicitly states that it will notify users of acquisitions, mergers and the like that may involve the transfer of personal information, but it says nothing about notifying users if the government, or some legal entity requests user information. I also find the wording of the "consent" phrase interesting:
We have your consent. We require opt-in consent for the sharing of any sensitive personal information.

It says "we have your consent" and then says opt-in is required. Not that opt-in is required and therefore, once you have opted-in, you have granted consent. Just the first phrase implies that once you create a Google Account, you have given them consent. How's that for being blunt.

Anyway, back to Google Health. The Privacy Policy for Google Health lists out the ways in which you, the user, control your information. You can delete information, and grant access, which basically means you open the flood gates. Surprise surprise. It expands on this, stating that if a website makes a copy of your information and stores it, then your information is now subject to that website's privacy policy, including HIPPA if the site owners must abide by HIPAA. Sounds as if you might be safer going with those that must abide by HIPPA. And, naturally, Google has its disclaimer about third-parties and not being liable..blah blah blah. I'd be curious to see how well that holds up if a site is infiltrated, and that infiltration leads to the hacking of Google Health. Imagine the treasure trove of information available. Yikes! Only need to think about the banking system to see how one might position oneself into such a situation.

It does seem as if Google Health is positioning itself as nothing more than a platform, but I'd wager this is only the start. It's too early to see what will really happen with Google Health. The privacy issues are expected, but people seem rather willing to trust Google, to a point. And there is something attractive about being able to access your health information from a central location.

And it may stay that way, for awhile, until a breach occurs or something happens that requires legal action but, alas, there is no legal recourse. Some creative lawyering may be needed.

The more I think about it, the more Google seems like the online equivalent of the Walt Disney Corporation: a country unto itself.

Friday, May 16, 2008

Ars Technica Has Been Acquired

I've been a fan of Ars Technica since I started studying IT and Privacy Law. The website has some excellent in-depth articles on current legal tech issues, as well as some really in-depth technical articles. I always learn something new when I visit the website, or gain a deeper understanding of something I already know.

There were a few moments when I caught myself wondering how Ars Technica can stay independent. It's a treasure trove of information, who wouldn't want to acquire it? But there was solace in the fact that it was independent, free from the corporate media tentacles that have acquired a taste for sucking the life out of free speech. There seems to be an agenda, and it is sold to the highest bidder.

So imagine my surprise when I saw this article on TechCrunch discussing the acquition of Ars Technica by Conde Nast/Wired. When the shock passed, and I read the post, it does make some sense. I've always thought Ars Technica the more...how should I put it...smarter version of Wired. Nothing against Wired, I read that too, there was just something more inviting, less busy, about Ars Technica. I'd read it first before Wired.

It's too early to do anything more than speculate, and speculating wouldn't do Ars Technica, or Conde Nast, justice. It will be interesting to see, however, what happens. It's possible there is now more fuel to add to the argument of media no longer being independent, even with the advent of the Internet.

But who knows. Perhaps Ars Technica will remain as is, just with deeper pockets which will allow it to improve and expand its offerings. So where do I send in my application for employment?

Wednesday, May 14, 2008

ZoHo Just Gets Better

I was browsing TechCrunch this morning, and came across this post about ZoHo now letting you login with your Google or Yahoo ID. That's awesome!

I've said it before, and I'll say it again, ZoHo is a better suite of online apps than Google Docs. ZoHo is more feature rich, and it continues to demonstrate that it can use others APIs and applications more efficiently than companies than create them. ZoHo beat Google at its own game by using Google Gears to bring offline capability to its products before Google Docs. Now it is using other Google APIs and Yahoo APIs to make the process of logging in easier, and my guess is this only the start.

Perhaps ZoHo has improved its email feature now, too. The nice thing about Google Docs was that I could email my paper in Word to any email address. With ZoHo, I could only email it to myself, which then meant I had to forward that email to a professor; an extra step that made using Google Docs more worthwhile.

OK. Must go try logging in to ZoHo with using my Google account.

Saturday, May 10, 2008

Another Take on Data Portability: Job Apps

I never really paid much attention to the noise of data portability, I kind of like having my information in separate places, even if it is redundant information. But at least if one is compromised, the whole pyramid doesn't collapse. Reminds me of that eBay account comprise post. But now that I've put out roughly 100 job apps, and had to type the same information roughly 100 times, I'm starting to rethink this whole concept of data portability.

Sure, it seems to apply mostly to social networks, and it's hard to think of good reasons regular people should care as this Social Web post explores, but for the 350,000 people like me who suddenly find themselves unemployed, data portability starts to make some sense.

Job applications, regardless of whether filled out in paper form or online, all require the same information. And, if you pay attention to the small number of companies that are used, like Brass Ring, you would think people would catch on. Instead of having to enter your information repeatedly for each job at a different employer that uses Brass Ring, or some such company, why not be able to enter your information once, and if it meets criteria, send an alert to the respective HR person.

This is basically a half baked idea in my head at the moment, but I'm convinced there is a better way to send out job applications, a better way to fill out what amounts to the same form, regardless of employer. You'd think, by now, Brass Ring would be able to fill in my information for me. About the only thing that varies is the cover letter.

I'm finding it difficult to grasp that in this age of "automization," no one has figured out how to automate the job application process. There really must be a better way, and perhaps data portability is a way, or a means to a better way.

Perhaps after about 100 applications, this will become a more concrete, coherent thought.

Thursday, May 8, 2008

Plenty of Time to Ponder

OK. So it has been a few months since my last post. Working full time and going to grad school part time really does eat into one's, well, time.

But, due to circumstances beyond my control, I now have plenty of time on my hands, and time to sit and ponder. There is quite a bit to consider. Take, for example, this TechCrunch article showing that people spend most of their computer time using Microsoft products. Not really a big surprise there, but what is interesting are things that are missing, and things I used (and use even more now) every day.

Meebo, for example. It's a pretty nifty online application that lets you manage all of your instant messaging clients right from a Web browser. I have friends you use AIM, others who use YIM, GTalk and even ICQ. Since downloading any of those apps would violate company policy (while on a company laptop), Meebo made it possible for me to communicate and without violating company policy. I'm such a fan, I use it on my own laptop as well. Now if only there was a mobile version...

And it seems as if communication tools beat out all others in the battle for time. From a business perspective, this makes sense. Business is communication, and in this tech-driven age with remote offices and telecommuters, communication tools are even more essential. I, for one, am a bigger fan of chat and email than phone calls. It's easier to multi-task when communicating via chat or email.

In other news...Facebook and 49 states (Texas being the only hold out) struck a safety and privacy deal, according to TechCrunch. That will be very interesting to watch. Firing of associates is big news over on the WSJ's Law Blog, which is an enjoyable blog, as is the WSJ's BizTech blog. They are waging a small war over tech jargon. Just goes to show how writers are starting to forget that search engines are not the primary audience, and that the semantic Web does, indeed, exist. Simplicity of language is still the best route, so best of luck to the BizTech blog and it's fight against tech jargon, or mumbo-jumbo.

And how can anyone forget the recent dissolution of the Microsoft-Yahoo deal, dubbed MicroHoo. I still don't know what to think about Yahoo outsourcing its search advertising to Google. Anti-trust implications, possibly. Helpful to Yahoo but hurtful to the search market, possibly. Is Microsoft finished? Certainly not. It does need to improve its Office Live application as it is not nearly as easy or intuitive as Google Docs or ZoHo. Personally, I think ZoHo is one of the best kept secrets on the Web.