From his role as Director of Health IT for the AAFP, co-creator of the CCR and with his involvement behind the "NDA firewall" with the Google Health team, David Kibbe probably has a better vision than most about what's new and different with Google Health. And he is indeed optimistic.
Much of the discussion about Google Health beta's recent launch as an online PHR or healthURL seems to me to miss the point about what is really new and different.
Here's how I see it:
1) Computability. What Google Health does that no other platform is yet capable of doing is to make personal health data both transportable AND computable. Right now, this is the news. By supporting a subset of the Continuity of Care Record (CCR) standard for both inbound and outbound clinical messages, Google Health beta makes it possible for machines to accept, read, and interpret one's health data. It is one thing to store health data on the Web as a pdf or Word text file, for example one's immunizations or lab results, where they can be viewed. It is a giant leap forward to make the data both human and machine readable, so that they can be acted upon in some intelligent way by a remote server, kept up-to-date, and improved upon in terms of accuracy and relevance. That is what the CCR xml subset supported within Google Health beta achieves for the consumer that is really new and different; this is what HealthVault and Dossia are to date missing.
Right now, those web services are only mildly useful and sort of "toyish" -- allowing the user to create a meds calendar and get email reminders (ePillBox), or setting up preferences for health and medical news searches (MyDailyApple), or suggesting alternative medications to the ones you now take (SafeMed).
But disruptive innovations are often considered simplistic and compared to toys when they first emerge (remember the first Apple computer?) and there is no stopping these developers and these partner companies from making their services more intelligent, more useful, and more convenient to the consumer. Which brings me to ....
2) Rapid design evolution. Google Health beta has established a robust and growing community of programmers and developers eager to attach their widgets, services, and full-scale apps to the Google Health beta juggernaut. Most of the public doesn't see this activity, because it is hidden behind the Google NDA that the developers have to sign, swearing themselves to secrecy about what's going on at Google Health. But it is an enthusiastic, really smart, and tirelessly innovative group of people who have been attracted to the Google Health platform. They are going to help Google's engineers rapidly evolve the design of Google Health over the next few months and years, in ways that are completely impossible to predict, depending mainly on how fast Google Health's operators are willing to move. Design creates value, and value causes infrastructure to change. Modularization of the entire EHR and PHR space may now be possible.
While I recognize that most of the commentary about Google Health beta and Microsoft HealthVault will concentrate on privacy concerns, barriers to data entry, and questions about whether mainstream health data sources will participate or not, I think the disruptive potential has already been unleashed. Watch what happens as the Google Health platform modules and component services grow and start to interact with one another.
User-generated content 
Subscribe!
Privacy concerns: Let's apply the hacker approach to Google Health data to check safety: what is the worst-case hack scenario you can imagine? And how would you defend the system?
On the other hand: How can Google Health help to homeless people?
Here is a suggestion:
http://pimm.wordpress.com/2008/05/23/how-can-google-health-help-to-homeless-people/
Posted by: Attila Csordas | May 23, 2008 at 09:11 PM
David,
My firm represents a company that has created one of the most innovative new applications I have seen in online health. How would I be able to bring it to the consideration of Google to potentially go beyond the "NDA gate"? I think this application could be a tremendous compliment to Google Health.
Posted by: Josh | May 27, 2008 at 05:14 PM
Google Health viewed from a consumer perspective is right on the mark. From the start the user understands the site is about their health. That is Google Health's strongest selling point for the moment. If Google can continue to grow its partner offerings whilst maintaining user centered design perspective they will be successful.
The other item they will need to carefully manage is user experience based medicine (social software meets health care) vs. evidence based medicine.
Posted by: Richard D. Chennault | May 28, 2008 at 03:08 PM
Google Health viewed from a consumer perspective is right on the mark. From the start the user understands the site is about their health. That is Google Health's strongest selling point for the moment. If Google can continue to grow its partner offerings whilst maintaining user centered design perspective they will be successful.
The other item they will need to carefully manage is user experience based medicine (social software meets health care) vs. evidence based medicine.
Posted by: Richard D. Chennault | May 28, 2008 at 03:12 PM
The privacy issue is simply huge. I don't know why the advocates don't get it. The lay people I talk to *all* express concern about it; some flat-out say "No WAY I'm giving them my data."
The two most common concerns I hear are that nobody wants a TJX-style hack-in to happen with their health info, and nobody wants to risk Ashcroft-Rumsfeld-Cheney jerks serving up warrantless National Security Letters etc and giving the data to other govt agencies "and other parties," as authorized by USA Patriot.
The other day NPR had a piece about how some Iraq veterans are going private-pay because they fear what will happen if the military finds out they're being treated for PTSD.
Then there's the issue of Google's corporate integrity. (See the CNet.com episode and China. All this has been discussed at some length on the e-Patients blog and elsewhere, which I cataloged briefly on my little blog.)
Now, perhaps those concerns are completely baseless, but I haven't (yet) heard anyone say why, except "Oh, don't worry about that."
Granted, there are the people who say "Google knows it's not covered by HIPAA, so it wrote its own tougher rules." Which, of course, can't be enforced. Who's kidding whom?
I'd feel a lot better if all the enterprises that want to get into this great opportunity (and it is one) would work to get HIPAA updated to cover their case.
I'm all for technology and its benefits for all of us, especially patients. But I have a very strong feeling that it needs to be done open source, not by someone who will gladly import your data but won't let you export it again. Is there any not-for-profit justification for that policy?
Posted by: e-Patient Dave | June 04, 2008 at 03:43 PM
Sorry, but how is data "transportable" without an easy to access "export" function?
Word to the wise -- if you want to launch a PHR in this marketplace and not bother with HIPAA or other oversight, make sure your data is easily exportable directly from your record itself. If you focus on "import" and leave "export" to others, well, that speaks volumes as to your intent (you can export, but only with pre-approved Google partners -- hardly giving you the freedom over your own health data). Thanks Google Health Advisory Council!!! Great oversight there!
As it is, Google PHR is a non-starter for any open-source advocate ("rapid design evolution" [which seems like marketing 2.0 speak] notwithstanding). Patients want options, not "disruptive" technologies. Again, more marketing-speak and hype. Sorry, but most real patients are a little wiser than that.
Posted by: John Grohol | June 04, 2008 at 06:11 PM
The ability to enter your data and then look at it later is just simply not enough. When there is sufficient value attached, consumers will overcome their apprehension and make the move. After all, consumers have made that transition for their financial relationships. Do consumers feel that the privacy of their medical information is so much more sensitive than their financial information? I doubt it.
From a value perspective, PHR's need to be connected to the patient's care team to be relevant. I see this as a two-way street with clinics and hospitals populating much of the PHR as well as the information in the PHR connecting the patient to relevant local resources for managing their health.
@John Grohol - I've seen the arguement that Google and Microsoft aren't governed by HIPAA as well. I'm not sure if that's strictly true once they're interfacing with Covered Entities. First, they begin to quickly look like Clearinghouses. Regardless, I don't think that providers would be able to send them information without having a Business Associates Agreement which (should) bind them to roughly the same standards as the CE, I would think. Has anyone seen analysis of this issue by someone qualified to make a judgement call on this item?
Posted by: Ben Dillon | June 09, 2008 at 03:08 PM