US President Donald Trump announced a loose plan Wednesday to allow Americans to voluntarily upload and port their medical records across hospitals, clinics, technology companies, and health apps, with broad participation from Google, Apple, OpenAI, Amazon, and more.
While the system could help Americans connect disparate pieces of health data currently siloed behind separate companies and healthcare providers, some privacy experts have warned that the data’s segmentation is in fact paramount to its privacy.
“[This] private health tracking system w/ Big Tech should worry all Americans,” said Georgetown University professor Lawrence Gostin, who also serves as the Director of the World Health Organization Collaborating Center on National and Global Health Law.
“There are few privacy safeguards. Medical records are personal [and] intimate. Health records might be shared with insurers, businesses, ICE, [and] law enforcement.”
But, according to the Trump Administration, being able to more easily share this data is a boon to Americans who want to, say, directly hand their personal Apple Health data to their doctor, or approve certain weight loss providers, like Noom, to obtain access to their medical records.
A total of 60 companies have signed onto the effort, ranging from traditional healthcare insurers such as UnitedHealth to artificial intelligence developers such as Anthropic and OpenAI. The latter group’s participation is part of the Trump Administration’s efforts to roll out AI chatbots that can steer Americans into healthier recommendations for daily living—a goal pushed by Health and Human Services Secretary Robert F. Kennedy following a recent visit to Indonesia.
“There are other apps in Indonesia that allow you to choose good foods when you go to the grocery store and turn your app on on your phone and get information,” Kennedy said at a televised event Wednesday. “Now, if you have your medical records, you can get personalized advice, and that allows you to get better advice about a better alternative.”
Still, the prospect of increasing the accessibility of healthcare data creates new risks.
First, while it is unknown if participating companies can store a person’s data, their access to the new database could make them highly attractive targets for cybercriminals who want to abuse that access to ransack Americans’ sensitive information. Already, third-party companies that support healthcare providers are at high risk for cyberattacks—a reality that nearly gridlocked two ambulance operators after a shared technology provider was attacked.
Further, it’s far too common for companies that already handle medical data to expose private information, like when a radiological imaging provider failed to protect tens of thousands of patient files.
Second, there is also the question about whether the data will be used in new, privacy-invasive ways to track Americans. Already, Americans’ browsing habits, online searches, clicks, scrolls, opened emails, and shopping wish lists are mined for advertising revenue. As warned by Jeff Chester, executive director for the Center for Digital Democracy in speaking with the AP:
“This scheme is an open door for the further use and monetization of sensitive and personal health information.”
We don’t just report on threats—we remove them
Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.
Source link
