Secretary Leavitt’s Last Word

This is a weird time between US administrations. Senator Daschle is shopping for new hand towels for the Humphrey Building, and Secretary Leavitt is packing up his banker's box. It's a time when we get a lot of last-minute attempts to squeeze in that one last bit of policy - often rushed and poorly thought through (auto bailout, helloooo?). In the midst of this environment, I was surprised and pleased when I saw the Secretary's "Nationwide Privacy and Security Framework" paper that was released on Monday.

This framework is exactly the kind of action that I wish we got more of from government. It describes simple, conceptual, clear principles that citizens should demand of electronic information exchange - without trying to dictate specific features, technical architectures or business models.

Of course, I also like it because HealthVault measures up to the yardstick exceptionally well. Privacy and security of our users' information has been a cornerstone of our systems and strategy from day one:

Individual Access

Virtually all of our work over the last year has been to find more automated and efficient ways of helping individuals collect and organize their personal health information. From fax and file uploads, to paper translation partners like UNIVAL, to dozens of clinical connectivity projects, we are doing everything we can to make sure that individuals have the access they need to take charge of their health.


HealthVault users have complete control over their information and can correct anything they believe to be erroneous within their own records. We also encourage our clinical partners to accept information from individuals - appropriately attributed - to make their own records more complete and correct.

Openness and Transparency

Our privacy principles are available in clear English, front and center on our homepage, and we require clear privacy and terms of use statements from all partners before they can "go live" with HealthVault connectivity, and present these statements to users in a consistent way before they connect to any third-party application.

Individual Choice

The granular authorization model behind HealthVault allows users to choose exactly who they want to see their information, and exactly which parts of the information to share. Nothing is ever shared without specific consent. This combination of flexible, granular rules and explicit opt-in is the magic that we believe will result in real progress.

Collection, Use and Disclosure Limitation

Our partners are obligated to explain to users in a consistent way exactly why they need each type of information they request. Both our and our partners' privacy policies explicitly state the purpose for which data may be used.

Data Quality and Integrity

Our immutable audit trail and support for digitally-signed information in HealthVault delivers an unmatched ability for recipients of information to judge its source and integrity. There is simply no other system available today that offers the level of assurance that HealthVault can in this regard.


HealthVault has been built according to the Microsoft Security Development Lifecycle, regarded as the state of the art in secure software development. Our systems are hosted in secure facilities, and all communication between our systems, internally and with the outside world, is fully encrypted. We conduct internal and independent security and privacy testing on an ongoing, continuous basis.


Microsoft Chief Software Architect Ray Ozzie sent me an email back before we launched HealthVault. He told me that I had better be doing a good job - because I had the reputation of Microsoft on my shoulders. That reputation is worth billions of dollars to our shareholders, and it's hard for me to imagine a more direct accountability than that. We take it extremely seriously.


The hard times we are facing have an upside for healthcare - we simply no longer have the luxury of being lazy and inefficient with the way we manage care. Reliable, secure exchange of health information is critical to making real progress in cutting costs and improving quality. We think we're doing our part, and are glad that Secretary Leavitt is doing his. I hope that Senator Daschle picks up the ball and starts running the same way next month.

The last piece has to come from care providers, payers, employers - all the folks involved in delivering care. The framework and technology are in place -- it's time to start sharing information, and time to start engaging patients as real participants. Demand patient-facing functionality from your vendors. Talk to your patients about how a PHR can help you provide them with better outcomes. And tell us what we need to do to make it easier - we are in.

Comments (2)
  1. K Furtado says:

    Regarding your comment:

    "We also encourage our clinical partners to accept information from individuals – appropriately attributed – to make their own records more complete and correct."

    Does HealthVault offer help or guidelines about how provider organizations can accept information from individuals and attribute the appropriately? Can you provide the link? This is where many of us who want our EMRs and patient portals to connect to HealthVault are getting stuck.  

  2. Sean Nolan says:

    K, thanks for the note.

    The scenarios we generally see where providers accept information from patients fall into three categories: registration (eliminate the "clipboard"); home monitoring (send glucose, bp, weight, etc. readings); and secure messaging ("email my doc"). Each of these impacts the provider workflow in different ways — so it’s helpful first to think about which of these (or others) are most attractive to your practice.

    Ultimately the goal is that providers will be able to expect this functionality from their EMR and portal vendors — we have signed agreements with pretty much every major company out there, and there are many projects at or nearing completion. Unfortunately, that’s also a long haul and will require an upgrade cycle before we hit critical mass.

    Most clinical integrations live today are still focused on getting data TO patients, but there are a few great ones out there that are are pulling information in as well. For example, Connect IQ from Kryptiq is one that handles secure messaging and home monitoring; Covisint provides a great home monitoring interface; NoMoreClipboard does a great job with the (duh) clipboard problem. Information on these and a bunch of other products can be found in the "web application directory" at Of coures, our own enterprise products ( also can pull data from HealthVault.

    Another route — if you have access to technical resources (either in-house or college intern types) — is to build a connector yourself. It’s actually very simple to do so, and there are plenty of samples to get started with at Finally — if you have an idea but don’t have those technical resources, take a look at the "Consultant Directory" on the MSDN site for a list of organizations that have built up expertise around HealthVault development.

    I hope that’s helpful — the reality is that we’re still early, but there are options, more every day. If you would like to speak further about your specific interests or needs, just drop me a note using the contact form on this site — I am more than happy to help as I can.


Comments are closed.

Skip to main content