Skip to main content

Can Google Glass Get Any HIPAA?

 |  By Lena J. Weiner  
   April 30, 2014

Google Glass is a hip new accessory gaining acceptance in clinical settings, but before widespread adoption can take place, organizations must ensure that the wearable device is HIPAA-compliant.


Imagine being able to find and view a patient's electronic health record with a simple nod of the head, or being able to maintain eye contact with patients while reviewing their records, or being able to check in on a patient from a remote location as if you were both in the same room.

This technology is already in use by healthcare providers and may be more widespread than you think. If it hasn't already made a debut in an emergency department near you, it will soon. Boston's Beth Israel Deaconess Medical Center and Brigham and Women's Hospital, Rhode Island Hospital, UC Irvine Medical Center, and Indiana State University Hospital are just a few of the organizations that are using Google Glass at least an experimental basis.

"From the patient perspective, there's nothing worse than watching a doctor sit down and type at a computer screen. Glass enables you to meet a patient at eye level," says Paul Porter, MD, a physician at Rhode Island Hospital's department of emergency medicine. "This is a starting point toward a complete telemedicine program," he continued.


Telemedicine's Expanding Options


Rhode Island Hospital is currently using Glass for dermatological emergencies, said Porter. "If it's after hours or the doctor is offsite, or they're otherwise unavailable, it puts [a dermatologist] right in room with the patient at the time of care."

The Science of Compliance
While there are many clinicians like Porter who believe Google Glass and similar technologies will become standard tools in hospitals and doctors' offices, there are also those with concerns about privacy.

While the most common privacy concern is Google Glass's camera, that's the least of a hospital IT department's worries. The camera can be disabled. As a matter of policy, however, work remains. "We're currently investigating how to handle the camera, and investigating whether we need to disable that functionality," said Adam Landman, emergency physician and Chief Medical Information Officer for Health Information Innovation and Integration at the Brigham and Women's Hospital in Boston.

Karandeep Singh, M.D, is a nephrology fellow who is making alterations to Brigham and Women's version of Google Glass in order to make it HIPAA complaint. While he agrees that Glass will be a positive tool for clinicians, he also thinks about how it will change interactions between doctor and patient.

"The patient cannot see what the doctor is looking at. What is the appropriate etiquette for this situation?" he asks. Many patients like to see that a doctor is looking at their chart—they take that to mean that he is reviewing information and properly doing his job. "How will those patients feel when they don't know if the doctor has reviewed their information?"

And given that these devices are small and potentially easily misplaced, security—especially HIPAA compliance—is a major concern.

An Ounce of Prevention
Most organizations using Glass have plans to integrate it with their electronic healthcare records systems. "We're working on a way to integrate with EHRs… It would be helpful to patients, and we're evaluating it as we get to know the technology and ensure there is no threat to security," says Porter.

Landman, at Brigham and Women's Hospital says, "We've built a prototype that can connect to [our EHR] infrastructure, but it's not in use yet." Security is a real concern, especially because the unaltered version of Google Glass sends all information it collects back to Google and allows the company to store that data—in a manner that is definitely not HIPAA-compliant.

"Any patient-identifying information cannot be sent to Google, or any other third party if you want to maintain HIPAA compliance," says Singh. "Our version is unique in that the voice input, which is usually reliant on Google, [is not served] to Google. We work with a HIPAA-compliant provider, Nuance, who provides us with that service. Also, we don't store any information on Glass—that info only lives on Glass as long as it needs to. Currently, we're vetting our version of Glass internally to ensure it'll be HIPAA-compliant," he says.

Other precautions taken have included altering Glass so that it only connect to the internet when inside of the hospital or adding an auto-erase feature for data. As Glass is built on the Android platform, it's fairly easy for anyone with knowledge of Android's API to modify it.

Many organizations also ask that their staff not use their hospital-issued Google Glass outside the organization. "[Google Glass is] a lot of fun. I use it to answer my phone, read and respond to some email, get directions. But not the hospital version, though—I keep that locked up," says Porter.

The consensus among early adopters is that once HIPAA compliance and other security concerns are resolved, Google Glass is poised to become a familiar tool in healthcare, simply due to its relatively low cost and convenience. "I think wearable technology has immense potential," says Landman. "We can look forward to it improving provider efficiency, patient safety, and clinical outcomes."

Lena J. Weiner is an associate editor at HealthLeaders Media.

Tagged Under:


Get the latest on healthcare leadership in your inbox.