Google Health Privacy Policy

Last modified: September 2, 2010 (view archived version)

The Google Privacy Policy describes how Google treats personal information when you use Google's products, including information provided when you use Google Health. In addition, the following describes our privacy practices that are specific to Google Health, a service that helps you store and organize your personal health information.

You are in control of your information

1. You control who can access your personal health information. By default, you are the only user who can view and edit your information. If you choose to, you can share your information with others.
2. Google will not sell, rent, or share your information (identified or de-identified) without your explicit consent, except in the limited situations described in the Google Privacy Policy, such as when Google believes it is required to do so by law.
3. You can completely delete your information at any time. Deletion will be initiated immediately, and you information will be purged from your account shortly thereafter. Additional backup copies of deleted information may persist for a short time. Since deleted data will not be restored, you may want to print information before deleting it.

How Google uses your information

1. To store your information in Google Health, you will need a Google Account Google Account. When you create a Google Account, Google asks for your email address and a password, which is used to protect your account from unauthorized access. You can use an existing Google Account or create a new Google Account specifically for this purpose.
2. Google's servers automatically record log information about your use of Google Health (such as number of sign-ins and number of times a link was clicked). This information is temporarily stored in association with your Google Account for two weeks, at which point it is aggregated with other data and is no longer associated with your account. The log information will be used to operate and improve the service and will not be correlated with your use of other Google services.
3. Google periodically publishes trend statistics and associations (such as what is published in Google Trends. Google may use data from your Google Health account as part of an aggregated data set when publishing these trends statistics and associations (e.g., Google has found that certain search terms are good indicators of flu activity. Google Flu Trends uses aggregated Google search data to estimate current flu activity around the world. http://www.google.org/flutrends/). These aggregated data sets do not contain any personally identifiable information.
4. Certain features of Google Health can be used in conjunction with other Google products, and those features may share information to provide a better user experience and to improve the quality of our services. For example, Google Health can help you save your doctors’ contact information into your Google Contact List.

Sharing your information with people and services you trust

1. If you share your information with others, you can view a list of who has access to your information and you can revoke sharing privileges at any time. When you revoke someone’s ability to read your health information, that party will no longer be able to read your information, but may have already seen or may retain a copy of the information.
2. Google Health contains links to third-party service providers that are capable of securely sending information to Google Health. These service providers (which may include your medical providers) may provide information about certain medical conditions or extend the functionality of Google Health in other ways. By creating a link to these service providers, you give them permission to send you information such as medical records, prescription histories, or test reports to your Google Health account.
3. You can approve access for some of these service providers to view and copy your health information. If a service provider accesses your health information and stores a copy of your information, that copy will be governed by that service provider's privacy policy. Others at that facility – like an on-call doctor – may be able to view your information. Google is not responsible for the content, performance, or privacy policies of third-party service providers.
4. Some of these third-party service providers will be covered by federal and state health privacy laws (such as the Health Insurance Portability and Accountability Act, or “HIPAA”), and those laws will govern how they may use and share your information. HIPAA requires (as does Google Health) that you must authorize these providers to send information to your Google Health account. With that authorization, you also give them permission to send certain especially sensitive types of health information (such as mental health or substance abuse records) that are protected by federal and state laws and require special authorization. When you ask Google to send your health information to others, you will also be giving Google permission to send those sensitive types of health information.
5. All entities or business associates covered by HIPAA are contractually required to comply with HIPAA's rules related to collection, use, and sharing of your information. All other third-party service providers are contractually required to abide by the Google Health Developer Policies, which require that they comply with strict privacy standards for how they collect, use, or share your information.

More information

Google adheres to the US Safe Harbor privacy principles. For more information about the Safe Harbor framework or our registration, see the Department of Commerce's web site. For more information about our privacy practices, go to the full privacy policy. If you have additional questions, please contact us any time. Or write to us at:

Privacy Matters
c/o Google Inc.
1600 Amphitheatre Parkway
Mountain View CA 94043 (USA)