HealthVault: Abusing vs Implementing Standards.

Microsoft, of all the companies that might consider creating a PHR, is especially problematic. Microsoft has a long history of standards abuse.

Lets consider a parallel issue to the “personal health record”, personal email. I use gmail and have used yahoo mail in the past, but for this example lets pretend that I used Hotmail, a Microsoft Product. Hotmail users trust Microsoft to protect and store potentially sensitive personal email data. I currently have at least a gigabyte of personal messages on my mail account. At this rate I will have at least 100 gigs of messages assuming I die of old age. What if my wife (who will likely outlive me given that she is younger and averse to simple sugars, cholesterol, sodium and saturated fats in a way that I am not) wanted to ensure that my emails survived Microsoft’s eventual demise? After inheriting my password, my wife could download everything via Hotmail’s POP3 service. She could download my emails to a proprietary package like Outlook, or better yet, a GPL email application. She could transfer them to another service that she trusted, like gmail.

By leveraging Hotmail’s POP3 interface she would be taking responsibility for the continued storage of my emails, and ensuring that my great-grandkids could know for certain exactly how many time the Nigerians contacted me with a special offer because they trust me so much.

But what about my “HealthVault” account? How could my wife ensure that my great-grand kids know about last months cholesterol results? Knowing my cholesterol history is going to be vastly more relevant to them, then the time and place of last week’s LAN-party. To make this possible Microsoft would have to export the data in a format vastly more complex than POP3, perhaps something like the Continuity of Care Record CCR.

The problem with formats like CCR is that they are not strong standards and suffer greatly from the dialect problem. The dialect problem is when the “implementations” of a “standard” differ enough to make them incompatible. When a person from Australia, England, and the US speak English to each other they typically understand each other, because the dialects of English are close enough that they are compatible. Alternatively French, Spanish, and Italian technically could be considered “dialects” of Latin, yet obviously speakers of these languages cannot, without translation, understand each other completely. CCR and the other electronic medical languages are currently suffering from the dialect problem. Show me two HL7 implements and I will show you two systems that cannot communicate without “translation” work. (BTW the FOSS way to solve this problem is with Mirth, which is an HL7 router) Protocols that suffer from the dialect problem so much that they typically cannot communicate effectively without extensive configuration can be thought of as “weak standards”. Protocols that are not impacted negatively by the dialect problem are “strong standards” (a good example of a strong standard is the TCP/IP protocol and FAX protocols)

Microsoft is famous for incorrectly implementing standards and creating new incompatible dialects. Microsoft has done this even when it goes in the face of a previously strong standard. Then they use their monopoly position to push adoption of their own dialect of a standard. Adoption of the Microsoft dialect then increases the reach and influence of the Microsoft monopoly, which increases Microsoft’s ability to enforce their own dialects, etc etc. In fact when concerning a previously strong standard, this has been famously called Microsoft’s embrace, extend and extinguish strategy. If you have no idea what I am talking about then Google for the history of Microsoft’s implementations of Java, Kerberos and Javascript.

Not only has Microsoft not committed to implementing and not abusing a standard import and export format, it is making moves to create a proprietary standard in the place of CCR. HealthVault already has a MSDN page where you can learn how to “interface” with the Microsoft PHR. Microsoft intends to create a community of “Programs” within Healthvault by which third parties can further process medical data. Those programs will interface with Healthvault in a fashion that will create a “de facto standard” that Microsoft will abuse. (For more on this research the history of the Microsoft Word format, which is a good example of a Microsoft format that became a de facto standard which Microsoft subsequently abused) .

3 thoughts on “HealthVault: Abusing vs Implementing Standards.

  1. Yes, it is a worry and something to be carefully watched. Besides regulation, or getting the word out, I’m not sure there is any other way to preventing MS, or another large company, from controlling the situation.

    I had thought a FOSS community that out innovates proprietary systems would be a solution, but I am not sure.

  2. Someone left an excellent comment that attacked my conclusion that Microsoft abused standards. They indicated that Microsoft was innocent in the cases of Java, Kerberos and Javascript. However the commentor posted this anonymously. I would like to invite that person to repost the comment with his/her real email or to email me and I will add their real email to their previous post. I do not mind people disagreeing but I will not reply to “anonymous cowards”.

  3. Microsoft even getting involved in biomedical ontologies and standards? HA! Good luck with that. Anyone looked at the complexity medical data standards recently? “Abuse” is not the term I’d use. “Botch” is better.

    Microsoft and PHRs? HA! One of the many “false assumptions” about PHRs is that the lay public has the ability to interact with complex medical data in a meaningful manner and can help steward that information when people often don’t do it well with old-fashioned pencil and paper. The companies like MS that are looking for “an easy next big thing may have been “had” — by people with great ideas, presentation skills and the ability to start fads but who lack depth in understanding social issues in informatics. Microsoft’s core competence is not medicine, nor biomedical informatics, as far as I recall.

    Microsoft and EHRs? HA! Most of the EHR market is mismanaged due to the “religion of technologic determinism” and the related phenomenon of “computer idolatry.” Computer + MBA + software engineer does not produce products that turn doctors into Marcus Welby. Far from it.

    Metaphors aside, see “Sociotechnologic Issues in Clinical Computing: Common Examples of Healthcare IT Difficulties” at .

    You will be reading that which the HIT industry doesn’t want you to know – and which companies like Microsoft ignore thinking that if they can write an OS, then how hard could an electronic medical record be? After all, if you have the right tools, how hard could it be to generate nuclear fission at home?

    (After all, if you understand nuclear fission,

Comments are closed.