Amazon is increasing its healthcare presence with its planned acquisition of One Medical and its new telehealth platform Amazon Clinic, but privacy experts are concerned about how the tech giant is going to handle protecting consumers' health data, Wired reported Dec. 1.
The launch of Amazon Clinic comes after the company announced that it was planning to take over One Medical, a virtual and in-person primary care company with around 800,000 members. The acquisition was criticized by privacy professionals who voiced concerns about patient data privacy, as Amazon would have access to that data.
According to Debbie Reynolds, a data privacy and protection expert, at the very least, Amazon Clinic will be bound by HIPAA, which means individual patient records will be protected as soon as a person begins a process with a healthcare provider. But all the information patients provide prior to this falls outside of HIPAA, giving Amazon access.
"The concern is, am I going to start getting marketing as a result of them being able to infer certain medical conditions I'm looking at?" said Ms. Reynold.
In other words, if consumers look into treatment for acne using Amazon Clinic before engaging with a provider, will they also start getting ads for skincare products?
Christina Smith, a spokesperson for Amazon, said this will not happen.
According to Ms. Smith, more customer information than just the contact with their physician will be treated as protected health information, including the person's location and provider selection.
Ms. Smith also said Amazon keeps patient health information confidential and secure in compliance with federal law and regulations, and in line with industry standards, and that Amazon Clinic customer data will be protected through the use of HIPAA-compliant encryption methods.
"Protecting patient information is an important part of our business; we are not in the business of selling or sharing it," said Ms. Smith.