According to a study published in the Journal of the American Medical Association, roughly 29 million private U.S. health records were exposed by data breaches between 2010 and 2013. In 2015, hackers penetrated the networks of Anthem, America’s second-largest health insurance company, and gained access to the personal health information of about 80 million people.
When these sensitive electronic documents are exposed by hackers, they put people at serious risk for identity theft and other forms of fraud. That’s why Google – a company typically known for taking a hands-off approach to its search algorithms – is taking steps to remove private health documents from its search results.
On Thursday June 22, Google quietly revised its content removal policy to add private medical records to a list of confidential materials that won’t show up in search results. Other items on that list include signatures, social security numbers, credit card numbers and bank account information. In the past Google has taken content removal requests on a largely case-by-case review basis, but recent high-profile data breaches have compelled the company to be more proactive in their approach to privacy protection.
“I think there’s a definite shift happening in Google, albeit very slowly,” said cybersecurity expert Hemu Nigam in an interview with The Washington Post. “That’s being driven by advertisers who pull their ads when they don’t like certain policies affecting their brand. When customers complain, advertisers listen, and therefore Google listens.”
Allowing people’s private medical records to be exposed is bad PR, and the folks at Google know that as well as anyone. Hopefully this new policy of intervention will prevent sensitive medical information from falling into the hands of thieves and scammers in the future.