Bruce Schneier's post on "Unfair and Deceptive Data Trade Practices" pointed out how the RealAge quiz sells your answers to drug companies who then send you spam targeted email.
And this got me thinking about the nightmare of EMR. When your patient data is in color coded paper files, it's a lot harder for abuse. And there are the conflicting interests: the insurance companies who want to spend as little money as possible, the doctors who (hopefully) want you to get better, and those who want to maximize reimbursements (e.g. revenue), the drug companies who want to sell more. But in the end, there is one person who needs to be in control.
And this needs to be the bottom line of any good EMR system. The patient is in control. But data exists in many different silos of information, held by different parties, for different purposes. In reality this is a policy based data access problem.
The solution in "Just in Time" patient data. If you check into an ER, the attending physician should be able to pull together all relevant information real time. When done, it goes away. The monolithic solutions proposed by Walmart and Google are doomed for failure from the beginning. There is no way people want to put that much information in just one place. Ripe for abuse. (remember the Patriot Act?)
note: or someone steals the information and holds it for ransom.