And given that these devices are small and potentially easily misplaced, security—especially HIPAA compliance—is a major concern.
An Ounce of Prevention
Most organizations using Glass have plans to integrate it with their electronic healthcare records systems. "We're working on a way to integrate with EHRs… It would be helpful to patients, and we're evaluating it as we get to know the technology and ensure there is no threat to security," says Porter.
Landman, at Brigham and Women's Hospital says, "We've built a prototype that can connect to [our EHR] infrastructure, but it's not in use yet." Security is a real concern, especially because the unaltered version of Google Glass sends all information it collects back to Google and allows the company to store that data—in a manner that is definitely not HIPAA-compliant.
"Any patient-identifying information cannot be sent to Google, or any other third party if you want to maintain HIPAA compliance," says Singh. "Our version is unique in that the voice input, which is usually reliant on Google, [is not served] to Google. We work with a HIPAA-compliant provider, Nuance, who provides us with that service. Also, we don't store any information on Glass—that info only lives on Glass as long as it needs to. Currently, we're vetting our version of Glass internally to ensure it'll be HIPAA-compliant," he says.