Google will now accept requests to remove personal medical records from its search results, adding to a very short list of types of sensitive personal information that the web search giant will not display.
Google made the change on Thursday, the Guardian reported. The company’s removal policy now includes a category called “confidential, personal medical records of private people.” There are only four other categories: Social Security or other national identification numbers, bank account and credit card numbers, images of signatures, and nude or sexually explicit images.
In addition to personal information, the company also accepts requests to remove images of child sexual abuse and honors copyright takedown requests, including those made under the Digital Millennium Copyright Act.
The removable categories of personal information is purposely limited, Google says, because its goal is to “organize the world’s information and make it universally accessible.” Google will not remove dates of birth, addresses, or telephone numbers from its search results in most cases, according to the removal policy.
Google’s decision to honor removal requests for medical records comes shortly after a top Uber executive obtained the medical records of a customer who had been raped in one of its cars in India. Uber fired the executive, one of a string of high-profile incidents that has caused turmoil at the company and ultimately resulted in the departure of its CEO, Travis Kalanick.
Medical records are routinely vulnerable to hacking, and while not all hacks result in the information being posted to the internet, leaked records are not only a breach of privacy but they also pose identity theft and safety concerns, since they often include names, dates of birth, and home addresses.
The latest major medical records hack in the US occurred last month, when 7,000 records from the Bronx Lebanon Hospital Center in New York were exposed.