Amazon is making another push to get into health care. Yes, again.  

This time, it’s aiming for low-hanging fruit: telehealth, which exploded in popularity during the pandemic. On November 15, Amazon announced the launch of its own telehealth platform, called Amazon Clinic. The service, to roll out in 32 US states, will connect users to health providers to help treat over 20 common conditions, including allergies, acne, and dandruff. 

The concept is simple: The patient will select their condition, fill out a questionnaire, and Amazon will connect them with a doctor to get a treatment plan. The scheme does not accept insurance; the cost of seeing a doctor will be around that of the average copay for a doctor’s visit, the announcement says: “At Amazon, we want to make it dramatically easier for people to get and stay healthy.”

It’s also seemingly another move by the tech giant to know every last detail about your life—even down to whether you’re suffering from erectile dysfunction (one of the conditions that Amazon Clinic will cover). Yet given that Amazon doesn’t have the squeakiest track record when it comes to protecting data, handing the company the keys to people’s intimate health information raises red flags for privacy experts.

If this feels familiar, it’s because we’ve been here before. The launch of this new service comes hot on the heels of Amazon’s takeover of One Medical, a US company described as a “Netflix-for-healthcare subscription” with around 800,000 members. The acquisition proved controversial due to concerns about patient data privacy mostly centered on the simple fact that Amazon would have access to the data. (When news of the $3.9 billion deal broke in July, it prompted protests outside One Medical’s headquarters in San Francisco.) 

At the very least, Amazon Clinic will be bound by HIPAA, the Health Insurance Portability and Accountability Act, which means individual patient records will be protected as soon as a person begins a process with a health care provider. But all the information you provide prior to this—for instance, while searching for a doctor—falls outside of the purview of HIPAA, and is technically open for Amazon to gobble up, says Debbie Reynolds, a data privacy and protection expert who runs her own consulting agency. You aren’t covered by HIPAA until the moment you are in contact with a physician, she says. “The concern is, am I going to start getting marketing as a result of them being able to infer certain medical conditions I’m looking at?” In other words, if you look into treatment for acne, will you also start getting ads for skincare products? 

In an email to WIRED, Christina Smith, a spokesperson for Amazon, says this is not what will happen. She writes that far more customer information than just the contact with their doctor will be treated as protected health information, including the person’s location and provider selection.

Leave a Reply