Nothing against Google, who provides some great services, but if I knew anything about my heath records were going anywhere near Google - I'm out.
First, Google does not have a good track record when it comes to security. Or privacy for that matter.
Another concern is that the aggregation of so much data makes the system a more attractive target for attackers. Many smaller systems avoid attacks simply because there isn't enough value in a targeted attack (sad, but true). Put millions of records together in one place, and kiss you may as well blog your medical records right now.
I am concerned with more than identity theft. If your credit card number is stolen, you can cancel it. If you are an HIV-positive patient, or on anti-depressants, or simply someone who values what little privacy really matters, this should scare the heck out of you.
