Google has covertly acquired health care records of millions of patients, without their approval.
It has been revealed that Google and Ascension, a Non-profit Catholic health care provider, were jointly involved in a secret data-gathering project called “Nightingale”. The report was also quoted that neither the provider’s doctors nor patients were made aware of the ongoing project.
The Wall Street Journal reporter Rob Copeland concluded that data amassed in the program includes lab results, doctor diagnoses, and hospitalization records. The data include a complete health history, patient names, and dates of birth. Almost 150 Google employees may have had access to private data.
The New York Times also expressed similar concerns and was quoted as saying “dozens of Google employees” may have access to sensitive patient data. There are concerns that Google employees may have downloaded some of that data without the knowledge of either company.
But despite all this data exploitation, it came out as a surprise to many that this kind of data arrangement agreements between health care providers and tech companies is a common phenomenon, and what happened, in this case, is no different.
A Google representative argued that “the only purpose of such an agreement is to provide services back to the health care provider, and that it didn’t announce it was doing so earlier because work was in the very early stages”.
All this is happening in the backdrop of the fact that a lot of firms these days use information technology to bring optimum level of productivity and ensure the efficiency and effectiveness of their services.
Google partnered with faith based health care provider Ascension, which operates over 2500 hospitals across the States and District of Columbia to improve its services. The company is using data from the system to design software that tailors individual patient care using “advanced artificial intelligence and machine learning.”
Google’s response
To assuage panic among the public amidst all the outcry, Google has issued an official statement (you can read the full post here) later in the day, confirming that “Nightingale” is the name of its health project. “To be clear: under this arrangement, Ascension’s data cannot be used for any other purpose than for providing these services we’re offering under the agreement, and patient data cannot and will not be combined with any Google consumer data,” writes Google Cloud President Tariq Shaukat.
Google insists that the patient data sharing is under the government made HIPAA privacy rules, which does not allow disclosure of any data to third parties. However, once a data is shared it is hard to limit its danger of further sharing.
Transparency, a question!
Prof Jane Kaye from the University of Oxford says “There’s a massive issue that these public-private partnerships are all done under private contracts, so it’s quite difficult to get some transparency.”
Previously, NewScientist has reported that the National Health Service (NHS) has agreed to share medical data with Google for the next five years. It includes sensitive records of patients. The data will be used by Google and DeepMind, another company acquired by Alphabet.
