To that effect, Google has announced a partnership with Ascension, the second largest health system in the US, in a deal that gives it access to personal health datasets that can be used to develop AI-based tools for medical providers. The collaboration — dubbed “Project Nightingale” — comes a week after the company’s acquisition of fitness wearable maker Fitbit for $2.1 billion. It also corroborates earlier reports that it’s working on a Google Flights-like search tool to make it easier for doctors to find medical records.
A data-sharing partnership
Interestingly, the partnership was mentioned in Google’s July earnings call, but it came under scrutiny only on Monday after the Wall Street Journal reported that Google would gain detailed personal health information of millions of Americans across 21 states. The report also said the data involved in the project includes patient names, dates of birth, lab results, doctor diagnoses, and hospitalization records, along with their complete medical histories. The partnership “covers the personal health records of around 50 million patients of Ascension,” the Journal wrote. Google confirmed the deal, adding the arrangement adheres to HIPAA regulations regarding patient data and that it will meet necessary privacy and security requirements. As the Journal noted, HIPAA laws make it possible for hospitals to share data with its business partners without the consent of patients, provided said information is used only to help the entity meet its clinical functions.
Healthcare as a service
“Ascension’s data cannot be used for any other purpose than for providing these services we’re offering under the agreement, and patient data cannot and will not be combined with any Google consumer data,” Google said. Ascension, for its part, said it aims to explore AI applications to help improve clinical quality and patient safety. It’s worth pointing out that the company is not paying Google for these services. For the Mountain View company, the data-sharing project comes with another objective: design a searchable, cloud-based platform to query patient data, which it could then market to other healthcare providers. The legality aside, it’s not fully clear why the sharing terms would include names and birthdates of patients. But this would also mean adequate safeguards are in place to anonymize the information before it could be used to develop machine learning models for personalized healthcare.
Health privacy concerns
This is far from the first time Google’s cloud division has gone after healthcare providers. It has similar relationships with a number of hospital networks, including Dr. Agarwal’s Eye Hospital, the Chilean Health Ministry, Mayo Clinic, and American Cancer Society. Still, the development is bound to raise concerns about health privacy, what with the Journal stating that 150 Google employees may have access to a significant portion of the medical data from Ascension. That’s not all. The tech giant has been scrutinized for improperly sharing patient data in the name of AI research, and has drawn flak for merging Deepmind Health with Google despite the company’s earlier promises to keep its health initiatives separate. Given this checkered history, it shouldn’t be much of a surprise if Google — and other big tech companies — grapple with the privacy and security implications associated with handling health information when they are already in possession of enormous amounts of data about their users. Update on Nov. 13 9:00 AM IST: Google’s data deal with Ascension is now being investigated by the Office for Civil Rights in the Department of Health and Human Services, the Wall Street Journal reported. The OCR said it “will seek to learn more information about this mass collection of individuals’ medical records to ensure that HIPAA protections were fully implemented.”