Google is investigated for collecting unauthorized medical data

O Google is the subject of yet another investigation in the United States. In 2018, the company started to collect medical data from millions of people in the country based on the Project Nightingale, an initiative that aims to create a kind of advanced digital medical record. The problem is that patients have not been notified of Google’s access to their health history.

The database is the result of a partnership with Ascension, which accounts for one of the largest healthcare systems in the United States. Among the data that Google has access to are patient names, birth dates, test results, hospitalization records, diagnosis history, among others.

According to Wall Street Journal, about 150 Google employees have had access to this information since late 2018.

The Pancake of Heaven!  / googleplex photo / where google is located

It is estimated that with this medical data, Google will be able to create an artificial intelligence-based system that, in addition to providing access to each person’s health history, will be able to predict the risks of certain medications or provide doctors with suggestions for certain types of treatments, for example.

Although there is some legitimacy in this movement – artificial intelligence is being increasingly applied to the health area -, critics of the project express concern about the privacy of the patient, especially with such sensitive data involved. The fact that patients and doctors were not previously informed about the agreement only makes the situation worse.

As a result, US regulators have said they will investigate the partnership between Google and Ascension. The main objective is to verify that Project Nightingale complies with American medical data protection laws (HIPAA).

At the Google Cloud blog – one of the main terms of the agreement provides for the transfer of medical data to this platform -, the company explains that, like other organizations, Ascension closed the partnership in order to obtain technology to manage the data of its patients. The company also reports that this work follows strict privacy and security standards.

Google also says that Project Nightingale respects all regulations on protecting patient data, including HIPAA laws, and that the data obtained from this partnership will never be combined with user information that the company holds.

Leave a Comment