highly sensitive health data of millions of people to land on the servers of a group that knows more about its users than almost any other company in the world. This group does not save the data only, but gives employees access. Machines evaluate the records and build a giant search engine for health data. Neither patients nor Doctors know about it. And, presumably, all of this is perfectly legal. At least in the United States.

So, to summarise what has been in the past few days by several media reports. the Google works in the United States in 2018 with the health organization, Ascension, the 150 hospitals and thousands of physician practices operates. Coming up March health to land data from 50 million people on Google’s servers. The laboratory results, medical diagnoses, treatment histories, and the hospital includes stays – not anonymous, but linked it with the names and addresses of the patients.

Codename “Nightingale”

“Project Nightingale”, as Google calls the Initiative internally, shows how strongly big Tech companies try to gain a foothold in the health sector. In addition to Google and Amazon, Apple and Microsoft are pushing in this lucrative market, which includes in the USA alone, more than three trillion dollars. So Apple is launching a new Research App to collect health data of users of iPhones and Apple Watches and studies available. The users have to agree explicitly, whether, and for which study data may be used.

Google is developing a Software that suggests how the care of individual patients can be improved.

the “Project Nightingale” first reported the “Wall Street Journal”. The sheet according to the 150 employees should have access to the data. The “New York Times” writes of dozens of people working in the different departments of the parent company, Alphabet. Google even called on a request, not an exact number.

evaluation of artificial intelligence

Internal documents and presentations to show how big the ambitions of the project “Nightingale”. Google is developing Software that proposes using artificial intelligence (AI) and machine Learning (ML), such as the care of individual patients can be improved. It will be a huge patient database, which is reminiscent of Google’s search engine.

The Software automatically completes input of the patient name associated with all the stored health data. Doctors should not only be able to view individual information, but a graphical Time history and records to compare. Google hopes to be able to this infrastructure in the future to other health care providers sell.

The data are not to be used to personalize advertising. All of this happens without the Affected have consented to. Ascension and Google do not need to inform the patient even. The so-called Health Insurance Portability and Accountability Act, a US law in 1996, allows Doctors and hospitals, health data to business partners. However, the information may be used only to treat patients better.

Inadequate protection in Switzerland

Swiss privacy advocates are alarmed: “The Trend towards outsourcing of data processing in the Cloud is also increasing in the healthcare and in the hospitals in Switzerland”, explains Bruno Baeriswyl, data protection Commissioner of the Canton of Zurich. In the process, hospitals would need to ensure that the Cloud providers have no access to the data. “In most cases, this is done consistently, so that it is not excluded that in the Cloud the data by third parties can be used,” warns Baeriswyl.

In Switzerland, patients have more rights over your data. Photo: LAB

According to the Swiss data protection law, provider of data processing programs, are expected to – as in this case, Google – “the data for their own purposes use”, emphasizes the protection of data. And Google wanted to deal independently with patient data in Switzerland, would have to catch up with the group for this purpose, the consent of the person Concerned.

Criminal Act

The same is true for doctor’s offices, stressed the representative of the Federal data protection: “For the private Doctors and other private providers in the medical field, we are of the view that such a cooperation with Google or an other company can be done only with the explicit consent of the patients.” Without this explicit consent of the Doctors, but also pharmacists, would or auxiliary persons according to Swiss law may be held liable.

In the case of the project “Nightingale” reaffirm both parties to the agreement that all data would be encrypted and securely stored and only selected Google employees could access it. Google separating the patient data is strictly information products, such as Gmail or the search engine. The data should not be used to personalize advertising. Google promises not to connect the patient data of the Ascension with the information it receives from other health care organizations.

However, there are doubts as to whether this is actually as harmless as it represent the Parties. Several US senators have expressed concerns: The Democrat, Mark Warner wants to stop the program, until the US authorities to conclude their investigations, that you have recorded on Tuesday.

call for better laws

Warner’s party colleague, Amy Klobuchar calls are evaluated, new laws to regulate more, such as health data. The “Wall Street Journal” quoted-affected patients from Ascension hospitals. They fear that Google wool to earn money with their health data, and would have liked to be informed in advance.

Uses Google data on their servers for advertising? Photo: Thomas Trutschel (TDG)

Even within Google there is resistance. An anonymous Whistleblower released a Video that suggests that Google wanted to use the data to set advertising. For this claim, but there is no evidence. In addition, the Person complained that the data were not sufficiently protected. In the Video you can see the Protocol of an internal meeting at the end of September. Accordingly, employees of Ascension are unsure as to whether all of the data act would be compliant with saved, and you criticize that Google employees could download the data.

Google’s Vision

in The end, the crucial question is: How much do you trust Google? While Facebook must regularly give new data protection violations, Google is noticed at least in public, something rare with failures and scandals.

Google’s Vision of the then chief Larry Page made already in 2014 at a Ted conference: “wouldn’t it Be great if Doctors could have access to anonymized health data by all the people?”, he asked. “We are not thinking about the huge Benefits that can arise if the correct data is shared on the right way with the right people.” Maybe patients can actually benefit from it – but it sure does not hurt to tell them in advance.

employees: Holger Ali

Created: 15.11.2019, 16:03 PM