Google sparks privacy concerns after absorbing subsidiary with access to NHS patient data

Google will integrate a UK-based health company into its main organization, igniting concerns that the tech giant will misuse NHS patient data that the health company had been given access to.

DeepMind, a company that develops artificial intelligence (AI), was purchased by Google in 2014 and will merge its health division with Google Health, a new venture focused on consolidating the tech giant’s health-related projects.

The partnership aims to turn DeepMind’s ‘Streams’ app into a fully-fledged “AI-powered assistant for nurses and doctors.”

Read more

NHS patient information illegally shared with Google DeepMind

The news has caught the eye of privacy advocates and even government watchdogs.

Last year, the UK's data protection watchdog found that a partnership between DeepMind and the National Health Service (NHS) had violated privacy laws, as more than 1.6 million patients hadn’t been properly informed about how their medical data would be used.

Patient’s hadn’t been told that their private medical data –which may have included details of drug abuse, abortions or HIV status–  would be crunched and analyzed by the Streams app.

DeepMind released a statement pledging to “do better” and established an independent review panel. Now, however, the absorption of DeepMind into Google has done away with that review panel and given Google direct control of patient data. Google claims that the review board was too focused on Britain, when its ambitions are global. Regardless, the tech giant now holds reams of patient data with no oversight.

A spokesman for the Information Commission (ICO) told TechCrunch on Wednesday that the watchdog was “monitoring” the developments involving DeepMind’s absorption into Google, adding that its investigation from last year underscored the importance of “ensuring the original purpose for processing personal data.”

The restructuring appears to completely violate a pledge DeepMind made when it started working with the NHS. At the time, the company vowed that “data will never be connected to Google accounts or services.” 

News of the merger came less than a week after Google hired Geisinger Health CEO David Feinberg to oversee its various health initiatives, including DeepMind, Google Fit, and research and development organizations Verily and Calico. Verily’s projects include using machine learning to analyze patient data, while Calico has been granted a $1.5 billion budget to achieve the lofty goal of “curing death.”

So far, so Silicon Valley. But granting private companies, especially ones as omnipresent as Google, access to medical information could have dire consequences.

After Facebook was rocked by the Cambridge Analytica privacy scandal in March, it emerged in April that the company had sent a doctor to multiple top US hospitals in an effort to convince them to share patient data, including illness and prescription information.

End game for humans? Google AI overcomes top player of ancient Chinese board game Go

Facebook’s project reportedly sought to collect anonymized personal details, which could be then matched up with user data from the social network. The stated goal was to help hospitals figure out which patients might need special care or treatment. While the project was abandoned, none of the patients involved had consented to sharing their data.

Halting the robo-pocalypse? Elon Musk & tech leaders pledge never to make lethal AI

Furthermore, privacy advocates cautioned that having a person’s medical records linked with their Facebook profiles could one day be used against them, for instance by insurance companies or lenders who could deny services or charge exorbitant rates to ill persons.

Think your friends would be interested? Share this story!