AUSTIN (KXAN) — Google and Seton’s parent company Ascension will work together on the project “Nightingale.” The two companies will share data in the hopes of getting better healthcare results and creating special pilot projects.
The Federal Government has launched an inquiry into the project.
Eduardo Conrado, VP of Strategy and Innovations for Ascension, wrote in a blog post the healthcare company will share clinical data and host it in the Google Cloud Platform.
“Google is not permitted to use the data for marketing or research purposes,” wrote Conrado, saying soon all healthcare companies will be hosting information in the cloud and this new project will be in compliance with Health Insurance Portability and Accountability Act Regulations, known as HIPAA.
“This is standard practice in healthcare, as patient data is frequently managed in electronic systems that nurses and doctors widely use to deliver patient care,” Conrado wrote, “Our data will always be separate from Google’s consumer data, and it will never be used by Google for purposes such as targeting consumers for advertising.”
The companies hope to pull clinical information from many different systems into a consolidated view so medical workers can see all the information on a patient available in one place.
Artificial intelligence will be used at certain points but final decisions will be made by humans, according to Ascension.
In a blog post from Google, the company also answers some questions. According to Google, it’ll focus on three things in this partnership: shift Ascension’s infrastructure to the cloud which will allow on-site data to be shared through “their own private and secure Google Cloud environment,” use Google’s G Suite product to communicate in real-time, and extend tools to doctors and nurses.
Google did not disclose how much the companies made from this agreement but confirmed this was a commercial contract and Google is charging Ascension for the deal.
Brad Gold, a lecturer on data and privacy at the University of Texas’s McCombs School of Business says since there is no one public agency charged with regulating data, and that people’s views on the deal will hinge on the reputation of the companies.
“The data sharing in the business world has been going on for several generations but the scale at which it’s happening is increasing and consumers are becoming increasingly aware of it,” Gold said. “It’s not to say that patients wouldn’t be the priority of Google, it’s just not how they were originally set up as a company. So I think a lot of the concerns are coming from the place of not that this is necessarily new but the scale and the implications of how this is happening is what’s concerning people.”
Gold says several states and the Federal Trade Commission do some regulation of data but most of the public sector has been behind major private companies.
“In terms of having a cohesive central place, no that doesn’t exist yet. That’s part of why I think consumers are concerned because we want the organizations that are doing this to make sure they are doing it responsibly,” said Gold.
About privacy concerns, the Google blog gives the following:
- “Data is logically siloed to Ascension, housed within a virtual private space and encrypted with dedicated keys.
- Patient data remains in that secure environment and is not used for any other purpose than servicing the product on behalf of Ascension. Specifically, any Ascension data under this agreement will not be used to sell ads.
- There are access logs for any individual who might come in contact with PHI in the process of helping Ascension configure and test tools, to ensure all policies are followed.
- Finally, these systems are included in Google’s annual compliance audits for ISO 27001 certification and SOC2/3. These are procedures in which external auditors check that we have the systems and processes in place to guarantee access control, data isolation, logging, and auditing.”
The Texas Medical Association said patients should know and understand their rights when it comes to private health information. TMA President Dr. David Fleeger said when people agree to share their information, it should be for a “specific use and for a specific period of time.”
“We must start by breaking through the confusing verbiage,” Fleeger said. “Patient ‘data’ is your medical record. It’s your most personal information. Always remember, the primary purpose of your medical record is to help your medical team take good care of you. It’s private information, and your privacy must be protected. Any effort to improve quality must first do no harm by breaching your privacy. This is a matter of trust.”
He added that “we must guard against anyone misusing your data to set medical care guidelines based on what is best for someone’s bottom line versus what is scientifically proven to be best your health.”