by Thomas Dworetzky
, Contributing Reporter | November 12, 2019
Project Nightingale, a “secret scheme” to transfer 50 million American health records from healthcare provider Ascension to Google has been revealed by the Wall Street Journal.
The data move included names and medical histories of the patients that could be accessed by Google staffers, according to a follow-up story by The Guardian
The whistleblower also posted a video detailing the project
on social media platform Daily Motion that begins with the words, “I must speak out about the things that are going on behind the scenes.”
Quest Imaging Solutions provides all major brands of surgical c-arms (new and refurbished) and carries a large inventory for purchase or rent. With over 20 years in the medical equipment business we can help you fulfill your equipment needs
The Google trove of Ascension data, stressed the reports, is not anonymized by removing personal data through standard de-identification techniques.
The whistleblower shared a presentation of the project that showed it was made of four “pillars” or stages that would lead to a completed transfer of the records of people in 21 states by March 2020.
No patients had been alerted to the transfer. One Ascension worker, reported The Guardian, expressed concerns of individuals downloading patient data — "need to make sure everyone is trained to not be able to do that," the worker wrote in a meeting note concerning the project.
The search giant has cut deals with other healthcare providers beyond Ascension, which has 2,600 hospitals, clinics and other medical outlets. These include smaller organizations like the Colorado Center for Personalized Medicine – although that data was encrypted by the healthcare provider.
The Guardian also reported that the whistleblower — whose identity the paper does not know — expressed concerns, allegedly stating that, “most Americans would feel uncomfortable if they knew their data was being haphazardly transferred to Google without proper safeguards and security in place. This is a totally new way of doing things. Do you want your most personal information transferred to Google? I think a lot of people would say no,” and adding that, “this is the last frontier of extremely sensitive data that needs to be protected.”
Google's healthcare data efforts have raised alarms before. In 2017, 1.6 million records
of patients at the Royal Free hospital in London were obtained by its DeepMind Health efforts in a way that was determined to be on an “inappropriate legal basis” by a U.K. watchdog group.