WSJ: Google was collecting millions of Americans’ health data

The search giant has secretly been accumulating the health data of millions of Americans from 21 different states, in partnership with Ascension.

Google building

Google’s recent acquisition of Fitbit has raised many eyebrows with people expressing their concerns over their Fitbit data. And apparently, people have reasons for concern…

According to the new report from The Wall Street Journal reports, the search giant has secretly been accumulating the health data of millions of Americans from 21 different states, in partnership with Ascension — all without patients’ knowledge.

For those who don’t know it, Ascension is the second-largest healthcare system in the U.S. operating more than 2,600 care sites across 20 states and the District of Columbia. And reportedly, the extent of the information sharing between the two was extensive.

“The data involved in Project Nightingale encompasses lab results, doctor diagnoses and hospitalization records, among other categories, and amounts to a complete health history, including patient names and dates of birth,” the WSJ writes.

According to Google, this program — nicknamed “Project Nightingale” — is entirely legal under federal law and wholly compliant with the Health Insurance Portability and Accountability Act (or HIPAA). While the law does allow healthcare providers like Ascension to share data with other organizations without informing patients, the scope of this information sharing is ideally restricted “only to help the covered entity carry out its health care functions.”

At least 150 Google employees have been granted access to millions of users’ data, with these individuals employed across the spectrum of Alphabet companies and projects. The goal now is to apply Google’s AI processing capabilities on the collected data in order to identify possible changes to the care plans for individual patients. It also aims to serve as an aggregation service for healthcare data, which has historically been mostly decentralized.

The report goes on to suggest that Ascension’s motives are partly altruistic and partly material, suggesting that while the program does enable it to provide better care to its patients, part of the reasoning to share patient data with Google may have been a desire to maximize profits per patient.

“All work related to Ascension’s engagement with Google is HIPAA compliant and underpinned by a robust data security and protection effort and adherence to Ascension’s strict requirements for data handling,” Ascension noted.

After the WSJ article, Ascension announced its collaboration with Google to transition to the Google Cloud Platform and explore AI/machine learning apps to increase consumer and provider satisfaction.