NHS questions use of patient data by Google AI firm

The senior data protection adviser to the U.K. National Health Service (NHS) has told a London hospital that its sharing of 1.6 million patient records to an artificial intelligence (AI) software developer owned by Google was not legally appropriate, according to a report by Sky News.

The records were provided to DeepMind Technologies -- a U.K. AI software developer acquired by Google in 2014 -- by Dr. Stephen Powis, the medical director of the Royal Free Hospital in London. DeepMind used the patient data to test Streams, a smartphone app designed to detect acute kidney injuries in patients and inform clinicians. The app is now being used clinically by the hospital.

In a letter to Powis, National Data Guardian Dame Fiona Caldicott said that DeepMind received the data on an "inappropriate legal basis," according to the Sky News report. Caldicott pointed out in the letter that there are strict legal protections ensuring the confidentiality of patient records; patients are implied to have consented to sharing of their information only if it was for the purpose of "direct care," a basis that was not valid in the arrangement between Royal Free Hospital and Google DeepMind, according to Caldicott.

While Caldicott did not dispute the value of the app for patients, she said in the letter that in her opinion, "the purpose for the transfer of 1.6 million identifiable patient records to Google DeepMind was for the testing of the Streams application, and not for the provision of direct care to patients," according to the article. As a result, she believes it would not have been within the reasonable expectation of patients that their records would have been shared for this purpose.

In response, Powis told Sky News that "we have been very grateful to Dame Fiona for her support (and) advice during this process and we would absolutely welcome further guidance on this issue."

The U.K.'s data watchdog, the Information Commissioner's Office, is investigating whether the transfer was legal under the Data Protection Act. DeepMind Clinical Lead Dr. Dominic King told Sky News that the patient information was safe. The company operates independently from Google, and no patient data were shared with other Google products and services, he said.

Page 1 of 109
Next Page