Google's efforts to gain access to large numbers of medical records faced scrutiny over the weekend when the Wall Street Journal reviewed its moves in detail in a piece called, “Inside Google’s Quest for Millions of Medical Records.”
The review recounted numerous deals the search giant had cut with a number of big U.S. healthcare providers in its effort to become a dominant player in the patient data market.
“In just a few years, the company has achieved the ability to view or analyze tens of millions of patient health records in at least three-quarters of U.S. states, according to a Wall Street Journal analysis of contractual agreements,” the article stated
, also noting that, “in certain instances, the deals allow Google to access personally identifiable health information without the knowledge of patients or doctors.”
Some of the deals permit Google to “review complete health records, including names, dates of birth, medications and other ailments,” unnamed sources familiar with the deals told the paper.
Google responded to the piece in writing, stating through a spokesperson that, “claiming that Google has access to millions of health records is highly misleading,” and adding that its “healthcare customers own their data, and we can only process it according to their instructions.”
One case, involving a failed deal with Cerner, raised by the paper, suggested that this blanket statement was not entirely accurate.
“Google offered health-data company Cerner Corp. an unusually rich proposal,” stated the paper, explaining that the tech giant “dispatched former chief executive Eric Schmidt to personally pitch Cerner over several phone calls, and offered around $250 million in discounts and incentives, people familiar with the matter say.”
The deal involved efforts by Cerner to find a storage provider for its massive trove of 250 million health records. The Google deal didn't happen; Cerner picked Amazon, instead.
“We could never pin down Google on what their true business model was,” a Cerner executive who was part of the discussions explained to the journal.
In the piece, the 2019 partnership known as “Project Nightingale” with Ascension was also reviewed. That arrangement would have transferred 50 million U.S. patient health recorders to Google
, the journal reported at the time.
The information actually included names and medical histories of the patients that could be accessed by Google staffers, according to a follow-up story by The Guardian.
The Google trove of Ascension data, stressed the reports, was not anonymized by removing personal data through standard de-identification techniques.
The search giant has cut deals with other healthcare providers beyond Ascension. These include smaller organizations like the Colorado Center for Personalized Medicine — although that data was encrypted by the healthcare provider.
Google's healthcare data efforts raised alarms back in 2017 as well, when 1.6 million records of patients at the Royal Free hospital in London were obtained by its DeepMind Health efforts
in a way that was determined to be on an “inappropriate legal basis” by a U.K. watchdog group.
Other partnerships Google has made include one with Mayo Clinic, in September 2019, created to tackle “complex health care problems.” Patient data would remain private and devoid of identifiable personal information, Mayo officials said at the time.
But in fact that deal did allow Google to access identifiable information. “It was not our intention to mislead the public,” Mayo chief information officer Cris Ross told the journal in its latest report.
The article also referenced an interview with head of Google Health, Dr. David Feinberg, which it called his “first extensive interview since joining the search giant last January.”
“I came here to make people healthy, I’m not here to sell them ads,” Feinberg told the paper. “Google is so good at being helpful. We want to be helpful with knowledge, success, health and happiness.”
But he did acknowledge early missteps. At the beginning there was no clear understanding of how the experimental efforts might evolve. “We didn’t know what we were doing,” Feinberg told the publication.
He did acknowledge that there is a credibility issue due to these earlier miscues.
“There’s a disbelief that what we say we’re doing is what we are actually doing. And I think that’s Google’s fault,” he confessed, adding, “there have been missteps, right? We’ve got to own that. And that’s why we’ve got to do even better.”