Google : The Nightingale Project
On November 11, the Wall Street Journal revealed Google’s processing of health data for millions of American patients. The soberly named “Nightingale Project” has aroused multiple reactions, particularly among privacy advocates who see it as another violation by the American giant of human rights.
This project involves the processing of health data belonging to millions of American citizens. It includes medical records, medical analysis results, hospital records, etc.
At the origin of this data processing, the partnership established between Google and ASCENSION, the second health system in the country. To date, nearly 150 Google employees have had access to non-anonymized patient data from across 21 states. All without the prior information or consent of the persons concerned. But surprisingly, this process is completely legal.
US law provides that hospitals have the right to share patient data with partners, without their consent, if the purpose of this sharing is to assist facilities in performing their health care functions. In this specific case, the declared objectives are to improve the hospital software and offer treatment to patients ; objectives which falls within the exception provided by law.
However, this partnership remains strongly criticized, especially because of the nature and amount of data processed. The concerns raised are not only ethical, but also about data security.
Concerns that Google tried to address in a blog post dated November 12, without being convincing.
Moreover, it is the weak protection of personal data in USA legal system which is once again highlighted .