Google's controversial DeepMind deal for 1.6 million NHS patients' data called legally 'inappropriate'

Crucially, the Streams app was under development when the agreement was made

Aatif Sulleyman
Tuesday 16 May 2017 08:20 EDT
Comments
The ICO is close to concluding an investigation into the legality of the deal
The ICO is close to concluding an investigation into the legality of the deal (Getty)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Google’s artificial intelligence division received the medical records of 1.6 million people on an "inappropriate legal basis", according to a leaked letter from a top government adviser.

DeepMind controversially struck up a data-sharing deal with the Royal Free Hospital Trust, for the creation of an app called Streams.

In February last year, Google said Streams would help hospital staff monitor patients with kidney disease, but a document obtained by New Scientist caused further concern when it revealed that DeepMind was receiving historical medical data, records of the location and status of patients, and even details about visitors.

A letter leaked to Sky News has now revealed that Dame Fiona Caldicott, the head of the Department of Health's National Data Guardian (NDG), has also questioned the legality of the deal.

Patient data and confidentiality are protected by strict rules, but patients are “implied” to have given their consent for data-sharing if it’s shared for the purpose of “direct care”.

Streams was in testing when the deal was struck, and therefore wasn’t actually ready for medical use, according to Dame Caldicott.

“It is my view and that of my panel that the purpose for the transfer of 1.6 million identifiable patient records to Google DeepMind was for the testing of the Streams application, and not for the provision of direct care to patients,” wrote Dame Caldicott in a letter to Professor Stephen Powis, the medical director at the Royal Free Hospital, dated 20 February 2017.

“Given that Streams was going through testing and therefore could not be relied upon for patient care, any role the application might have played in supporting the provision of direct care would have been limited and secondary to the purpose of the data transfer.”

This would render the use of the “direct care” argument invalid, and each of the patients whose data was shared should have been asked for permission.

The Information Commissioner's Office is close to concluding an investigation into the legality of the deal.

"Nurses and doctors have told us that Streams is already speeding up urgent care at the Royal Free and saving hours every day,” a DeepMind Health spokesperson told The Independent.

“The data used to provide the app has always been strictly controlled by the Royal Free and has never been used for commercial purposes or combined with Google products, services or ads – and never will be. Clinicians at the Royal Free put patient safety first by testing Streams with the full set of data before using it to treat patients.

“Safety testing is essential across the NHS, and no hospital would turn a new service live without testing it first. We’re glad the NDG has said that further guidance would be useful to organisations which are undertaking work to test new technologies.

“We also recognise that there needs to be much more public engagement and discussion about new technology in the NHS. We want to become one of the most transparent companies working in NHS IT, appointing a panel of Independent Reviewers, embarking on a major patient involvement strategy, and starting a groundbreaking project called Verifiable Data Audit. We believe that these steps are helping to set a new standard of transparency across the health system.”

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in