Data guardian criticises DeepMind data sharing with NHS
National Data Guardian writes to hospital over data sharing with Google-owned company
The legal justification used for sharing patient data from a London NHS hospital to Google-owned DeepMind wasn't valid, according to the National Data Guardian.
Health-data watchdog Dame Fiona Caldicott expressed her legal opinion of the controversial DeepMind data sharing deal in a letter to the head of the Royal Free NHS trust, after being asked for advice from the Information Commissioner, Elizabeth Denham.
The NHS trust teamed up with the deep-learning firm to trial a kidney app called Streams, which is designed to predict organ failure and avoid patient illness. As part of that, the trust shared 1.6 million patient records with the Google-owned British startup, a data-sharing move that was called "inexcusable" by academics who examined the deal.
Now, it appears our National Data Guardian agrees. Writing to Stephen Powis, medical director at the Royal Free NHS Trust, Caldicott particularly criticised the justification for the data sharing, saying it was implied that it was for patient care - but she noted that's not what the Streams trial was actually about.
"Taking into account what you have now clarified, it is my view and that of my panel that the purpose for the transfer of 1.6 million identifiable patient records to Google DeepMind was for the testing of the Streams application, and not for the provision of direct care to patients," Calidcott said in the letter, shared Hal Hodson, who initially revealed the data sharing agreement while a New Scientist reporter, and who also co-authored the aforementioned paper.
"Given that Streams was going through testing and therefore could not be relied upon for patient care, any role the application might have played in supporting the provision of direct care would have been limited and secondary to the purpose of the data transfer," she wrote. "My considered opinion therefore remains that it would not have been within the reasonable expectation of patients that their records would have been shared for this purpose."
Caldicott has shared that opinion with the Information Commissioner as part of the data watchdog's investigation.
Caldicott added that guidance would be "useful" to organisations looking to test such technologies with patient data, and stressed that her and her panel of experts "keenly appreciate the great benefits that new technologies such as Streams can offer to patients".
However, she stressed that misusing patient data could delay the use of such technologies. "As I know you also appreciate, wherever patient data is used, it is absolutely paramount that this is done in a transparent and secure manner, which helps to build public trust, otherwise the full benefits of such developments will not be realised, and indeed harm may be done."
DeepMind altered its data-sharing setup with the NHS after the initial round of complaints, and has since set up more trials.
Consumer choice and the payment experience
A software provider's guide to getting, growing, and keeping customersDownload now
Prevent fraud and phishing attacks with DMARC
How to use domain-based message authentication, reporting, and conformance for email securityDownload now
Business in the new economy landscape
How we coped with 2020 and looking ahead to a brighter 2021Download now
How to increase cyber resilience within your organisation
Cyber resilience for dummiesDownload now