Data guardian criticises DeepMind data sharing with NHS

National Data Guardian writes to hospital over data sharing with Google-owned company

The legal justification used for sharing patient data from a London NHS hospital to Google-owned DeepMind wasn't valid, according to the National Data Guardian. 

Health-data watchdog Dame Fiona Caldicott expressed her legal opinion of the controversial DeepMind data sharing deal in a letter to the head of the Royal Free NHS trust, after being asked for advice from the Information Commissioner, Elizabeth Denham.

The NHS trust teamed up with the deep-learning firm to trial a kidney app called Streams, which is designed to predict organ failure and avoid patient illness. As part of that, the trust shared 1.6 million patient records with the Google-owned British startup, a data-sharing move that was called "inexcusable" by academics who examined the deal. 

Now, it appears our National Data Guardian agrees. Writing to Stephen Powis, medical director at the Royal Free NHS Trust, Caldicott particularly criticised the justification for the data sharing, saying it was implied that it was for patient care - but she noted that's not what the Streams trial was actually about. 

"Taking into account what you have now clarified, it is my view and that of my panel that the purpose for the transfer of 1.6 million identifiable patient records to Google DeepMind was for the testing of the Streams application, and not for the provision of direct care to patients," Calidcott said in the letter, shared Hal Hodson, who initially revealed the data sharing agreement while a New Scientist reporter, and who also co-authored the aforementioned paper. 

"Given that Streams was going through testing and therefore could not be relied upon for patient care, any role the application might have played in supporting the provision of direct care would have been limited and secondary to the purpose of the data transfer," she wrote. "My considered opinion therefore remains that it would not have been within the reasonable expectation of patients that their records would have been shared for this purpose."

Caldicott has shared that opinion with the Information Commissioner as part of the data watchdog's investigation. 

Caldicott added that guidance would be "useful" to organisations looking to test such technologies with patient data, and stressed that her and her panel of experts "keenly appreciate the great benefits that new technologies such as Streams can offer to patients". 

However, she stressed that misusing patient data could delay the use of such technologies. "As I know you also appreciate, wherever patient data is used, it is absolutely paramount that this is done in a transparent and secure manner, which helps to build public trust, otherwise the full benefits of such developments will not be realised, and indeed harm may be done."

DeepMind altered its data-sharing setup with the NHS after the initial round of complaints, and has since set up more trials.

Featured Resources

Consumer choice and the payment experience

A software provider's guide to getting, growing, and keeping customers

Download now

Prevent fraud and phishing attacks with DMARC

How to use domain-based message authentication, reporting, and conformance for email security

Download now

Business in the new economy landscape

How we coped with 2020 and looking ahead to a brighter 2021

Download now

How to increase cyber resilience within your organisation

Cyber resilience for dummies

Download now

Recommended

CVS Health data breach leaves a billion records exposed
data protection

CVS Health data breach leaves a billion records exposed

16 Jun 2021
Researchers send “unhackable” quantum data over 370-mile optical fiber
data protection

Researchers send “unhackable” quantum data over 370-mile optical fiber

11 Jun 2021
New study shows global privacy investments increasing
data protection

New study shows global privacy investments increasing

2 Jun 2021
Misconfigured cloud services exposed 100 million Android users' data
data breaches

Misconfigured cloud services exposed 100 million Android users' data

21 May 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

16 Jun 2021
Q&A: Enabling transformation
Sponsored

Q&A: Enabling transformation

10 Jun 2021
What is HTTP error 400 and how do you fix it?
Network & Internet

What is HTTP error 400 and how do you fix it?

16 Jun 2021