GOOGLE HAS been accused of having access to sensitive NHS data on an "inappropriate legal basis" as moral panic over the recent WannaCry ransomware attack on the NHS mounts and spreads into entirely separate issues.
Dame Fiona Caldicott, national data guardian at the Department of Health and senior data protection adviser to the NHS, has sounded the alarm bells. She claimed in a letter to the Royal Free Hospital and obtained by
She claimed in a letter to the Royal Free Hospital and obtained by Sky News that the pilot collaboration between Google's DeepMind arm and the NHS went beyond the realm of the "direct care" of the patient and therefore no implied consent can be taken before passing medical records to a third party.
The details of 1.6 million patients was passed to Google DeepMind, which is using its AI systems to analyse the medical data in the hope of providing quicker diagnosis and more proactive care.
We profiled the programme "Streams", offering proactive analysis of kidney patients through wearable tech, who could then be called to their specialist if there was a risk, not as routine, thus freeing up doctors for urgent cases.
Because the NHS doesn't have direct access to DeepMind's technology, the data has to be shared, and whilst encrypted and not directly shared with Google, in the current climate, alerts have been raised which, unless the hyperbole is removed, be as damaging as a breach.
Put simply, this is the equivalent of the privacy advocate who won't share their data with their iPhone, and then wonders why Siri doesn't work. But multiplied by a life-and-death scenario.
The DeepMind deal had been slammed for lack of transparency, but in real terms, what it represents is a chance to do real good. The data is not being used for advertising purposes, there would truly be hell to pay if it was, but in a climate of fear, many are questioning a very new type of medicine.
It is important to emphasise that Streams is now out of the pilot stage and is up and running under a separate agreement, not affected by this letter, which refers only to the pilot.
Dr Dominic King of DeepMind told Sky News: "It's really important to say that DeepMind is a British company, and although acquired by Google, operates independently. At no point has any patient data been shared with other Google products or services, or used for commercial purposes.
"I think one thing that we do recognise that we could have done better is make sure that the public are really informed about how their data is used."
Nicola Perrin, leading the patient task force at the Wellcome Trust, says: "New digital technologies, such as the DeepMind Streams app, offer real potential to provide better clinical care, but there must be appropriate governance so that everyone can have confidence that patient data is being used responsibly.
The national data guardian raises an important question about the legal basis for using patient data to test a new technology, to ensure it is safe before it is introduced in clinical practice. Such testing is essential, but there must be clarity about the regulatory framework and transparency for patients.
These issues are not unique to the DeepMind-Royal Free partnership, and so we hope the government will provide clear guidance to enable new data-driven technologies to be introduced safely for patient benefit."
We at the INQUIRER have often expressed our passionate belief in the value of health-tech from the wearable upwards. We believe it's very important to draw a fine balance here. This is groundbreaking technology that could, one day see an end to disease - that's the power, and that's what is at stake. But new tech always breeds fear, and as such, it's inevitable that there will be glitches as the law is finalised and the understanding increases.
Calidcott's letter is not meant to be a complete drubbing of the programme, which she actually praises, but rather the way that data was used in its initial stages.
It is also vital that this issue is kept separate from issues like WannaCry, which was caused by dying technology, rather than DeepMind, a product from the bleeding edge.
In short, don't let fear stand in the way of life-saving innovation. And no, DeepMind doesn't run on Windows XP.
As we were compiling this report, we received a statement from a DeepMind Health spokeperson: "Nurses and doctors have told us that Streams is already speeding up urgent care at the Royal Free and saving hours every day. The data used to provide the app has always been strictly controlled by the Royal Free and has never been used for commercial purposes or combined with Google products, services or ads - and never will be.
"Clinicians at the Royal Free put patient safety first by testing Streams with the full set of data before using it to treat patients. Safety testing is essential across the NHS, and no hospital would turn a new service live without testing it first. We're glad the NDG has said that further guidance would be useful to organisations which are undertaking work to test new technologies.
"We also recognise that there needs to be much more public engagement and discussion about new technology in the NHS. We want to become one of the most transparent companies working in NHS IT, appointing a panel of Independent Reviewers, embarking on a major patient involvement strategy, and starting a groundbreaking project called Verifiable Data Audit. We believe that these steps are helping to set a new standard of transparency across the health system." µ
Presumably 'Richard' is your next security worry
Good news if the kids need a summer job
Welcome back, Zoinkerberg
That's another good reason not to see it