Google made waves in the fall when the WSJ reported thatthe tech company hadbeen working with Ascension since 2018 on a collaboration involving patient data, called Project Nightingale.While the partnership appears to be HIPAA compliant, thenews drew concerns among patients, providers and legislators.

Earlier this week, a group of three senators, including Elizabeth Warren (D-MA), Richard Blumenthal (D-CT) and Dr. Bill Cassidy (R-LA),sent a follow-up letter to AscensionCEO Joseph Impiccicheregarding concerns they holdabout ProjectNightingale.

This is not the first letter the trio haspenned questioningtheproject. In November they sent a letter to Google raising a number of questions regarding the privacy and security of patient data, and received a reply in early December.

"However, because Googles response did not answer a number of our questions pertaining to Ascensions involvement, we are requesting additional details from Ascension to help us better understand how Project Nightingale protects the sensitive health information of American patients," the senators wrote in the morerecent letter.

The senators laid out a number of questions surrounding patient consent of data use and privacy concerns. The senators are pressuring the health system for more information regarding the number of Google employees with access to the data and exactly what information is in the records.

"Google, for example, did not provide us with a 'full and complete list of patient-level information'that the company is receiving from Ascension, nor did it provide an exact number of healthcare records that it had received under Project Nightingale," the letter read.

The senators also asked if patients had advancenotice of Googles retention of their EHR, and if they had the ability to opt out of data sharing. Specifically, the senators inquired about whether the patients data would be used for research purposes.

The senators point out that, in the December letter from Google, the tech giant said that "providing notice to patients of uses and retention of [personal health information] by a covered entity and its business associations is the responsibility of the covered entity." The senators asked Ascension to clarify exactly what patients knew about their data being used.

The March letter endsby asking if Ascension is aware of any data breeches that would "present a risk of any outside party obtaining access to personal health information."

WHY IT MATTERS

As big tech moves into healthcare, patient privacy has been a concern among stakeholders.

"While improving the sharing, accessibility, and search-ability of healthcare data for providers could almost certainly lead to improvements in care, the role of Google in developing such a tool warrants scrutiny," the senators wrote in the letter.

THE LARGER TREND

Last year, news broke that Google and the University of Chicago Medical Center were being sued for violating patients' privacyfollowing a data-sharing partnership that the two parties inked two years ago. The class action lawsuit, which was first reported on by theNew York Times, accused the hospital system of sharing data with the tech conglomerate that could be identifiable, namely doctor's notes and the time frame of their visits.

Google has also been in hot water on the other side of the pond. In 2016 theUK's NHS signed a deal with Deep Mindthat led to press andUK government criticism afteran investigative report by the New Scientistrevealed that Google would have access to a huge trove of patient data without the patients' express consent, a potential violation of NHS information governance principles.

Original post:

US senators question Ascension on its Google collaboration Project Nightingale - MobiHealthNews