Data collection has come under the spotlight once again, and it is Google that is fielding questions on its recent activities. More specifically the firm is trying to address concerns regarding its health care data collection programme, which got revealed thanks to a Wall Street Journal (paywall) investigation earlier this month.
Google has noted that the data collection is legal, as the company is working with the Ascension hospital group Stateside under a business associate agreement that allows the tech firm to collect patient data.
Naturally this programme has piqued the interest of the US Congress, which wants Google to explain precisely how the data is collected, who has access to it, and to what end the data will be used.
In order to address several of those concerns, the firm posted a blog in order to explain the situation.
“There has been a lot of interest around our collaboration with Ascension. As a physician, I understand. Health is incredibly personal, and your health information should be private to you and the people providing your care,” writes head of Google Health, Dr David Feinberg.
“That’s why I want to clarify what our teams are doing, why we’re doing it, and how it will help your healthcare providers—and you,” he adds.
To that end Feinberg notes that the programme is aimed at better equipping doctors and nurses with technological tools to help them do their jobs, as well as embrace technology in an easy and efficient way.
While that is indeed a worthwhile objective, the issue at question here is patient data, and how it is being collected. Especially as Ascension reportedly did not tell patients that their data was being used for the programme.
On that front Feinberg says only a selected number of staff will have access to that data. He adds that those staff members, “Undergo HIPAA and medical ethics training, and are individually and explicitly approved by Ascension for a limited time,” in a bid to allay fears.
Also noting, “We have technical controls to further enhance data privacy. Data is accessible in a strictly controlled environment with audit trails—these controls are designed to prevent the data from leaving this environment and access to patient data is monitored and auditable.”
Congress is not relying on the blog post alone, with more information demanded during a briefing scheduled for 6th December.
As Engadget points out, with Google announcing plans to purchase Fitbit, it will soon have access to even more health data, so it will be interesting to hear what kinds of measures the firm will put in place to ensure privacy, as well as what regulations it will need to adhere to.
Either way, it looks like Google has quite a few more questions it needs to answer.