“Patient Privacy Must Be Protected,” TMA Says in Response to Ascension-Google Partnership
By David Doolittle


Protecting sensitive patient health information should remain a top priority as technology and health care continue to intersect, Texas Medical Association President David C. Fleeger, MD, said Thursday in response to a partnership between Google and Ascension health system. 

“Always remember, the primary purpose of your medical record is to help your medical team take good care of you. It’s private information, and your privacy must be protected,” Dr. Fleeger said in a statement to news media. “Any effort to improve quality must first do no harm by breaching your privacy. This is a matter of trust.” 

The partnership, first reported Monday, will integrate Ascension’s health data in Google’s cloud platform. “Key elements of this work will focus on network and system connectivity, data integration, privacy and security, and compliance,” Ascension said in a statement.

In a blog post Monday, Google called the partnership a “business arrangement to help a provider with the latest technology, similar to the work we do with dozens of other healthcare providers.” 

The partnership, called “Project Nightingale,” raises concerns about how the data will be used, who will have access to it, and whether patient privacy will be protected. 

Because the data is held separately from any consumer data and because it is used for treatment purposes, it is HIPAA-compliant and patient consent is not required, Ascension said

Google said Ascension’s data “cannot be used for any other purpose than for providing these services we’re offering under the agreement, and patient data cannot and will not be combined with any Google consumer data.” 

The Department of Health and Human Services’ Office for Civil Rights opened an inquiry into the partnership Tuesday amid criticism from patients and lawmakers, The Wall Street Journal reported. 

TMA policy states that organizations that store, transmit, or use patient records or claims data must have internal policies and procedures in place that adequately protect the integrity, security, and confidentiality of such data.

“Patients must know to whom your private health information may be disclosed and for what purpose,” Dr. Fleeger said. “Also, we must guard against anyone misusing your data to set medical care guidelines based on what is best for someone’s bottom line versus what is scientifically proven to be best for your health.” 

Ascension, a non-profit, Catholic health system, has 2,600 facilities in 21 states and the District of Columbia, including hospitals in 11 Texas cities.

Last Updated On

November 14, 2019

Originally Published On

November 14, 2019