05:51 GMT14 August 2020
Listen Live
    Get short URL

    A potential class-action lawsuit, filed in federal court in Illinois, is alleging that Google and the University of Chicago Medical Center violated hospital patients’ privacy in a 2017 data-sharing agreement.

    According to the suit filed on Wednesday night on behalf of patients whose data was included in the partnership and filed in US District Court for the Northern District of Illinois, the agreement to study the application of machine learning to health care violated privacy laws governing the sharing of medical information.

    “While tech giants have dominated the news over the last few years for repeatedly violating consumers’ privacy, Google managed to fly under the radar as it pulled off what is likely the greatest heist of consumer medical records in history,” the lawsuit alleges.

    The original collaboration was aiming to study how artificial intelligence (AI) could be used to improve health care by enabling doctors to make better predictions and decisions about their patients. Google says that its AI can lower health care costs and ultimately save lives.

    The lawsuit claims the hospital didn’t properly anonymize the patient data shared with Google as required by the 1996 Health Insurance Portability and Accountability Act (HIPAA). The filing alleges that dates included in the health records could easily be used by Google, in combination with its vast stores of user data, to identify the patients, noting that Google “has in its possession detailed geolocation information that it can use to pinpoint and match exactly when certain people entered and exited the University’s hospital.”

    Ashley Heher, a spokeswoman for the University of Chicago Medical Center, said the center has complied with all privacy and health laws, cited by the Hill.

    “The Medical Center entered into a research partnership with Google as part of the Medical Center’s continuing efforts to improve the lives of its patients,” she added. “That research partnership was appropriate and legal and the claims asserted in this case are baseless and a disservice to the Medical Center’s fundamental mission of improving the lives of its patients.  The University and the Medical Center will vigorously defend this action in court.”

    "We believe our healthcare research could help save lives in the future, which is why we take privacy seriously and follow all relevant rules and regulations in our handling of health data," Google spokesman Jose Castaneda said in an emailed statement. "In particular, we take compliance with HIPAA seriously, including in the receipt and use of the limited data set provided by the University of Chicago.”


    House Democrats Fail to Press Google CEO, Get ‘Evasive’ Answers on Privacy, Bias
    Privacy Advocate Explains Why Google Location Data 'Very Difficult to Opt Out'
    Trump ‘Bullying’ Google on China Engine Less Effective Than New Privacy Software
    Google Spying on Credit Card Spending to See if Ads Work Raises Privacy Concerns
    privacy, hospital, Google, Google
    Community standardsDiscussion