“Project Nightingale” Raises Data Security Concerns

Ascension is sharing private healthcare information with Google.  The project, dubbed “Project Nightingale,” was put into play to help Ascension centralize its patient database for the over 2600 hospitals in its healthcare system.  Patient information, including names, test results, and dates of birth are also being collected by Google to help develop a new software that will use artificial intelligence to identify and predict medical conditions and outcomes.

Not only were patients and doctors were not notified of the data mining project, but several third parties have voiced their concerns over data security.  While digitization of medical records has become a national priority, there is still a definitive need to know exactly what companies are doing with private protected health information and the steps the organizations are taking to ensure data security.

“Leaks of private medical information are enormously common,” says Pam Dixon of the World Privacy Forum. “The Department of Health and Human Services actually tracks all of the medical data breaches and actually some of the largest data breaches in history have been medical data breaches. So it is a significant concern.”

This is not the first time Google has ventured into healthcare data mining.  The tech giant also has a partnership with the Mayo Clinic.  That data exchange, however, did not include any personal information.  Both Google and Ascension have stated that “Project Nightingale” is fully compliant with the Health Insurance Portability and Accountability Act and that there is a “robust data security and protection effort” in place for the exchanged information.