Technology always seems to outrun ethics. But just because something can be done does not mean that it should be done. Usually this discussion is focused on the latest life-sustaining medical device, but with emergence of electronic medical records, a whole new set of problems have appeared
Last month, Rob Copeland of The Wall Street Journal (behind pay wall) published a report focusing on the partnership between Google and Ascension health subtitled: “Search giant is amassing health records from Ascension facilities in 21 states; patients not yet informed.” Google has named their efforts “Project Nightingale.”
The idea behind medical records being available on the cloud (or somewhere electronically) sounds very appealing at first. However, it is not difficult to imagine “Project Nightingale” turning into “Project Nightmare” when it comes to patient’s privacy. This was what drove a Google whistleblower to come forward: “why was the information being handed over in a form that had not been ‘de-identified’ – the term the industry uses for removing all personal details so that a patient’s medical record could not be directly linked back to them? And why had no patients and doctors been told what was happening?”
Dr. David Feinberg, the head of Google Health, addresses the concerns that have been raised: “Google has spent two decades on similar problems for consumers, building products such as Search, Translate and Gmail, and we believe we can adapt our technology to help. That’s why we’re building an intelligent suite of tools to help doctors, nurses, and other providers take better care of patients, leveraging our expertise in organizing information.” (I’m not sure using Google Translate as a positive example will bring comfort to many readers.) Feinberg also discusses the precautions that Google has put into place.
Since the original WSJ broke last month, Congress has gotten involved. Consumer Affairs reports “that the U.S. Department of Health and Human Services has opened an inquiry into the project to determine whether it violates the Health Insurance Portability and Accountability Act of 1996 (known as HIPAA).”
Maintaining patients’ privacy is an important issue and must not be glibly overlooked. It will no longer suffice simply to say that we trust Google (or Facebook, etc.) to do the right thing.