Google will soon obtain private genetic data on hundreds of thousands of medical patients… without their consent
The Information Commissioner’s Office (ICO) recently ruled that the Royal Free London NHS Foundation Trust broke the law, as it failed to comply with the Data Protection Act when it transferred 1.6 million patient records to DeepMind, an artificial intelligence research group owned by Google. In response to the ruling, NHS signed an undertaking to fix this oversight within three months, along with providing the ICO proper justification for why this ethical breach of conduct was allowed. The data transfer was part of NHS and DeepMind’s partnership to develop the heathcare app, Streams, which was a detection system for acute kidney injury. Supposedly, Streams would save lives by alerting hospital trusts when a patient was undergoing a critical kidney condition. However, as ICO’s investigation concluded, the transfer of records was done without the patients being adequately informed on the decision.
Elizabeth Denham, a representative of the ICO told TheGuardian.com, “Our investigation found a number of shortcomings in the way patient records were shared for this trial. Patients would not have reasonably expected their information to have been used in this way, and the Trust could and should have been far more transparent with patients as to what was happening.”
Denham added: “We’ve asked the Trust to commit to making changes that will address those shortcomings, and their co-operation is welcome. The Data Protection Act is not a barrier to innovation, but it does need to be considered wherever people’s data is being used.”