A federal regulator is investigating whether the federal privacy law known as HIPAA was followed when Google collected millions of patient records through a partnership with nonprofit hospital chain Ascension.
The probe, first reported by the Wall Street Journal Tuesday night, was opened by the Department of Health and Human Services’ Office for Civil Rights. “OCR would like to learn more information about this mass collection of individuals’ medical records with respect to the implications for patient privacy under HIPAA,” Roger Severino, the office’s director, said in a statement to STAT.
The initiative, code-named “Project Nightingale,” gave Google the ability to analyze personal health information, including names and birth dates, compiled by Ascension, with the goal of helping deliver more personalized medical treatment. The Journal reported that patients and physicians were not informed of the project, though Ascension said that some clinicians and nurses were involved.
This article is exclusive to STAT+ subscribers
Unlock this article — and get additional analysis of the technologies disrupting health care — by subscribing to STAT+.
Already have an account? Log in
Already have an account? Log in
To submit a correction request, please visit our Contact Us page.
STAT encourages you to share your voice. We welcome your commentary, criticism, and expertise on our subscriber-only platform, STAT+ Connect