Federal inquiry opened into Google’s ‘Project Nightingale’

Alphabet posts Q3 earnings.

This week, Google announced that it had inked a new partnership with Ascension, one of the country’s largest healthcare providers. 

As initially reported by the Wall Street Journal, the initiative gives Google access to the medical records of millions of Americans. While Google claims that collection of patient data is “standard practice,” the deal went through without Google nor Ascension notifying patients of the data transfer. 

‘Project Nightingale’

In a blog post, Google confirmed the deal titled “Project Nightingale,” and outlined what the deal entails for Ascension and the 2,600 facilities it operates. Google described the initiative as a “business arrangement” that is similar to the ones they have in place with other similar providers.

“These organizations, like Ascension, use Google to securely manage their patient data, under strict privacy and security standards. They are the stewards of the data, and we provide services on their behalf,” read the blog post. The post also outlines the three components of the new deal. Google will help Ascension shift its infrastructure to the cloud, modernizing its current setup by migrating data to Google’s secure cloud environment. The company will also move Ascension employees to G Suite productivity tools. Doctors and nurses will also use Google tools to improve care. 

Google also acknowledged questions raised about patient data, i.e. why they need data on millions of patients. The company again fell back on the “standard practices” line, saying that the deal falls under industry-wide regulations including HIPAA. 

“This is standard practice in healthcare, as patient data is frequently managed in electronic systems that nurses and doctors widely use to deliver patient care,” said Google. “To be clear: under this arrangement, Ascension’s data cannot be used for any other purpose than for providing these services we’re offering under the agreement, and patient data cannot and will not be combined with any Google consumer data.”

Feds not so Sure

Of course, this raised some eyebrows. Shortly after the Wall Street Journal broke the news of Project Nightingale, the Department of Health and Human Services’ Office for Civil Rights opened a federal inquiry into the deal. Speaking with the Wall Street Journal, office director Roger Severino said the department “will seek to learn more information about this mass collection of individuals’ medical records to ensure that [the Health Insurance Portability and Accountability Act of 1996 or HIPAA] protections were fully implemented.”

Google updated the initial blogpost with a FAQ. That included a response to the public inquiry, saying that the company will cooperate with any inquiry presented by the government. Just how much transparency Google and Ascension will permit into the deal is yet to be seen.

Tech Giants Step into Healthcare Sector

In recent years, major tech companies have made strides to gain footholds in the healthcare sector. While Google is closing nefarious sounding deals with funny codenames, they’ve also made moves in the wearable tech space. 

Earlier this month, the tech giant beat Facebook to acquire FitBit for $2.1 billion. Google partially purchased FitBit to expand its wearable tech offerings. But the purchase also syncs nicely with Google Fit, the health-tracking platform Google launched back in 2014. Adoption of Google Health has been slow without a corresponding device. The acquisition of FitBit presumably shores up that limitation. Meanwhile, Apple enjoys dominance in the wearables field with the Apple Watch and has also laid tracks to integrate its tech and hardware into hospitals and clinics.