DeepMind’s big betrayal? Patient data must be protected at all costs
Data-driven healthcare in the digital age is only possible with the consent and therefore trust of its patients. As service providers transform to incorporate new and innovative technologies, we will see tensions surface as they evolve. Medical data is perhaps the most personal and therefore sensitive data we own. Regardless of the intentions of those processing it, medical data must be treated with the appropriate care and transparency.
The AI research development company DeepMind Health is at the cutting edge of future-healthcare but is no stranger to headline grabbing moments in which its use of patient data has been scrutinised. It provides a clear window into the up-and-coming challenges to be faced by innovative and pioneering technologies, that if developed in line with patient trust, are set to transform healthcare as we know it.
By moving DeepMind Health’s Stream team into the main arm of the organisation – its parent company Google – concerns were raised over its commitment to patient data privacy. This came with assertions from the organisation in 2016 that the patient data would never be used or connected with Google accounts and products. Initial reports that the move was due to the desire to scale the business out globally did not help. The contradiction was enough to unearth a general anxiety over the use of patient data.
The new setup means the Stream team will remain in London, under the leadership of former NHS Surgeon Dominic King and with the aid of Google’s Health unit, from January 2019. Defending the move, King said on Twitter, “The public is rightly concerned about what happens with patient data. I want to be totally clear. This data is not DeepMind’s or Google’s – it belongs to our partners, whether the NHS or internationally. We process it according to their instructions – nothing more.”
Protecting patient data
As healthcare evolves and businesses transform, it is understandable that patients will be concerned over the future use of their data. For this reason, meticulous data management, with reliable, secure IT infrastructures and transparent privacy-by-design processes that fully optimise the data fabric are essential. But this alone is not enough. Clear, human communication that pre-empts patient anxiety with a view to educating them on their rights – and giving them back a sense of control – are necessary, too. The marriage between healthcare and business can be an uncomfortable one, regardless of intention. The notion of business scalability being prioritised over patient trust is uncomfortable, too.
It is not enough to presume that the social and personal benefits of data-driven healthcare technologies will alleviate these concerns. It is true that cloud and IoTtechnologies for example, will bring accessible, predictive and pre-emptive healthcare to life. But the integrity and credibility of the sector is at stake if patient data is poorly managed. In the long-term, this will affect our future care.
Following the passing of the General Data Protection Regulation Bill (GDPR) on May 25th, citizens are more aware than ever of their data rights. The healthcare sector accounts for the highest number of incidents reported to the ICO between July and September 2018. With 420 incidents of data disclosure and 190 security incidents reported, these figures highlight both the need for the regulation and the fact that it is working – with a cautionary approach to reporting potential incidents within the required 72-hour period. However, it is also a cause for concern. GDPR is an essential tool, helping data-driven healthcare businesses to optimise patient care with digital transformation, while providing a framework through which to build patient trust.
Looking ahead, with the diverse possibilities of innovative technologies set to transform healthcare, evolving data management practices to not only comply, but to perfect data privacy and protection will be essential. Indeed, as health data booms, it is vital that health service providers stay on top of where their data is stored and who processes it, maintaining transparency every step of the way
Grant Caley, CTO UK & Ireland at NetApp