Writing anonymously for The Guardian, this whistleblower says that he, or she, initially thought that the project, known as Project Nightingale, sounded like a good idea because it capitalizes on Google's "phenomenal artificial intelligence (AI) and machine learning tools to predict patterns of illness in ways that might some day lead to new treatments and, who knows, even cures." But after observing its progress over time, this whistleblower had a change of heart.
Having worked with senior management both at Google and at Ascension, this individual is notably familiar with the ins and outs of Project Nightingale and what it will entail for the American public. And even though it "really does have the potential to change healthcare for the better," according to this same individual, Project Nightingale is shaping up to be a privacy and surveillance nightmare.
"... over time I grew increasingly concerned about the security and privacy aspects of the deal," this whistleblower writes. "It became obvious that many around me in the Nightingale team also shared those anxieties."
There were two major questions that kept sticking out in this whistleblower's mind before he or she decided to come forward publicly. One: Were patients whose records were included as part of the program aware that their personal health data was being transferred directly to Google? And two: Should these patients be informed about this and offered the opportunity to either opt in or out of the program?
As it turns out, Google isn't telling patients that it's gaining access to their private medical records, nor is the tech giant giving them the chance to decide whether or not to participate. In other words, Project Nightingale is happening in the shadows, as most things now do in the age of tech dominance.
"So much is at stake," this whistleblower warns. "Data security is important in any field, but when that data relates to the personal details of an individual's health, it is of the utmost importance as this is the last frontier of data privacy."
For more related news about Google and Project Nightingale, be sure to check out EvilGoogle.news.
This whistleblower further wonders about the level of oversight governing these data transfers to Google, especially in light of HIPAA legislation passed back in 1996 that requires protected health information to be handled confidentially.
Is Google's Project Nightingale acting in accordance with HIPAA regulations? On the surface, it would seem not to be. Neither the whistleblower nor any of the other 150 Google employees or 100 Ascension employees have been able to figure it out, either.
"What AI algorithms were at work in real time as the data was being transferred across from hospital groups to the search giant?" the whistleblower asks. "What was Google planning to do with the data they were being given access to? No-one seemed to know."
"Above all: Why was the information being handed over in a form that had not been 'de-identified' – the term the industry uses for removing all personal details so that a patient’s medical record could not be directly linked back to them? And why had no patients and doctors been told what was happening?"
Be sure to read the whistleblower's full report on Google and Project Nightingale at TheGuardian.com.
Sources for this article include: