Google DeepMind's deal with the NHS is being investigated by the UK data watchdog
Google DeepMind
The data protection watchdog told Computer Weekly that an investigation into the partnership, which gives Google DeepMind access to 1.6 million patient records, has been launched off the back of at least one complaint from the general public.
A complaint seen by Computer Weekly, reportedly questions whether Google DeepMind will be "expected to encrypt the patient data it receives when at rest."
It reportedly reads: "Whilst the information-sharing agreement insists that personally identifiable information - such as name, address, post code, NHS number, date of birth, telephone number, and email addresses, etc - must be encrypted whilst in transit to Google, it does not explicitly prohibit that data being unencrypted at the non-NHS location."
It's worth noting that the Royal Free NHS Trust states in a Q&A on its website that: "All information sent to and processed by DeepMind is encrypted both in transit to, and at rest within, the DeepMind Health cluster."
The data-sharing agreement between Google DeepMind and the Royal Free NHS Trust was obtained by New Scientist earlier this month. Through the agreement, Google DeepMind is able to see data completely unrelated to kidney function, including whether people are HIV-positive as well as details of drug overdoses and abortions.
Privacy campaigners have questioned why Google DeepMind has been given access to so much medical data without public consent.
Google DeepMind
The complainant reportedly took issue with this, claiming that it could put patient privacy at risk when employees at Google DeepMind's 250-strong AI lab in King's Cross access the data.
"It is usual for personal data to be pseudonymised to mask the true identity of the patient," the complaint said.
"In this contract it explicitly states: 'As this data is being held for direct patient care purposes, pseudonymisation is not required.' Therefore, there is some risk that personal data could be accessed at the non-NHS location."
The complainant told Computer Weekly that the ICO responded to their concerns on 10 May. The ICO reportedly told the complainant that staff had been assigned to probe the data-sharing arrangement in more detail.
An ICO spokesperson confirmed the assertion from the complainant, according to Computer Weekly.
"Any organisation processing or using people's sensitive personal information must do so in accordance with Data Protection Act," the ICO told Computer Weekly.
DeepMind cofounder Mustafa Suleyman defended the data-sharing agreement last week, saying: "As Googlers, we have the very best privacy and secure infrastructure for managing the most sensitive data in the world."
Business Insider has contacted Google and is waiting to hear back.
- I spent $2,000 for 7 nights in a 179-square-foot room on one of the world's largest cruise ships. Take a look inside my cabin.
- Colon cancer rates are rising in young people. If you have two symptoms you should get a colonoscopy, a GI oncologist says.
- Saudi Arabia wants China to help fund its struggling $500 billion Neom megaproject. Investors may not be too excited.
- Catan adds climate change to the latest edition of the world-famous board game
- Tired of blatant misinformation in the media? This video game can help you and your family fight fake news!
- Tired of blatant misinformation in the media? This video game can help you and your family fight fake news!
- JNK India IPO allotment – How to check allotment, GMP, listing date and more
- Indian Army unveils selfie point at Hombotingla Pass ahead of 25th anniversary of Kargil Vijay Diwas