A 2016 contract signed by researchers from Google and the University of California San Francisco, obtained in a public records request filed by Stat, outlines Google's plan to use UCSF patient data to develop artificial intelligence to predict outcomes.
Through the collaboration — which is still ongoing, with a second academic paper based on their joint findings recently accepted for publication — Google obtained the de-identified EHR data of at least 1.4 million patients at no cost but with plenty to gain. As Stat's Rebecca Robbins noted, the resulting AI algorithms "could someday generate more revenue for a company currently worth nearly $1 trillion."
Atul Butte, MD, PhD, who led UCSF's role in the partnership, told Stat his team considered it "way too early" to charge Google for what they perceived as merely a short-term research project.
Also significant are the many safeguards put in place by the contract to protect UCSF's patient data. It reportedly limits how Google can use the data, prohibits the tech giant from attempting to re-identify the covered patients, requires Google to provide UCSF with a list of every employee with access to the dataset when asked and explicitly outlines how and where the data would be stored and encrypted.
Additionally, while the dataset included at least three years' worth of demographic, medical history, medication and allergy, immunization, lab test, vital sign and billing data, UCSF refused to hand over physicians' notes, imaging data and any other information they felt could not be truly de-identified, Dr. Butte told Stat.
"UCSF has not been accused of sharing anything improper in the collaboration outlined in its 2016 agreement with Google. Nothing in the contract indicates otherwise; in fact, perhaps the most striking thing about the contract is just how many protections it puts in place," Ms. Robbins wrote, comparing the contract to another that Google signed around the same time with the University of Chicago, an agreement that has since come under fire for its comparative lack of privacy protections; it is unclear what stipulations, if any, were made in the contract for that agreement.
Read more here.
More articles on health IT:
16 hospitals, health systems seeking Allscripts, Cerner, Epic, Meditech talent
Rady Children's notifies 2,360 patients of internet port that exposed their information
MedStar launches EHR-based heart attack prediction tool