Tuesday, November 12, 2019

Google’s ‘Project Nightingale’ Secretly Gathers Personal Health Data on Millions of Americans - Time to Refuse Use Of EMR's In Your Healthcare?

I have long written that leadership of EMR technology by the wrong people will create exceptionally adverse outcomes, clinically speaking. 

The same appears true socially.  In fact, adverse social outcomes (especially with regard to societal power structures) is one of the pillars of the domain of Social Informatics, the field that studies social impacts of new information & communication technologies (ICTs), about which I've taught and written.  (See http://www.dlib.org/dlib/january99/kling/01kling.html)

Now there's this stunning new story regarding clinical data trafficking. 

Original article is at the WSJ by Gerald F. Seib here: https://www.wsj.com/articles/google-s-secret-project-nightingale-gathers-personal-health-data-on-millions-of-americans-11573496790, but it's behind a paywall:

Google’s ‘Project Nightingale’ Secretly Gathers Personal Health Data on Millions of Americans

November 12, 2019


Google has been working with one of the largest healthcare systems in the U.S. to collect and analyze the personal health information of millions of citizens across 21 states, The Wall Street Journal reports.  The Tech giant reportedly teamed up with St. Louis-based Ascension, the largest non-profit health system in the country, last year, and the data sharing has accelerated since summer.

Code-named Nightingale, the project saw both companies collect personal data from patients, which included lab results, doctor diagnoses, and hospitalization records, as well as patient names and dates of birth.
Google said it plans to use the data to create new software that will improve patient care and suggest changes to their care.

First and foremost, the focus of this "project" is the hackneyed cybernetic miracle we've been promised for decades, the "Artificial Intelligence" that will "revolutionize" medicine. 

I view this concept as massively over-hyped and likely fraudulent, an effort to salvage the very same promises made of the entire EMR project on which has been spent hundreds of billions of dollars (more likely beyond the trillion range by now), while waiting for Godot. 

Those monies could have been better used to provide world-class healthcare for an entire population, especially considering the lack of evidence of the miracles promised.

CMS: "we do not have any information that supports or refutes claims that a broader adoption of EHRs can save lives."  [But let's spend hundreds of billions of dollars anyway.]  Click to enlarge.

... Patients and doctors were not notified that their data is being shared, and did not give their consent, according to the report.

One individual who was familiar with the project told the Journal that at least 150 Google employees already have access to much of the data on tens of millions of patients.
I have already written that the entire national EMR project is a mass human-subjects experiment without informed consent that can maim or kill patients in many different ways, including clinician distraction and IT error, among others.  I also note that as I've been involved in litigation support over the past decade, I've been exposed to what really happens without the filter of the press and the IT industry.  (The verdict in the last case in which I testified about Bad Health IT, for example, went to the deceased plaintiff's heirs - amounting to more than $16 million; others were in a lower but still multi-million dollar range.  Yet, you likely will never read about these in the HIT literature)

I believe this new account of clinical data trafficking is, more likely than not, true. It is a development I've fully been expecting for at least a decade now. (See my February 26, 2012 post "Proposed new Consumer Privacy Bill of Rights: Is It Too Late For Healthcare?" at https://hcrenewal.blogspot.com/2012/02/proposed-new-consumer-privacy-bill-of.html and my Oct. 7. 2009 post "Health IT Vendors Trafficking in Patient Data?" at https://hcrenewal.blogspot.com/2009/10/health-it-vendors-trafficking-in.html).

This new development would represent an invitation to massive deliberate or inadvertent abuse, and is likely a massive violation of the HIPAA Privacy Act, despite claims to the contrary.

Just hours after the secret project was revealed, the two companies announced the collaboration in a press release, in which they said the joint project would see Ascension’s data moved onto Google’s Cloud platform.
The statement said the joint project aims to “optimize the health and wellness of individuals and communities and deliver a comprehensive portfolio of digital capabilities that enhance the experience of Ascension consumers, patients, and clinical providers across the continuum of care.”

More cybernetic miracles promised for the true believers, expressed in the typical IT-magic phraseology.  Plenty of profits, too.

Eduardo Conrado, Executive Vice President of Strategy and Innovations at Ascension, said: “As the healthcare environment continues to rapidly evolve, we must transform to better meet the needs and expectations of those we serve as well as our own caregivers and healthcare providers.

The "transformations" needed are to scale back the IT and the bureaucracy that burdens good clinicians and consumes massive amounts of $, and the reduction of waste on worse-than-useless Bad Health IT (http://cci.drexel.edu/faculty/ssilverstein/cases/):

Bad Health IT is IT that is ill-suited to purpose, hard to use, unreliable, loses data or provides incorrect data, is difficult and/or prohibitively expensive to customize to the needs of different medical specialists and subspecialists, causes cognitive overload, slows rather than facilitates users, lacks appropriate alerts, creates the need for hypervigilance (i.e., towards avoiding IT-related mishaps) that increases stress, is lacking in security, compromises patient privacy, lacks evidentiary soundness or otherwise demonstrates suboptimal design and/or implementation. 

More corporate mumbo-jumbo:

“Doing that will require the programmatic integration of new care models delivered through the digital platforms, applications, and services that are part of the everyday experience of those we serve.”
The partnership will also explore artificial intelligence and machine learning applications to help improve clinical quality, and effectiveness, patient safety and increase consumer and provider satisfaction, according to the statement.

The data collected by today's EMRs is subject to inaccuracy for multiple reasons mentioned at this blog, including perverse incentives, clinician harassment and cognitive overload, time limitations, forced entry of some data to move further on in the record, and others.  Further,  the Bad Health IT systems used to collect and display it exposes patients to risk and injury.  "AI" will not solve these "issues."

Tariq Shaukat, President of Google Cloud, added: “Ascension is a leader at increasing patient access to care across all regions and backgrounds, particularly those in disadvantaged communities. We’re proud to partner with them on their digital transformation.

"Digital transformation" is, quite frankly, the same BS as "IT revolutionizing healthcare" that I'd heard since at least the mid-1990s (see my post "Bill, Have You Lost Your Mind?" at https://hcrenewal.blogspot.com/2006/07/bill-have-you-lost-your-mind.html where I reposted my earlier memorialization of such baldly overwrought and preposterous claims.)
“By working in partnership with leading healthcare systems like Ascension, we hope to transform the delivery of healthcare through the power of the cloud, data analytics, machine learning, and modern productivity tools—ultimately improving outcomes, reducing costs, and saving lives.”

More billions of dollars are to be transferred from patient care to the IT industry. 

These $ could be far better spent, IMHO, on care delivery, including to the disadvantaged and minorities, and in rethinking the current health IT morass.  (See my Jan,. 2018 post "The inevitable downgrading of burdensome, destructive EHRs back to paper & document imaging" at http://hcrenewal.blogspot.com/2018/01/the-inevitable-downgrading-of.html).

I have passed the newly-released articles on this matter to attorneys with access to the national trial lawyers' listservs, where the merits of "Project Nightingale" can be considered from the perspective of non-toothless patient's rights advocates.


I believe invasive healthcare data trafficking projects like this, with potential for massive abuses, provide reasonable justification for patients to REFUSE the use of EHR's in their care.  Paper works just fine.  In fact, when the IT goes down, it's what hospitals and doctors go right back to, and the PR always claims that "patient care was not compromised."

-- SS

11/15/2019 Addendum:

There is a whistleblower (https://www.theguardian.com/commentisfree/2019/nov/14/im-the-google-whistleblower-the-medical-data-of-millions-of-americans-is-at-risk):

I didn’t decide to blow the whistle on Google’s deal, known internally as the Nightingale Project, glibly. The decision came to me slowly, creeping on me through my day-to-day work as one of about 250 people in Google and Ascension working on the project.

When I first joined Nightingale I was excited to be at the forefront of medical innovation. Google has staked its claim to be a major player in the healthcare sector, using its phenomenal artificial intelligence (AI) and machine learning tools to predict patterns of illness in ways that might some day lead to new treatments and, who knows, even cures.

Here I was working with senior management teams on both sides, Google and Ascension, creating the future. That chimed with my overall conviction that technology really does have the potential to change healthcare for the better.

But over time I grew increasingly concerned about the security and privacy aspects of the deal. It became obvious that many around me in the Nightingale team also shared those anxieties.

After a while I reached a point that I suspect is familiar to most whistleblowers, where what I was witnessing was too important for me to remain silent. Two simple questions kept hounding me: did patients know about the transfer of their data to the tech giant? Should they be informed and given a chance to opt in or out?

The answer to the first question quickly became apparent: no. The answer to the second I became increasingly convinced about: yes. Put the two together, and how could I say nothing?
-- SS


Anonymous said...

Is it actually possible to refuse EHR at this point? Will I be refused care? Yves Smith at nakedcapitalism mentions that she has an old legacy health insurance that allows gives her some modicum of protection for her data, but it seems that it may not be possible for most of the population anymore?


InformaticsMD said...

"Is it actually possible to refuse EHR at this point? Will I be refused care?"

I don't know if there are any test cases, but if you were refused care, and it was an emergency situation, I imagine the repercussions would be severe.