Google DeepMind, Royal Free London rapped for patient data sharing

Google's DeepMind AI unit and the Royal Free London NHS Foundation Trust shared sensitive data, including mental health records and HIV diagnosis, of 1.6 million patients.

In 2015, Google’s AI firm DeepMind was given the personal records of 1.6 million patients at the Royal Free London NHS Foundation Trust to help create Streams, an alert, diagnosis, and detection system that could spot when patients were at risk of developing acute kidney injury.

However, the deal was the focus of public outrage following a New Scientist report that vast amounts of data had been accessed by DeepMind.

The incident raised questions about Google/Deepmind ethics and the legaility of its actions. 

➕ May 2016. The New Scientist revealed that Deepmind had failed to secure approval from the Confidentiality Advisory Group of the Medicines and Healthcare Products Regulatory Agency. 

➕ July 2017. The UK Information Commissioner's Office ruled that the Royal Free hospital had failed to comply with the UK Data Protection Act when it shared the data, though it did not issue a fine on the basis that there was a lack of guidance for the sector. 

➕ September 2021. Law firm Mishcon de Reya announced it was to bring a class action lawsuit against Google on behalf of the 1.6 million individuals whose medical records were shared.

➕ October 2021. DeepMind apologised and stated that it had focused on building tools for clinicians, rather than considering how the project should have been shaped by the needs of patients.

➕ May 2022. The action was later discontinued and resurrected as a legal action against Google for using the NHS data of 1.6 million Britons 'without their knowledge or consent'. 

➕ May 2023. The lawsuit was again (pdf) dismissed.

Legal, regulatory 👩🏼‍⚖️

• Prismall v Google (pdf)

• Mishcon (2022). New claim against Google and DeepMind Technologies for unauthorised use of confidential medical records

• Litigation Capital Management (2022). Litigation Finance Agreement for new representative claim against Google and DeepMind Technologies

• UK Information Commissioner's Office (2017). Royal Free London undertaking (pdf)

• UK Information Commissioner's Office (2017). ICO letter to Royal Free London (pdf)

Investigations, assessments, audits 🧐

• Linklaters (2018). Audit of the acute kidney injury detection system known as Streams (pdf)

Research, advocacy 🧮

• Shaping AI - University of Warwick (2023). Shifting AI controversies (pdf)

• Powls P., Hodson H. (2017). Google DeepMind and healthcare in an age of algorithms

News, commentary, analysis 🗞️

• https://www.newscientist.com/article/2086454-revealed-google-ai-has-access-to-huge-haul-of-nhs-patient-data/

• https://www.newscientist.com/article/2088056-did-googles-nhs-patient-data-deal-need-ethical-approval/

• https://news.sky.com/story/google-received-16-million-nhs-patients-data-on-an-inappropriate-legal-basis-10879142

• https://techcrunch.com/2018/06/13/audit-of-nhs-trusts-app-project-with-deepmind-raises-more-questions-than-it-answers

• https://www.zdnet.com/article/deepmind-and-the-nhs-what-its-really-like-to-use-googles-kidney-health-app/

• https://www.digitalhealth.net/2016/11/google-deepmind-and-royal-free-in-five-year-deal/

• https://www.theguardian.com/technology/2017/jul/03/google-deepmind-16m-patient-royal-free-deal-data-protection-act

• https://www.insider.com/nhs-discloses-how-much-its-paying-google-deepmind-2017-6

• https://www.digitalhealth.net/2017/03/deepmind-health-royal-frees-criticised-lack-patient-involvement/

• https://www.newscientist.com/article/2289101-google-is-shutting-down-controversial-data-sharing-project-with-nhs/

• https://www.bbc.co.uk/news/technology-40483202

• https://uk.news.yahoo.com/uk-class-action-style-suit-150419945.html

• https://www.bbc.co.uk/news/technology-58761324

• https://techcrunch.com/2022/05/16/google-deepmind-nhs-misuse-of-private-data-lawsuit