Google DeepMind, Royal Free London NHS data sharing
Released: 2016
Can you improve this page?
Share your insights with us
Google's DeepMind AI unit and the Royal Free London NHS Foundation Trust are sharing sensitive data, including mental health records and HIV diagnosis, of 1.6 million patients, according to the New Scientist.
The patient records had been used to create, test and run Streams, a diagnosis and detection system initially developed by the NHS and wrapped into a Deepmind smartphone app that detects when patients are at risk of developing acute kidney injury.
The New Scientist later revealed that the two parties had failed to secure approval from the Confidentiality Advisory Group of the Medicines and Healthcare Products Regulatory Agency.
The reports prompted a furore about patient privacy and data security.
Regulatory, legal actions
In July 2017, the UK Information Commissioner's Office ruled that the Royal Free hospital had failed to comply with the UK Data Protection Act when it shared the data, though it did not issue a fine on the basis that there was a lack of guidance for the sector.
Law firm Mishcon de Reya announced it was to bring a class action lawsuit against Google on behalf of the 1.6 million individuals whose medical records were shared in September 2021.
The action was later discontinued and resurrected in May 2022 as a legal action against Google for using the NHS data of 1.6 million Britons 'without their knowledge or consent'. The case was again (pdf) dismissed in May 2023.
Operator: Royal Free London NHS Foundation Trust
Developer: Alphabet/Google/Deepmind; NHS
Country: UK
Sector: Health
Technology: Prediction algorithm
Purpose: Detect & predict acute kidney disease
Issue: Privacy; Security; Ethics
Transparency: Governance; Black box; Privacy
System
Royal Free London (2019). Information Commissioner’s Office (ICO) investigation
Royal Free London (2018). Royal Free London publishes audit into Streams app
Google Deepmind (2017). The Information Commissioner, the Royal Free, and what we’ve learned
Legal, regulatory
Prismall v Google (pdf)
Mishcon (2022). New claim against Google and DeepMind Technologies for unauthorised use of confidential medical records
Litigation Capital Management (2022). Litigation Finance Agreement for new representative claim against Google and DeepMind Technologies
UK Information Commissioner's Office (2017). Royal Free London undertaking (pdf)
UK Information Commissioner's Office (2017). ICO letter to Royal Free London (pdf)
Research, advocacy
Shaping AI - University of Warwick (2023). Shifting AI controversies (pdf)
Powls P., Hodson H. (2017). Google DeepMind and healthcare in an age of algorithms
Investigations, assessments, audits
Linklaters (2018). Audit of the acute kidney injury detection system known as Streams (pdf)
News, commentary, analysis
https://www.digitalhealth.net/2016/11/google-deepmind-and-royal-free-in-five-year-deal/
https://www.insider.com/nhs-discloses-how-much-its-paying-google-deepmind-2017-6
https://uk.news.yahoo.com/uk-class-action-style-suit-150419945.html
https://techcrunch.com/2022/05/16/google-deepmind-nhs-misuse-of-private-data-lawsuit
Page info
Type: System
Published: November 2021
Last updated: May 2023