Google has come under scrutiny after a report in The Wall Street Journal noted that a newly signed cloud computing deal with a healthcare customer could give the tech giant “detailed personal-health information of millions of people across 21 states.”
The deal, which was previously announced on Google parent company Alphabet’s July earnings call, is with St. Louis-based Ascension, a Catholic health system non-profit that says it is “committed to providing compassionate, personalized healthcare services” for individuals and communities.
In a blog post published after The Journal report, Google’s Tariq Shaukat defended the deal and shed additional light on it.
“Back in July, on our Q2 earnings call, we announced ‘Google Cloud’s AI and ML solutions are helping healthcare organizations like Ascension improve the healthcare experience and outcomes,’” Shaukat wrote in the blog post. “Our work with Ascension is exactly that—a business arrangement to help a provider with the latest technology, similar to the work we do with dozens of other healthcare providers.”
“These organizations, like Ascension, use Google to securely manage their patient data, under strict privacy and security standards,” he added. “They are the stewards of the data and we provide services on their behalf.”
Known internally as “Project Nightingale,” The Journal reported that Google’s deal involves data such as “lab results, doctor diagnoses and hospitalization records, among other categories,” adding that it “amounts to a complete health history, including patient names and dates of birth.”
Shaukat continued saying the deal would focus on three areas: moving Ascension’s infrastructure to the cloud; using G Suite productivity tools such as Google Docs; and “extending tools to doctors and nurses to improve care.”
He stressed that the work with Ascension is compliant with HIPAA (Health Insurance Portability and Accountability Act) and there is “strict guidance” on data privacy, security and usage. Google also has a Business Associate Agreement with Ascension, which Shaukat said “governs access to Protected Health Information for the purpose of helping providers support patient care,” calling it “standard practice” in the healthcare industry.