Health system Ascension's partnership with Google is making headlines, but it isn't surprising — rather, it represents a new normal for the health care industry that is tapping into the power of big tech, health care lawyer Rebecca Gwilt told FOX Business.
Continue Reading Below
"It is absolutely the role of the public to put pressure on corporations that are using their data to make sure that they are responsible arbiters of that data," Gwilt said. "However, it is a standard industry practice for health care technology companies to work with health care providers and payors in partnership, with the goal of improving the quality of care and reducing the cost of care."
Gwilt is a partner at Nixon Law Group, which represents dozens of companies contracting with health care providers. Google is not a client.
Unbeknownst to patients and doctors, Google has been analyzing personal health data from Ascension in a partnership dubbed "Project Nightingale," the company said Monday, following a report from The Wall Street Journal.
While the partnership doesn't appear to violate the Health Insurance Portability and Accountability Act (HIPAA), it does raise questions for privacy experts.
"The responsible party here is Ascension. It was their job to talk to their patients about this, to get patient input before this happened," Pam Dixon, executive director of the World Privacy Forum, told FOX Business. "What is Ascension doing to make sure this info is safe?"
Now the Department of Health and Human Services' Office for Civil Rights is opening a probe into Project Nightingale. Gwilt said Google should have nothing to worry about if it only used data for the purposes permitted by law.
She was a little taken aback by the news, however.
"I'm not aware of another time HHS has preemptively done this without receiving a breach complaint," Gwilt said.
The probe shows that tech companies are "just under more scrutiny," Gwilt said.
"They are going to have to think about their public reputation and the level of trust. ... It appears they have handled this in accordance with existing law, but that doesn't mean the public doesn't have the right to ask these questions," she said.
"The federal government needs to get their arms around what the real threats are to data security. The public is much more aware of their privacy rights than they used to be because we've had the Anthem breach, the Target breach, the Equifax breach," Gwilt said.