NHS/Google Data sharing – the story of a broken data sharing system?
Many of you will be aware of the news that Google were given access to healthcare data of up to 1.6 million patients, the encrypted data was shared under an NHS data sharing agreement for the purposes of using google ‘deepmind’ to predict and flag patient risks of kidney failure.
There is nothing unusual about a data sharing agreement using personal data for research, it is a routine occurrence. However, because it is Google, because the data is so large and so comprehensive, news editors are not treating this as routine. In the context of this news story David Evans, BCS Director of Policy and Community, has blogged about the fundamental problems that could stop us from realising the benefits of data for our health and wellbeing.
One of the main issues of Information Sharing Agreements in general is that very few actually specify what is prohibited and how breaches will be handled. This lack of consideration towards incident response before an agreement is signed is concerning because if you don’t know how a 3rd party will react when things go wrong, how can you be sure that your data is really secure?