Tell Department of Health and Human Services: Update HIPAA for the digital age
Google secretly launched a project that let them access information about people's health and bodies. In partnership with nonprofit hospital chain Ascension, Google collected “lab results, doctor diagnoses and hospitalization records, among other categories, [that] amounts to a complete health history, complete with patient names and dates of birth."1
Google claims that as Ascension's business partner, it is not in violation of HIPAA, a set of laws that keep patient information secure. That claim is currently being investigated, but whatever the outcome, it is very clear that healthcare privacy laws are not written to keep up in the digital age.
Google should never have been able to gather our sensitive information without consent and for an unknown use. We need to show that there is massive public pushback against Big Tech secretly collecting our personal health information. Will you add your name?
Tell the Department of Health and Human Services: Update HIPAA so that tech companies cannot abuse our health data.
HIPAA was designed to protect patient information from being leaked or mishandled. Now that we're in the tech age, the Department of Health and Human Services has the responsibility to address the real threats we face as patients. Google already has an enormous amount of user data including location information and what you search and when. That information combined with a full health record gives it the power to compile a profile of you that was unimaginable when HIPAA was signed in 1996.
Their track record so far with Ascension is terrifying. Patients and providers were unaware of this data collection, and as many as 150 Google employees may have access to the data. There are concerns that Google employees may have downloaded some of the data.2
And it's not just privacy. Google says it is going to use our sensitive data to train machines and fuel algorithms that may improve our healthcare experience. But we already know that artificial intelligence is tragically flawed reinforcing systemic inequality and prejudice and often storing our sensitive, personal information in massive, insecure databases.3,4
Right now, our patient privacy laws aren't written to keep up with for-profit tech companies that do not have our best interests in mind but do have a seemingly insatiable desire to monetize the collection of data and turn decisions over to AI. HHS can put the brakes on Google's Project Nightingale and implement laws that will better protect us, our families and our health information from not only Google, but every other tech giant that wants unfiltered access to our data.
Tell the Department of Health and Human Services: Update HIPAA for the digital age. Thank you for fighting back.
- Rob Copeland, "Google’s ‘Project Nightingale’ Gathers Personal Health Data on Millions of Americans," The Wall Street Journal, Nov. 11, 2019.
- Natasha Singer and Daisuke Wakabayashi, "Google to Store and Analyze Millions of Health Records," The New York Times, Nov. 11, 2019.
- Rebecca Robbins and Casey Ross, "HHS to probe whether Google’s ‘Project Nightingale’ followed federal privacy law," STAT, Nov. 13, 2019.
- Gwen Moran, "A.I. Has a Bias Problem, and Only Humans Can Make It a Thing of the Past," Fortune, Oct. 26, 2019.