Jump to content

Hospitals Give Tech Giants Access to Detailed Medical Records


Recommended Posts

Deals with Microsoft, IBM and Google reveal the power medical providers have in deciding how patients’ sensitive health data is shared


Hospitals have granted Microsoft Corp., MSFT 0.25% International Business Machines IBM -0.41% Corp. and Amazon.com Inc. AMZN 0.20% the ability to access identifiable patient information under deals to crunch millions of health records, the latest examples of hospitals’ growing influence in the data economy.


The breadth of access wasn’t always spelled out by hospitals and tech giants when the deals were struck.


The scope of data sharing in these and other recently reported agreements reveals a powerful new role that hospitals play—as brokers to technology companies racing into the $3 trillion health-care sector. Rapid digitization of health records and privacy laws enabling companies to swap patient data have positioned hospitals as a primary arbiter of how such sensitive data is shared.


“Hospitals are massive containers of patient data,” said Lisa Bari, a consultant and former lead for health information technology for the Centers for Medicare and Medicaid Services Innovation Center.


Hospitals can share patient data as long as they follow federal privacy laws, which contain limited consumer protections, she said. “The data belongs to whoever has it.”


Microsoft and Providence, a hospital system with data for about 20 million patient visits a year, are developing cancer algorithms by using doctor’s notes in patient medical records. The notes haven’t been stripped of personally identifiable information, according to Providence, which is based in Renton, Wash.


An agreement between IBM and Brigham and Women’s Hospital to jointly develop artificial intelligence allows the Boston-based hospital to share personally identifiable data for specific requests, people involved in the agreement said. So far the hospital hasn’t shared data on that basis and has no current plans to do so, according to hospital and IBM officials.


Microsoft executive Peter Lee in July described how his company would use Providence patient data without identifying information for algorithm development. In a December statement, he said patients’ personal health data remains in Providence’s control and declined to comment further. B.J. Moore, Providence’s chief information officer, said executives involved in the agreement at first planned to use data without information identifying patients; later they found they couldn’t remove it all from doctors’ notes. “It was not intended to mislead,” he said.


Brigham and Women’s announced a 10-year agreement with IBM in February 2019. David Westfall Bates, the hospital’s chief of general internal medicine and primary care, said last year that initial work would use data stripped of names and other identifying details. In December, Dr. Bates said he hasn’t publicly commented on IBM’s ability to access identifiable data but Brigham and Women’s would follow federal privacy rules should it do so.


“Responsible data stewardship is core to our mission,” an IBM spokeswoman said.


The Fred Hutchinson Cancer Research Center, in Seattle, granted certain Amazon Web Services employees access to health information that identifies individual patients, a Fred Hutchinson spokesman said. The research institution, which has ties to hospitals, trained and tested Amazon Web Services software designed to read medical notes.


An AWS spokeswoman said it doesn’t use personally identifiable data protected under federal privacy laws to develop or improve its services.


Digitizing patients’ medical histories, laboratory results and diagnoses has created a booming market in which tech giants are looking to store and crunch data, with potential for groundbreaking discoveries and lucrative products.


There is no indication of wrongdoing in the deals. Officials at the companies and hospitals say they have safeguards to protect patients. Hospitals control data, with privacy training and close tracking of tech employees with access, they said. Health data can’t be combined independently with other data by tech companies.


But recent revelations that Alphabet Inc.’s GOOG -0.27% Google is able to tap personally identifiable medical data about patients, reported by The Wall Street Journal, has raised concerns among lawmakers, patients and doctors about privacy.


The Journal also recently reported that Google has access to more records than first disclosed in a deal with the Mayo Clinic. Mayo officials say the deal allows the Rochester, Minn., hospital system to share personal information, though it has no current plans to do so. “It was not our intention to mislead the public,” said Cris Ross, Mayo’s chief information officer.


Dr. David Feinberg, head of Google Health, said Google is one of many companies with hospital agreements that allow the sharing of personally identifiable medical data to test products used in treatment and operations. The companies typically don’t disclose their use of such data, Dr. Feinberg said. “We didn’t hide it.”


Amazon, Google, IBM and Microsoft are vying for hospitals’ business in the cloud storage market in part by offering algorithms and technology features. To create and launch algorithms, tech companies are striking separate deals for access to medical-record data for research, development and product pilots.


The Health Insurance Portability and Accountability Act, or HIPAA, lets hospitals confidentially send data to business partners related to health insurance, medical devices and other services. The law requires hospitals to notify patients about health-data uses, but they don’t have to ask for permission.


Data that can identify patients—including name and Social Security number—can’t be shared unless such records are needed for treatment, payment or hospital operations. Deals with tech companies to develop apps and algorithms can fall under these broad umbrellas. Hospitals aren’t required to notify patients of specific deals.


“The patient doesn’t have absolute control. They don’t have much control,” said Ellen Wright Clayton, a Vanderbilt University biomedical ethics professor.


Under HIPAA, hospitals must divulge as little as possible about patients under agreements. But in some cases, the minimum amount needed by tech companies can be everything in patients’ records.


Ascension, a Catholic chain with 150 hospitals across 20 states and the District of Columbia, is testing whether Google’s technology can accurately search and retrieve all information for a single patient—a widely known challenge that frustrates doctors and patients.


“By definition this means that the ’minimum’ necessary dataset for the creation of this capability is the entire longitudinal health-care record” for each patient, said Eduardo Conrado, Ascension’s chief strategy and innovations officer.


Hospitals involved in the deals say data use is reviewed by research-ethics review boards or data-use committees, which can include compliance, law, tech, medicine and other experts.


Mayo’s data team will vet future data requests for projects with Google, probing how much data to share, said Mayo’s Lois Krahn, a data-team member. “We are a tremendously cautious and conservative organization,” she said.


Hospitals also stand to gain financially from some deals. Tech companies’ agreements with Providence, Mayo, and Brigham and Women’s include intellectual property rights for hospital contributions to new products.


Some hospitals are saying no to tech agreements.


“We’re not giving anyone data,” said Jim Beinlich, chief data information officer for Penn Medicine, the University of Pennsylvania health system. Penn Medicine halted a possible research pilot with Microsoft in response to public concern over Ascension’s Google deal.


Hospital executives are drafting policies, such as how to tell patients about data sharing.


“We don’t have all the rules of the road written down,” he said.



Edited by aum
Link to comment
Share on other sites

Moved from General News.


(About patients' "confidential" health data, so better here)

  • Like 1
Link to comment
Share on other sites

  • 2 years later...

Don't you see anything suspicious about this news? I mean, healthcare data should be the most valuable data. Sharing it could be really dangerous. That's why I decided to share this news with my friend, who helped me to choose the medicare plan (https://www.remedigap.com/medicare-supplements/medicare-plan-n-vs-plan-g/). I'm still grateful to him for that. So, he knows a lot about the healthcare industry. I'd say he's a real expert. He agrees that giving this data to Tech Giants can be dangerous. Still, on the other hand, the data could be used to create better applications. So, it all depends on your view of the situation. Anyway, keep us updated. Best wishes.

Edited by fraziermiyahara
Link to comment
Share on other sites

9 hours ago, fraziermiyahara said:

Don't you see anything suspicious about this news? I mean, healthcare data should be the most valuable data. Sharing it could be really dangerous.

I'd go further...it's not only suspicious....it stinks.:thumbsdown::thumbsdown::thumbsdown:

Link to comment
Share on other sites

BIG Brother wants as much as Data he can find...

The more, the better...

Total Loss of Privacy and Individual Liberties on the way...

Link to comment
Share on other sites

Nuclear Fallout

There IS MUCH more to it.  The way how CFO's handle anything as long as they make money!!!   DO NOT THINK, YOUR HOSPITAL UPPER LEVEL STAFF IS SMART!!! I knew a bi..... who was a CFO, she fu..... up big time.   I MEAN BIG TIME!!!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...