ICO Rules Google DeepMind And Royal Free NHS Trust Data Sharing Deal Was Illegal

Data sharing between the Royal Free NHS Trust and Google’s DeepMind artificial intelligence (AI) division was illegal, according to a ruling by the Information Commissioner’s Office.

The ICO declared that a deal between the two organisations that saw the transfer of 1.6 million patient records to DeepMind without patient knowledge or approval was deemed to be a breach of the Data Protection Act.

As a result of an investigation by the ICO, Royal Free NHS Trust has been asked to sign an undertaking which commits it to acting in accordance to data protection laws with the assistance of the ICO.

DeepMind data dilemmas

The data sharing deal with the hospital trust and DeepMind had been aimed at using patient data to facilitate the creation of a smart app called Streams, which was designed to facilitate faster kidney patient diagnosis for clinicians and alert them to changes in the patients condition.

However, the deal was lambasted in an academic paper published in Health and Technology for failing to be clear over privacy and data use, which in turn helped prompt the ICO investigation, alongside complaints from the general public.

Thee ICO also took issue with how the data was shared; while sensitive patient details such as names, NHS numbers and dates of birth are sent to DeepMind as encrypted data, there was nothing in the agreement that would prevent the AI organisation from decrypting the data at a non-NHS location. As such, the ICO deemed patient privacy was further at risk and the data sharing deal was in breach of the Data Protection Act.

Information Commissioner Elizabeth Denham acknowledged that the tests Royal Free and DeepMind were carrying out with the data were worthy and had generated positive results, which some may say justifies the breach of data protection rights.

However, she noted that the shortcomings in the data sharing were avoidable, such as Royal Free carrying out an assessment of impact the data sharing had to privacy only after it had already passed the data on to DeepMind.

“The price of innovation didn’t need to be the erosion of legally ensured fundamental privacy rights.,” she said.

“I’ve every confidence the Trust can comply with the changes we’ve asked for and still continue its valuable work. This will also be true for the wider NHS as deployments of innovative technologies are considered.”

While the ICO focused  and levied blame for the breach of data protection on Royal Free, DeepMind also admitted it may have been hasty in its acceptance and use of the shared data.

“We were almost exclusively focused on building tools that nurses and doctors wanted, and thought of our work as technology for clinicians rather than something that needed to be accountable to and shaped by patients, the public and the NHS as a whole. We got that wrong, and we need to do better,” said DeepMind.

This is just as well given DeepMind has deepened its ties with the NHS further by aiming to launch a range of clinical mobile apps in partnership with Imperial College Healthcare NHS Trust.

Are you a Google expert? Take our quiz!

Roland Moore-Colyer

As News Editor of Silicon UK, Roland keeps a keen eye on the daily tech news coverage for the site, while also focusing on stories around cyber security, public sector IT, innovation, AI, and gadgets.

Recent Posts

DeepMind Co-Founder Suleyman Departs For Investment Firm

DeepMind co-founder Mustafa Suleyman leaves parent company Google for Silicon Valley venture capital firm after…

22 hours ago

US Legislation To Boost Chip Funding Set For House

US House of Representatives set to introduce bill on tech funding and domestic chip manufacturing,…

22 hours ago

Intel Says Ohio Site Could Become World’s Biggest Chip Plant

Intel chooses Ohio site for manufacturing investment that could grow to $100bn over ten years,…

23 hours ago

Digital Bank Chime Financial Plans Massive IPO

Chime Financial plans New York IPO worth up to $40bn after Covid-19 pandemic leads to…

23 hours ago

Twitter Shake-Up Sees Departure Of Top Security Staff

Twitter says head of security no longer at company and chief information security officer to…

24 hours ago

Google Asks Judge To Dismiss Most Of Texas Antitrust Case

Google asks federal judge to dismiss most counts of antitrust case filed by Texas and…

1 day ago