Until the people doing things l this face serious jail time abuses on this and even larger scales will continue. Whatever the noble aims of the project might be Google has proven time and time again it can not be trusted with highly personal data.
Google AI gains access to 1.2m confidential NHS patient records
Google has been given access to huge swathes of confidential patient information in the UK, raising fears yet again over how NHS managers view and handle data under their control. In an agreement uncovered by the New Scientist, Google and its DeepMind artificial intelligence wing have been granted access to current and …
COMMENTS
-
-
Saturday 30th April 2016 09:00 GMT ACx
So.... people should got to jail because other people dont trust google........
What kind of moronic thinking is that?
On top of that, what, a blanket ban on google using data from other organisations, even if it could be a benefit?
Again, what kind of moronic thinking is that?
This attitude is anti progress and rank stupid. All because internet wankers decide to hate. Weird. Very weird.
-
Saturday 30th April 2016 10:17 GMT heyrick
What kind of moronic thinking is that?
There once was a thing called doctor patient privilege.
There once was a thing called ethics.
There once was an expectation that if you needed to go to hospital, the full details of why wouldn't be spewed to the highest bidder.
It isn't about whether or not people trust Google, it's about a fundamental breach of trust by the medical profession itself. They "claim" that the details are anonymous yet the agreement would appear to say otherwise. Well, if this behaviour passes without any hindrance or jail time, how long before data is provided to other paying companies...like, oh I don't know, selling the results of routine blood tests to insurers? Such a thing is only a small mission creep away. And you'd be surprised what a blood test can reveal...
The point here is the breach of trust and that the patients involved were never given a choice (probably because they knew any sane person would say NO). So, yes, jail time please. Because if a serious punitive penalty isn't handed down, it would be a de facto sanction of this sort of behaviour. Are you happy with what that might imply?
To clarify, this isn't about what the data in question is, or even who it is being shared with, it's about the manner in which it was shared. If this isn't slapped down, well, what headlines will we be reading here in the future?
-
Saturday 30th April 2016 10:52 GMT David 164
Re: What kind of moronic thinking is that?
Ambulance driver missed signs of sepsis,
Nurse missed signs of sepsis,
Doctor missed signs of sepsis,
consultant missed signs of sepsis,
Google software didn't, another life save.
Bet that headline doesn't meet your narrow view of the world does it?
Every data protection form I have ever signed have included giving permission for my data to be analyse and process by third parties, this is no different. If people don't want to read them that their fault.
-
Saturday 30th April 2016 13:31 GMT Anonymous Coward
Re: What kind of moronic thinking is that?
Every data protection form I have ever signed have included giving permission for my data to be analyse and process by third parties, this is no different. If people don't want to read them that their fault.
This is different because this is specifically about medical research. The cornerstone of the ethics of medical research on humans is the Helsinki Declaration, which states, amongst other things, that research subjects' participation in medical research must voluntary, which means that they must agree to it, and know what they are agreeing to. If they haven't read the form, then they haven't agreed to it.
Why? Just look up the Tuskegee syphilis experiment.
-
Saturday 30th April 2016 16:12 GMT Yet Another Anonymous coward
Re: What kind of moronic thinking is that?
The real tragedy is that this will kill people.
Every time something like this happens it makes people less likely to assist in real medical trials, t makes the barriers to doing medical research harder, it means drugs and treatments will be delayed or never started.
-
Saturday 30th April 2016 23:56 GMT David 164
Re: What kind of moronic thinking is that?
Except that dealing with experiments on the patients directly with new drugs or surgical techniques, which at the moment Google isn't doing. What Google is doing with this set of data is training it neural network to recognise when a patient has kidney problems from their medical records. CQC, NICE and other organisation already does this on a regular base, NICE use patient records to confirm whether drugs are as good as they claim and whether they are worth the price we are paying for them. CQC use them to spot where parts of the NHS are failing.
Helsinki Declaration will only come into effect once Google start to test its technology in a live clinical environment and are monitoring real patients, presumably in real time because that the moment when they are actually experimenting and using patients as guinea pigs.
-
Sunday 1st May 2016 11:45 GMT Anonymous Coward
Re: What kind of moronic thinking is that?
Helsinki Declaration will only come into effect once Google start to test its technology in a live clinical environment and are monitoring real patients,
No - the Helsinki Declaration applies to all medical research involving human participants. This sounds like a worthwhile project, but that doesn't mean ethics can be ignored.
And actually the last box in Section 5 suggests to me that this system is being used in clinical decision making, and so may affect the treatment that participants receive, or do not receive. I have bolded the relevant sentence.
Identifiable data will be retained by the system for up to 5 years from the creation of the record, or until the End Date for the project, whichever comes first, in order to facilitate algorithms requiring historical data in order to correctly generate an alert. As this data is being held for direct care purposes, pseudonymization is not required. Should a pseudonomized copy be completed for non-direct care purposes, then it would be done in line with the HSIC guidelines.
-
Sunday 1st May 2016 16:54 GMT Anonymous Coward
Re: What kind of moronic thinking is that?
@ Smooth Newt
Thanks for spotting that (your bolded bit). I assume that this is a trial before adoption by all NHS hospitals.
So, in the same way that care.data has ensured I will never see a NHS GP ever again, now this little bit of data incontinence will ensure that I never see a NHS hospital ever again.
On my limited income, I can't afford private care. So I'd better not become ill!
-
-
-
-
Saturday 30th April 2016 16:24 GMT Anonymous Coward
Re: What kind of moronic thinking is that?
Ambulance driver missed signs of sepsis,
Nurse missed signs of sepsis,
Doctor missed signs of sepsis,
consultant missed signs of sepsis,
Google software didn't, another life save.
Bet that headline doesn't meet your narrow view of the world does it?
Sure. And now try this again where there's no signal - wouldn't you prefer to improve the chain of people who missed it so they won't next time?
It is certainly possible to have Google mass-analyse data and come to better conclusions, but not before that process is anonymised to the point that back-tracing the data would lead to Obama himself instead of the patient in question, because otherwise you will only have provided yet another excuse for mass surveillance.
F*ck that.
-
Sunday 1st May 2016 00:00 GMT David 164
Re: What kind of moronic thinking is that?
Actually it not about coming to better conclusions, it about using these medical records to train up a Deepmind Neural net so that it can spot a patient with kidney trouble or sepsis or any number of other conditions before they become life threatening and presumably before a human doctor could.
-
-
Sunday 1st May 2016 07:34 GMT Mike Pellatt
Re: What kind of moronic thinking is that?
Ambulance driver missed signs of sepsis
You are Jeremy Hunt and I Claim My Five Pounds.
For your information, the people you are presumably referring to there, who are qualified to make certain diagnoses and carry out certain treatments, are professionals whose job title is Paramedic. They are not Ambulance Drivers, despite the Health Secretary's recent repeated attempts to down-classify them every time he mentions them in a speech. He's yet to change his language.
-
Monday 2nd May 2016 05:53 GMT jrchips
Re: What kind of moronic thinking is that?
Time to legislate universal 'opt-in' language for all third party use of personal data. One of the provisions would be that if you choose not to make the data available to third parties, the service cannot be refused. This would extend to data retrieved from personal computers by software programs, including browsers.
We've currently got the equation backwards. It's time to put the consumer (not the service provider) first.
-
Monday 2nd May 2016 11:39 GMT AndrewDu
Re: What kind of moronic thinking is that?
Well if you agreed, bully for you - I wouldn't, but each to his own. At least you had the choice.
Maybe you missed where it said that the patients in this case were not consulted, and had no meaningful way to opt out?
That's the issue, not the question of what they might or might not have done if given the option.
-
-
-
Saturday 30th April 2016 16:20 GMT Anonymous Coward
Reply Icon
So.... people should got to jail because other people dont trust google........
What kind of moronic thinking is that?
The same kind of moronic thinking that prevents 100 people from randomly being arrested because it may possibly catch one single shoplifter. There are laws for that, but for some reason, Google is always allowed to ignore them.
On top of that, what, a blanket ban on google using data from other organisations, even if it could be a benefit?
Yup. Onder NO CIRCUMSTANCES WHATSOEVER is Google ever to be given personal information without the EXPLICIT, OPT-IN AND INFORMED permission of the people it concerns. The EXPLICIT is simply because that is the law, OPT-IN because it concerns data considered sensitive and so we hit another aspect of the same law and INFORMED because Google is rather adept at "forgetting" to mention things or bury them deep down in Terms that make War & Peace shorter to read.
So, in short, f*ck Google with a blunt and oversized stick for again grabbing data they have no business accessing, and I hope the people responsible will be taken to task by the UK Information Commissioner. Given that it's patient data I am personally disappointed that we have as yet no mandatory jail sentences for this because this sh*t really has to stop.
And no, I'm not an Internet hater, but one of the people that has to clean up the mess and deal with the human misery when such data inevitably gets abused. What easily obtained isn't valued, and Google epitomises the abusers out there.
If you're OK with Google accessing this I expect you to post your full medical record here, from DOB onwards.
-
-
-
-
Saturday 30th April 2016 01:14 GMT Anonymous Coward
Google: Sorry NHS didn't find anything but thanks for sharing...
Google HQ:
...Program Running....
......Analyzing... Computing... Sequencing....
.........Patients:
............Larry Page,
............Sergey Brin,
............Eric Schmidt...
.
............Immortality Program Complete....
.
............Have a nice day!
.
.
............[Paging: Next patient: David Cameron....]
-
Saturday 30th April 2016 03:57 GMT Anonymous Coward
So much for the Helsinki Declaration
Patients can opt out by asking their physicians, in writing, to do so, they said. However even that approach would not prevent people's live data feed from being shared.
Which sounds like patients can't completely opt out, even if they jump through this hoop, though this may be moot since someone cannot give informed consent or not to something of which they are ignorant.
-
This post has been deleted by its author
-
This post has been deleted by its author
-
This post has been deleted by its author
-
-
Saturday 30th April 2016 04:48 GMT Frumious Bandersnatch
Welcome to the BRave new EXIT (of your personal information)
One supposes that this is just the sort of deal (with default "opt-in" clauses) that British regulators would love to sign up to. They'd totally get away with it, too, if it weren't for that pesky EU.
Closest icon I can find for a Scooby Snack (gurning counts, doesn't it?)--->
-
Saturday 30th April 2016 16:59 GMT Terry 6
Re: Welcome to the BRave new EXIT (of your personal information)
You got there before me.
At least one motivation behind BREXIT is that, with no effective English or Welsh opposition, leaving the EU would let ideologically bound, free market, Devil take the hindmost, politicians and their big business backers do what they want. Stuff data protection for the ordinary folk, alongside independent protection for human rights, safe working practices, reduced roaming costs, controls on utility charges and so on. (aka "Red tape" hindering business).
-
-
Saturday 30th April 2016 05:53 GMT Anonymous Coward
But....
google says they don't do any (????) business in the UK. It is all done in Ireland.
So are we right to assume that all the UK patient data has already gone offshore?
Perhaps google might like send all theut UK Employees to Ireland and effing stay there.
How they have changed from the days of 'Do No Evil'.
And before anyone askes, I did have a google account when I was silly enough to buy an Android (HTC) phone. Does not use my real name or email address. Other than that I work in a google free zone.
Long may it continue.
-
Saturday 30th April 2016 11:03 GMT David 164
Re: But....
They actually state they don't sale ads in the UK, given that where nearly all of it profits are made, there very little generation of revenue and thus profits being made in this country. I don't like this anymore than you do but the politicians could change the law tomorrow if they wanted, they won't because they themselves would be hit by such changes to the law.
-
-
-
-
-
Sunday 1st May 2016 15:27 GMT Yet Another Anonymous coward
Re: revenge porn
I wrote the module to do noise reduction on MRI and CT scans in one major bit of software.
It is now very difficult to get sample data.
The clinician can just annomize the patient data portion before they send it to us - if they know how,
But a shopping mall scan clinic, who are the source of most of the bad scans, aren't going to go through the process of getting consent, forming an ethics board and having a human trials review and proving their HIPAA compliance for a $500 scan.
There is official NIH test data, but it is all taken on perfectly calibrated, professionally operated laboratory grade scanners - not what you want to solve the problem of CT scans of hipsters with too many piercings.
-
-
-
Saturday 30th April 2016 06:20 GMT gnufrontier
The spotting of another iceberg tip
Not to bring everybody down but we are already in the end game. All that is left is for the Privacy king to resign. He had a good run but nothing lasts forever. Technology is not neutral and privacy is a moving target. The roots of privacy are in shame avoidance and not a political right that acts as an antidote to totalitarianism. Just to make the whole stew even more foul tasting let's throw in some political utilitarianism (the greatest good for the greatest number - a ridiculous notion but one held by many an apparatchik I'm sure) and top it off with the ever present promotion of "big data" as somehow being the new mechanism that will hasten the utopian future (forever chased and always receding) that gives purpose to the starry eyed technologists raised on science fiction and the notion that somehow our the past accomplishments have been something more than dumb luck, the right time, right place events that make up the contingencies of all history. Privacy will be one of those values that is still given lip service but in effect is already being moved to the the shelf to take its place among those other concepts that have become little more than sentimental artifacts like self sufficiency and rugged independence. We can dig in our heels but eventually our shoes will wear out.
-
Saturday 30th April 2016 07:38 GMT Rich 11
Re: The spotting of another iceberg tip
Just to make the whole stew even more foul tasting let's throw in some political utilitarianism (the greatest good for the greatest number - a ridiculous notion but one held by many an apparatchik I'm sure)
I think you must hold a very shallow understanding of utilitarianism. Following that with a bare assertion denoted in such terms suggests you have a hobby horse you are desperate to ride.
-
Sunday 1st May 2016 11:45 GMT Anonymous Coward
Re: The spotting of another iceberg tip
Not to bring everybody down but we are already in the end game. All that is left is for the Privacy king to resign. He had a good run but nothing lasts forever. Technology is not neutral and privacy is a moving target.
Actually, it isn't. Another two..three months and the world of privacy will look remarkably different, trust me on this (and yes, I *AM* an expert).
-
Saturday 30th April 2016 07:13 GMT Anonymous Coward
This has health privacy implications far beyond just the affected patients...
I read the story and wondered why the RFL had done a deal with Google rather than British researchers who, presumably, would be able to analyse the data perfectly well? A moment's thought and the answer becomes perfectly clear: the reason Google were chosen is because they fully intend to identify the individual patients and match them with the 'lifestyle' (aka browsing and online purchasing history) that they have for these people.
So welcome to the future: where Google and its advertisers know you're ill before you do. The next time you come to insure your car and find that you can't get a quote for anything less than a thousand times the value of the car, make a note to go and see your doctor. :-(
-
Saturday 30th April 2016 10:36 GMT Androgynous Cupboard
Re: This has health privacy implications far beyond just the affected patients...
Jeez, you people. At risk of sounding out-of-step with the groupthink here I'm not sure I see the problem.
First, what difference does it make if the researchers are British or not? Second, provided the safeguards on the data are adhered to, then all the big-brother-doom-and-gloom scenarios in the comments just don't happen. The fact Aunty Mabel has a fondness for heroin is not going to wind up in a search engine, because there are specific contractual safeguards on the data to prevent this. If the safeguards are adhered to, it's fine.
If they're not, then there's a data leak then heads will be on spikes, and I will personally help put them there. But that would apply to any firm with any private data for any one of the hundred NHS projects that are running, not just this one. And there's no particular reason to believe it will happen.
There is a lot of data. Properly processed it may help diagnosis, which will keep people alive. This is a good thing. The NHS doesn't have the expertise for this in house so hires in outside consultants with expertise in managing large datasets. This is OK, provided the data is properly safeguarded. You might well object to your data being used like this, fine, but I don't see why this project gets your hackles up any more than any other.
If this article were rewritten with Fujitsu or HP instead of Google, would there be as much outrage? I doubt it. If anything Google are less likely to run five times over budget and not finish the job, which is what you'd expect from a normal NHS IT project.
-
Saturday 30th April 2016 16:17 GMT Yet Another Anonymous coward
Re: This has health privacy implications far beyond just the affected patients...
> if the researchers are British or not
I don't care if the researchers are British or not, I care if they are working for an ad agency that is the world's largest collector and seller of personal data.
I would be similarly miffed if the data had been sold to British researchers working for the Sun.
-
Saturday 30th April 2016 16:36 GMT Anonymous Coward
Re: This has health privacy implications far beyond just the affected patients...
Second, provided the safeguards on the data are adhered to, then all the big-brother-doom-and-gloom scenarios in the comments just don't happen.
Really? I have news for you. You ought to *really* examine US law, and you'll find that there are no real barriers for any random agency to get hold of that data once Google las gotten its hands on it - that's what they're trying to hide with Privacy Shield. THAT is why Google shouldn't get its hands on non-anonymised data, and at that point I haven't even mentioned Eric "You have no privacy, get over it" Schmidt yet.
-
Tuesday 3rd May 2016 13:07 GMT Androgynous Cupboard
Re: This has health privacy implications far beyond just the affected patients...
Really? I have news for you. You ought to *really* examine US law, and you'll find that there are no real barriers for any random agency to get hold of that data once Google las gotten its hands on it
Before you go off the deep end, try actually reading the agreement from the original article.
Data will not be transferred outside the EEA. The NSA do not have free access to european data centres. If you believe that they do, then the data would be unsafe regardless of whether it was google or not.
Way, way too much hyperbole in these comments.
-
-
Saturday 30th April 2016 20:56 GMT anonymous boring coward
Re: This has health privacy implications far beyond just the affected patients...
" Second, provided the safeguards on the data are adhered to, then all the big-brother-doom-and-gloom scenarios in the comments just don't happen. "
Let's use the slowly boiled frog analogy here -even if it's totally incorrect.
You get the idea. You are the frog, if that's not obvious.
Also, the more such presumably safe, fine, and dandy allowances of access to massive databases of private data are allowed, the bigger the risk that errors will expose this data. It's like all systems: Mundanity breeds carelessness. (And that's even if ignoring the simple fact that repetition increases the chance of an unlikely outcome occurring.)
-
Sunday 1st May 2016 00:04 GMT Anonymous Coward
Re: This has health privacy implications far beyond just the affected patients...
The issue is lack of informed consent on the part of those whose data has been shared, pure and simple. Whether or not the data has been supposedly anonymised or not is irrelevant. There isn't supposed to be ANY sharing of data without the consent of the patients involved. This is not a hard concept to grasp.
'Data anonymisation' processes have been shown to be unreliable; Google has proven itself many times over to be lacking in ethics in the way it goes about its business, and it's a foreign business at that. There is no way that anyone's data should have been given to Google without their explicit consent.
Seems a clear cut case of a crime having been committed to me, and yes, jail sentences are entirely appropriate, under the circumstances.
-
Sunday 1st May 2016 09:56 GMT Bilious
Re: This has health privacy implications far beyond just the affected patients...
If I read the article right, acute kidney injury was the primary target. Acute injury predisposes for chronic renal failure which is a personal disaster for those struck by it. Chronic haemodialysis or renal transplantation are life saving, but are nonetheless a heavy burden healthwise and practically.
So the project of finding early warnings - and hints of why some seem to be protected - in seemingly irrelevant observations - is a laudable one. Early and effective intervention in risk groups would be a great improvement compared to the present-day situation.
Getting rid of the need for kidney transplants would be great. Someone has to start with data gathering to find clues for a work hypothesis. Google did.
-
Monday 2nd May 2016 05:55 GMT Anonymous Coward
Re: This has health privacy implications far beyond just the affected patients...
This is all well and good if you trust any of the people involved. I sure don't!
I don't trust Google not to profit outside of this "controlled AI training" test. I don't trust they wont ship the data outside of the UK or restrict access to it from outside the UK.
I don't trust the NHS management and civil servants/MPs who brokered this deal to be working in the interest of the people. They just want something fancy to put on their CV or to get that nice private sector job after kissing enough ass as a public sector employee.
The only people i have any respect for are the front line doctors and nurses who actually provide real benefit to society, the juniors of which are currently trying to be broken by Mr Hunt.
Google and their acolytes can F right off!
-
-
-
Saturday 30th April 2016 08:45 GMT SVV
I think I've worked it out
Cameron and Osbourne make no secret of the fact that they meet regularly with Google execs.
Putting the National Pupil database up for sale to all with deep pockets a week or so ago was just a first test case. Unfortunately it succeeded, as there was little attention paid to it by the press and therefore no public outcry.
Mass data collection bill now sailing through parliament with Tory majority.
"Well Eric and Larry, perhaps we could let you help us analyze this data with your amazing AI tech, here is a copy of it all, do what you like with it"
"I'm sure we could do great thiings with this, how about a nice well paid directorship once you leave Downing Street?"
-
Saturday 30th April 2016 09:07 GMT wolfetone
Re: I think I've worked it out
"Unfortunately it succeeded, as there was little attention paid to it by the press and therefore no public outcry."
If someone had said that Hitler was in favour of doing such a thing, you wouldn't have been able to move without seeing it plastered on a newspaper.
-
-
Saturday 30th April 2016 08:53 GMT Anonymous Coward
"Anonymous" data
Haven't we seen enough research that demonstrates anonymous data isn't really that anonymous, and with enough other data it is possible to de-anonymize it? If anyone has access to enough other data to make that happen, it is Google. They're the last ones I'd trust to have access to data like that!
I wonder exactly what data it is? If they had the date of a GP visit and a few metrics like height, weight, BP, cholesterol, etc. you might think that's harmless, but if they have purchase data for shopping they'll know what size you wear which can be loosely correlated to height/weight. Not enough to de-anonymize. Let's say you were hospitalized for a few days, if they then correlate that height/weight vs clothing size information against when you were absent from the internet (easy for them to tell since Google Analytics has trackers on every major web site) and they can narrow it down quite a bit. If the "anonymous" information also includes the region of the UK in which you live and they might be able to identify you as an individual.
Anyone who thinks "Google wouldn't do that, they have no desire to unmask the anonymity" hasn't been paying attention to Google's whole business strategy. If they did this in the US and I had a heart attack, if I lifted my ad blocker I'd probably start seeing a bunch of ads for Lipitor and friends the day I got home. There's just too much money in that for them not to stick their snouts in the trough.
-
-
Sunday 1st May 2016 11:42 GMT Anonymous Coward
Damn it, all those times I've been in A&E and not read the small print where it says "We may share your information with selected 3rd parties. To opt out of this, please tick this box".
Yes, sure. The only problem is that that would not have been valid under DPA. You are not allowed to default to opt in and ask people to opt OUT if the data is classed as "sensitive, which health data is.
It would be rather amusing if that is how they have been gathering permission because it would create a huge mess - it would effectively declare the data given to Google as illegally acquired. Uh oh..
-
-
-
Saturday 30th April 2016 15:13 GMT Anonymous Coward
Considering this issue wasn't mentioned in the media until after the event, that there was no mention of it in hospitals or GP surgeries, and that there was no official form to use to opt out, I'd say that one million was a fair number. I suspect it would have been higher had the government not backed down when it did all hit the fan - no doubt they're working on getting what they want in other ways.
-
-
Saturday 30th April 2016 11:52 GMT Boris the Cockroach
Its
the sharing of information that bothers me rather than the noble cause of identifying people with kidney failure
How long before the data is sold on by google dispite the 'assurances' and who would want their future employers know they had a overwork stress induced breakdown 15 years ago while applying for a job....
Thin end of the wedge and all that....
-
-
Sunday 1st May 2016 23:42 GMT Hollerithevo
Re: Just like they did books
And if you've ever got a Google-scanned book, you'll realise how sloppily they did the scanning -- pages missing, lines dropped, etc. Hastily did a bad job to lay claim on the book, without actually rendering the book properly digitable, because they don't care about books, but about owning everything.
-
-
This post has been deleted by its author
-
-
Sunday 1st May 2016 17:32 GMT Anonymous Coward
Re: They appear to be in breach of their own privacy statement
@ AC re "breach of their own privacy statement"
They seem to have given themselves sufficiently leeway:
"However, in exceptional situations we may need to share information without your permission if:
* it is in the public interest – for example, there is a risk of death or serious harm"
It just depends on how they define "exceptional", "risk of death" or "serious harm". I am sure those definitions are all sufficiently elastic that there will be no need to change anything.
-
-
Sunday 1st May 2016 13:41 GMT x 7
as for giving consent............
a couple of years ago I was taken to hospital with a burst, abscessed appendix. They wheeled me into the pre-op room, ready for the op and then made me sign the consent form. By that stage I was so freaked by the pain, urgency and fear of impending death if something didn't happen quickly that I would have signed ANYTHING to make the problem go away. In a situation like that you can hardly say that "consent was considered". It was more like "sign this or you're going to die". And no I had neither time, ability or inclination (I was on morphine) to read the details
-
Monday 2nd May 2016 05:47 GMT Anonymous Coward
Data high-jack.
We have seen it all before, when PJ allowed OSRM, in 2004, to use the data collected by Grokline, the UNIX/Linux Ownership History Timeline, OSRM first put their own copyright notice on the web site. Then when PJ left employment with OSRM and tried to reinstate Grokline it was found that it could not be done. Grokline was never seen again. Effectively the data was gone for community use. Of course Google have said that the data will be deleted when they have finished with it, so that is all right then.
Be careful government, when you sup with the devil you should use a long spoon.
-
Monday 2nd May 2016 08:47 GMT 0laf
With the way Westminster works right now you can expect a severe kick in the nads if you don't shift your data to 'murican cloud based operators. It's cloud by default, doesn't matter how appropriate it is or even if it will really save money.
I'd have expected something like this to have had a pretty serious PIA carried out and been given the nod by the ICO before it happened.
It's not impossibly to do things like this but it is difficult and if patients weren't informed or consent sought then it would imply that no PIA was done.
-
Monday 2nd May 2016 21:53 GMT KeithR
"and been given the nod by the ICO before it happened."
Very unlikely that ICO will have had ANY say on this: the ICO actively discourages requests for it to rubber-stamp (in particular) iffy projects, in case - if/when said project crashes and burns - the ICO's "approval" is cited in defence.
The ICO is FAR more likely to say "you're the data controller - it's for you to assess the risks against the benefits..."
-
-
Monday 2nd May 2016 10:54 GMT Anonymous Coward
On A Similiar Note...
...schools play equally fast and loose with pupil data.
My son's school is claiming they don't need permission - despite asking for it - to send identifiable information (name/address/DOB) and senstitive information (ethnicity) to *dozens* of external companies, none of which they are legally obliged to send data to.
They admitted to carrying out no due diligence on any of the external data processors, nor to having a data retention policy, both in clear violation of their DPA obligations.
Once data leaves the building you have no idea where it is stored, who has/will access it or what they will do with it, no matter what the contract says.
Good to know that health data and school pupil data is being treated equally well...
-
Monday 2nd May 2016 12:41 GMT 0laf
Re: On A Similiar Note...
I've heard some real horror stories about academy schools. IT being set up and run by a pupil, parents running email systems, all sorts of stuff going out on public cloud services.
I'm sure everyone will be happy to know that a 14 year old has full admin rights to the servers holding confidential child protection information and payroll.
-
Monday 2nd May 2016 13:03 GMT x 7
Re: On A Similiar Note...
"My son's school is claiming they don't need permission - despite asking for it - to send identifiable information (name/address/DOB) and senstitive information (ethnicity) to *dozens* of external companies, none of which they are legally obliged to send data to.
They admitted to carrying out no due diligence on any of the external data processors, nor to having a data retention policy, both in clear violation of their DPA obligations."
REPORT THEM!
-
-
Monday 2nd May 2016 21:47 GMT KeithR
"This is different because this is specifically about medical research. The cornerstone of the ethics of medical research "
The word RESEARCH is key here.
Section 33 of the DPA refers.
Despite all the (typically) ill-advised, indignant, uninformed caterwauling on here, what's happening is almost certainly legitimised by s.33 DPA...
-
Wednesday 4th May 2016 16:10 GMT Daggerchild
Fearblind
Yeah, okay, so, while everyone is screaming and frothing about this potential threat, I'll just leave this here:
http://www-05.ibm.com/innovation/uk/watson/watson_in_healthcare.shtml
which was reported here:
http://www.theregister.co.uk/2016/02/18/ibm_watson_in_26bn_grab_to_completely_own_300m_patient_lives_data/
getting a whole 5 comments..
Google are simply making the mistake of going in the front door, while IBM are swallowing entire Heathcare data processors whole, then digesting their data and assimilating their pre-approved data access privileges.