Google’s Nightingale Project: A Boon or a Curse?

Alphabet stock (GOOG) (GOOGL) was volatile yesterday, closing 0.08% lower. One reason for the volatility may have been Google being on the government’s radar for its healthcare initiative, Project Nightingale. Google has been working with Ascension to move patient data to the cloud. In addition to concerns about hackers getting hold of cloud-stored patient data, there are questions about how the tech company could use the data.

What is Project Nightingale?

Google is working with Ascension, a not-for-profit Catholic healthcare system with 150 hospitals and 50 senior care facilities in the US, to migrate patient data to the cloud. In a blog post, Google what that Project Nightingale is “a business arrangement to help a provider with the latest technology, similar to the work we do with dozens of other healthcare providers.” Google also provides cloud services to the Colorado Center for Personalized Medicine, Cleveland Clinic, American Cancer Society, and many more. The company wrote that using Google Suite could improve connectivity for Ascension’s employees as well as healthcare professionals. Google hasn’t disclosed the deal’s financial details.

Google addresses investors’ concerns

In the blog post, Google clarified that it has signed a business associate agreement with Ascension, and upholds protected health information guidelines. It also clarified that “any Ascension data under this agreement will not be used to sell ads.” Google has agreed to cooperate in the federal inquiry into whether it adheres to relevant regulations. But does the law define a comprehensive approach for the use of health data and cloud technology?

Data protection regulations

Introduced in August 1996, the Health Insurance Portability and Accountability Act, or HIPAA, safeguards US patients’ personal and medical data. The US Department of HHS (Health and Human Services) modified the penalties for data misuse in April 2019. Under the HHS penalty tier structure, the lowest penalty tier is where data is misused without knowledge. Meanwhile, the highest is where a problem is wilfully neglected. HIPAA guidelines also describe an auditing program to keep an eye on how healthcare organizations are monitoring data privacy and security.

Will Google be able to use patient data?

HIPAA rules clearly state that the use of de-identified health information is permissible. In other words, companies could use patient data without revealing patients’ identity. The law permits the use of a “limited data set” of health information for “research, public health or health care operations.” Therefore, even though the law may not allow Google to target ads, the company could still analyze data and share non-personal details with other market players. It is unclear whether Google will offer analytical services to Ascension.

Blockchain tech and wearable devices in healthcare

Cloud computing isn’t the only technology taking the healthcare sector by storm. Blockchain, the technology that powers Bitcoin, is also being deployed in the healthcare sector. Blockchain technology stores encrypted data with no possibility of the data being altered on the network. Only network users have access to the encrypted data.

Caregivers could also use wearable devices to track patient health. On November 1, Google announced plans to acquire Fitbit (FIT) for $2.1 billion. Many fitness enthusiasts use Fitbit devices to check their heart rate, monitor their blood pressure, and track their sleep patterns. Such wearable devices could play a significant role in hospitals and the healthcare industry.

The Google-Ascension and Google-Fitbit deals might seem unrelated. However, considered together, the deals appear to be cementing Google’s presence in the healthcare sector.