Google University of Chicago Medical Center Accused of Sharing Patients Data

Google and the University of Chicago Medical Center are being sued for allegedly sharing unauthorized data from their patients.

• By Kaitlyn DeHaven
• Jul 01, 2019

Google and the University of Chicago Medical Center formed a partnership approximately two years ago with the goal of finding patterns in patients’ medical records for medicine and to better understand disease.

The companies are now being sued for allegedly not stripping out date stamps or doctor’s notes in patient record, giving Google the ability to identify the patients. The lawsuit claims the companies did not take the proper measures to ensure patient privacy, nor did they obtain the consent of the patients.

Records from between 2009 and 2016 were shared with Google, according to the lawsuit. According to the Chicago Tribune, Google and the hospital are claiming that the patients aren’t identifiable by their records, but the lawsuit alleges the record contained times and dates of treatment, as well as notes from providers.

“Google managed to fly under the radar as it pulled off what is likely the greatest heist of consumer medical records in history,” the lawsuit says.

The lawsuit also states that when patients enter the University’s Medical Center, they sign admission forms in which the university agrees it will not share their records with third parties like Google.

Both the university and Google have denied the allegations. Google said, in a statement, that they take their privacy seriously, and that they follow all rules and regulations.

“We believe our healthcare research could help save lives in the future, which is why we take privacy seriously and follow all relevant rules and regulations in our handling of health data,” Google said. “In particular, we take compliance with HIPAA seriously, including in the receipt and use of the limited data set provided by the University of Chicago.”