As payers and providers seek out tech giants to move their health data to the cloud, experts warn that they need to be more transparent after a secret deal between Google and Ascension generated controversy.
The Wall Street Journal reported earlier this week that Ascension, the second largest U.S. healthcare system, made an unannounced deal with Google to move Ascension’s detailed health information on more than 50 million patients to Google’s cloud computing system. But the deal has sparked major concern about privacy from advocates and lawmakers who note that Google is currently under a consent decree for major privacy violations.
However, experts say that the deal itself appears to be perfectly legal under the Health Insurance Portability and Accountability Act (HIPAA), the law that protects patient data.
“The failure is one of optics,” said Robert Tennant, director of health information technology policy for the Medical Group Management Association. “Google has been in the public eye and has drawn the attention of Capitol Hill.”
Google and Ascension’s deal is also two years old and was discovered by a newspaper rather than disclosed by the companies.
“I think there was a trust factor here that was violated,” said Mike MIttel, CEO of RapidFire Tools, a subsidiary of IT software business Kaseya. “Learning about this partnership from the Wall Street Journal article probably doesn’t bode well for folks who wanted to keep their information and records private.”
There is also a concern about the company itself, as Google’s business model uses data from its search engines to make money. The company continues to be under a consent decree issued in 2011 for tracking consumers that use its search engine.
The controversy is a wake-up call for providers and payers seeking similar arrangements, Tennant said.
“If you are going to engage in this type of very sophisticated leveraging of your patient’s data, it is not the worst thing in the world to go out and let everybody know,” he said.
A provider such as a major health system should put together a strong communications strategy to tell both physicians and patients what is going on and what safeguards for the data are in place, Tennant added.
A likely result from this incident is that providers, payers and tech giants such as Microsoft and Amazon will likely be overly transparent, experts say.
“I assume they will err on over communication rather than under communication,” said Max Pruger, general manager of compliance at Kaseya.
Such arrangements are likely to continue as tech giants wade more into the healthcare industry. Humana and Microsoft, for example, also recently announced a seven-year partnership to use cloud and artificial intelligence to create automation and predictive solutions for the insurer.
But the major difference between that deal and the Google-Ascension arrangement is transparency.
“Microsoft and Humana haven’t made a secret out of their partnership,” Pruger said.