患者数据安全的重要性:谷歌Deep mind和英国NHS合作数据不合法

https://m.firstwordpharma.com/google-deepmind-royal-free-nhs-trial-failed-comply-uk-privacy-law

Royal Free NHS Foundation Trust提供了160万患者病历数据给谷歌Deepmind,作为急性肾衰竭检测APP Streams的测试的一部分,英国信息专员办公室( UK's Information Commissioner's Office)判定Royal Free NHS Foundation Trust这个行为违反了数据保护法案。这给英国人工智能公司以沉重打击,没有数据,所有AI都不行。在这一点上,美国看起来更开放些,IBM、Flatiron等公司都获取过不等数量的病历数据,还没有哪个政府部门指控它们。

原文如下:

Google DeepMind, Royal Free NHS trial failed to comply with UK privacy law

Ref: ICO;BBC News;The Verge;CNBC;The INQUIRER;Sky News;London South East;Business Insider

The UK's Information Commissioner's Office (ICO) ruled Monday that Royal Free NHS Foundation Trust violated the Data Protection Act when it provided personal data of around 1.6 million patients to Google DeepMind as part of a trial testing the Streams app designed to detect acute kidney injury. Elizabeth Denham, the ICO's information commissioner, remarked that "there's no doubt the huge potential that creative use of data could have on patient care and clinical improvements, but the price of innovation does not need to be the erosion of fundamental privacy rights."

In May 2016, a report indicated that information on 1.6 million patients at London hospitals had been passed on to DeepMind as part of a formerly undisclosed data-sharing agreement between the artificial intelligence company and the NHS. Last November, the parties announced that they expanded their collaboration to improve patient outcomes with the Streams app. According to the ICO, the app was moved to live deployment in February this year, "and it is now in active use by Royal Free clinicians."

Denham noted that "our investigation found a number of shortcomings in the way patient records were shared for this trial. Patients would not have reasonably expected their information to have been used in this way, and the Trust could and should have been far more transparent with patients as to what was happening." She added "we've asked the Trust to commit to making changes that will address those shortcomings."

FirstWord Reports: Providing insight, analysis and expert opinion on important Pharma trends and challenging issues

The UK data regulator will not issue any fines in the case, but has asked the Trust to establish a "proper legal basis" for the Google DeepMind project and for any future studies, as well as to outline "how it will comply with its duty of confidence to patients in any future trial involving personal data." The ICO added that the Trust has also been asked to complete a privacy impact assessment, including specific steps to ensure transparency, and to assign an audit of the trial, "the results of which will be shared with the Information Commissioner, and which the Commissioner will have the right to publish as she sees appropriate."

DeepMind said it welcomes the ICO's "thoughtful resolution" of the case, and acknowledged that it made several mistakes during its original deal. The company added that it should have better explained the agreement to both patients and the public, and that it "underestimated the complexity of the NHS and of the rules around patient data."

In May, the National Data Guardian, the most senior data protection adviser to the NHS, said that Google DeepMind had received the personally identifying medical records of 1.6 million NHS patients on an "inappropriate legal basis."

你可能感兴趣的:(患者数据安全的重要性:谷歌Deep mind和英国NHS合作数据不合法)