Should we trust Google with our data?

The public furore1 over Google's DeepMind is on one level understandable; patients want to feel like they are in control and have a say in how their data is used. However, the underlying benefits of using technology to improve patient outcomes is an area where a great public service can be achieved.

If you were told that the information about you could save someone's life, would you not think that were a good thing? Many of the arguments hinge around "trust", but I believe trust is a two way street. Should we trust Google if given specific guidelines on how anonymised data is to be used? Sure. Why not?

But should we trust patients to deny access to their data when it could be used to benefit the wider patient community? Once again, within sensible guidelines I believe that trust to be implicitly granted. The precedent for mistrust in this domain has not been helped with scheme's such as Care.Data which have largely failed to engage the patient's voice effectively. The Great Unwashed are right to think something doesn’t smell right…

However, I am not for a free access model to patient data, and not sure who would be. Data is a distinct asset of the NHS akin to the informatics crown jewels and making it freely available would seem a foolhardy venture. But the significant challenges that are faced in creating a seamless electronic patient record for the NHS cannot be understated. If technology companies like Google or Microsoft can help achieve part of this then we have to consider it in a sensible, rational way.

Creating a cohesive record from the walled garden of disparate local IT systems with inherently poor interoperability is not an easy task. No amount of megalithic e-hospital system deployment will solve that problem but whether Google are the company to disrupt the market remains to be seen. (You can read Tomaz Gornik's post on the Postmodern EHR for lessons to be learned from ERP market disruption).

And this is where I have concerns about some of the language used by campaigners such as Jen Persson (from pressure group Defenddigitalme). She has been quoted as saying;

"Hospital trusts should think twice before gifting commercial companies confidential data on an ad hoc basis, without informed patient consent, without transparent oversight, and patients should be asking what precisely will it be used for, by whom, and with what safeguards."

No one is being "gifted" data on an ad hoc basis and to do so would be like writing a blank cheque to the ICO. These reciprocal commercial agreements offer benefits to both parties and the statement is somewhat misleading. Where scrutiny does need to be applied is in the way that some agreements can pass as offering benefits to patient care. While Jen is correct in the "transparent oversight" argument, asking each patient for permission to use their data in each case is not feasible. We have to trust in the abilities of information and clinical governance policies employed in each organisation as they are the ones that would have to answer to the ICO.

I am not 100% clear on the sorts of contracts that Google have signed with NHS institutions, but there is usually something "in it" for the hospital. If that is software they could seldom elsewhere afford to procure or develop to support patient care, then that seems like a sensible commercial relationship to pursue.

The oft used question posed in articles with data sharing alarm bells is "what's in it for Google?”. But someone also needs to ask "what's in it for the patient", and if the answer is "this could save their life" then maybe the former question is put into a bit more context.

So in answer to the initial question, I think that we can trust patient's to make the right decisions about their data. But informatics policy makers need to make sure the benefits are clearly articulated and that a patient can understand "what's in it for me".