Inside Google’s Quest for Millions of Medical Records
The company has struck deals that grant it access to troves
of patient data; ‘We want to be helpful’
PALO ALTO, Calif.—Roughly a year ago, Google offered
health-data company Cerner Corp. an unusually rich proposal.
Cerner was interviewing Silicon Valley giants to pick a
storage provider for 250 million health records, one of the largest collections
of U.S. patient data. Google dispatched former chief executive Eric Schmidt to
personally pitch Cerner over several phone calls and offered around $250
million in discounts and incentives, people familiar with the matter say.
Google had a bigger goal in pushing for the deal than
dollars and cents: a way
to expand its effort to collect, analyze and aggregate health data on millions
of Americans. Google representatives were vague in answering questions
about how Cerner’s data would be used, making the health-care company’s
executives wary, the people say. Eventually, Cerner struck a storage deal with
Amazon.com Inc. instead.
The failed Cerner deal reveals an emerging challenge to
Google’s move into health care: gaining the trust of health care partners and
the public. So far, that has hardly slowed the search giant.
has struck partnerships with some of the country’s largest hospital systems and
most-renowned health-care providers, many of them vast in scope and few
of their details previously reported. In just a few years, the company has achieved the ability to view
or analyze tens of millions of patient health records in at least
three-quarters of U.S. states, according to a Wall Street Journal
analysis of contractual agreements.
certain instances, the deals allow Google to access personally identifiable health
information without the knowledge of patients or doctors. The company
can review complete health records, including names, dates of birth,
medications and other ailments, according to people familiar with the deals.
The prospect of tech giants’ amassing huge troves of health
records has raised concerns among lawmakers, patients and doctors, who fear
such intimate data could be used without individuals’ knowledge or permission,
or in ways they might not anticipate.
is developing a search tool, similar to its flagship search engine, in which
patient information is stored, collated and analyzed by the company’s
engineers, on its own servers. The portal is designed for use by doctors and
nurses, and eventually perhaps patients themselves, though some Google staffers
would have access sooner.
Google executives and some health systems say that detailed
data sharing has the potential to improve health outcomes. Large troves of data
help fuel algorithms Google is creating to detect lung cancer, eye disease and
kidney injuries. Hospital executives have long sought better electronic record
systems to reduce error rates and cut down on paperwork.
In his first extensive interview since joining the search
giant last January, the head of Google Health, Dr. David Feinberg, says the
tech giant’s push into health care is motivated more by the greater good than
profits. “I came here to make people healthy, I’m not here to sell them ads,”
Dr. Feinberg says. “Google is so good at being helpful. We want to be helpful
with knowledge, success, health and happiness.”
A Google spokesman sent an email saying the health systems it works with
“own their data, and we can only process it according to their instructions.”
the information gathered by Google can be used for purposes beyond diagnosing
illnesses, under laws enacted during the dial-up era. U.S. federal privacy laws
make it possible for health-care providers, with little or no input from
patients, to share data with certain outside companies. That applies to
partners, like Google, with significant presences outside health care. The
company says its intentions in health are unconnected with its advertising
business, which depends largely on data it has collected on users of its many
services, including email and maps.
Medical information is perhaps the last bounty of personal
data yet to be scooped up by technology companies. The health data-gathering
efforts of other tech giants such as Amazon and International Business Machines
Corp. face skepticism from physician and patient advocates. But Google’s push
in particular has set off alarm bells in the industry, including over privacy
concerns. U.S. senators, as well as health-industry executives, are questioning
Google’s expansion and its potential for commercializing personal data.
In one previously undisclosed example, Google reached an
extensive agreement last year with Intermountain Healthcare that allowed the
Utah hospital system to share with Google medical records including names and
other identity-revealing details, people at both companies say. The hospital
system and Google planned to apply Google’s search tool to Intermountain
An Intermountain spokesman now says that project didn’t go
partnership with the Rochester, Minn.-based Mayo Clinic allows Google access to
personally identifiable information when needed, Mayo says. When the
arrangement was announced in September, the hospital system said publicly that
data wouldn’t include names or other identifiable details.
and Intermountain say their deals with the search giant are structured to
protect patient privacy and security.
The issue began drawing widespread attention in November,
when The Wall Street Journal reported on Google’s “Project Nightingale” partnership
with Ascension, a Catholic chain of 2,600 hospitals, doctors’ offices and
facilities, to crunch detailed information on 50 million patient records across
20 states and the District of Columbia.
Outcry over the Ascension deal, including a federal inquiry
and objections from patients, shocked executives inside Google, and opened
fissures in its top ranks over how to proceed, according to people with
knowledge of the discussions. The head of Google Health, Dr. Feinberg, pushed to tell the public more
about his division’s operations, but met resistance from longtime staffers who
cite the company’s tradition of keeping potential new products under wraps.
A Google spokesman says the company has been transparent in
its work in the field, publishing its research and making some data sets
Dr. Feinberg says the company was mistaken to begin building
such a large, sensitive program outside of the public eye. At the outset, it
wasn’t clear how the project would advance beyond initial, experimental steps.
“We didn’t know what we were doing,” says Dr. Feinberg, a trained child
psychiatrist and former chief executive of Pennsylvania hospital system Geisinger.
Dr. Feinberg’s triage is ongoing. On its website, Google’s
cloud computing division until recently listed as a customer the large
nonprofit health system Kaiser Permanente, something hospital representatives
say isn’t accurate. Google removed the listing after inquiries from the
“We are not actively doing anything today with Google,” says
Kaiser Permanente vice president Elizabeth McGlynn. “We have to be very clear
about who shares our values about protecting patient privacy. Not every tech
company can satisfy that standard, and a lot of them come with baggage they
The roots of Google’s move into health stretch back before
the company’s founding in 1999.
Three years earlier, President Bill Clinton signed the
Health Insurance Portability and Accountability Act, or HIPAA, into law. The
legislation was intended to help individuals maintain their health plans and
combat rising costs by accelerating a shift to electronic health records. Its
more famous legacy, however, has become its rules on health data.
patients commonly believe HIPAA prevents doctors from sharing their data, in
practice it can do the opposite. The rules are written broadly enough for
health-care systems to share personally identifiable patient data with a broad
array of business associates for help with functions closely related to health
care, such as quality assurance or practice management.
as hospitals post notices that such agreements generally exist, they don’t have
to tell patients proactively who these third parties are or what personal data
they can access.
Google has long seen health data as a natural extension of
its stated mission to organize information. Parent Alphabet Inc. also boasts
divisions that work on extending life, early detection of disease, wearable
devices and drone delivery for prescriptions.
In 2011, Google shut down a one-stop medical-records
collection platform that required patients to input personal information
themselves. “Few consumers,” said one research analyst, “are interested in a
digital filing cabinet for their records.”
A few years later, under the code name “Guardian,” Google
began building exactly that—except in a way that didn’t give patients choice in
At first glance, Guardian, currently in testing, looks much
like the company’s flagship search engine. Type in a patient name and a
pull-down menu offers auto-fill suggestions. One click reveals personal patient
information like vital tests, surgical history and identifiable
information—culled in real-time from health system data portals.
Ascension, based in St. Louis, was eager to pilot the
program. The chain’s records, like many hospitals’, are a patchwork maze with
little consistency from state to state, impeding efforts to standardize care.
Ascension executives told a small circle of staff about the
project in May at meetings attended by Google staffers who passed out free
Google T-shirts, pins and notebooks. Millions of patient records were soon shared. Among the goals laid out
in internal documents reviewed by the Journal: to predict procedures that
patients might need, and identify “missed opportunities for revenue.”
After the Journal’s report, Ascension narrowed network
access among its own staff and some at Google to information about Project Nightingale,
people familiar with the matter say, adding that Ascension hasn’t re-examined
its Google ties.
Federal investigators in the Department of Health and Human
Services’ Office of Civil Rights in recent weeks began interviewing people
close to Project Nightingale as part of an inquiry into what regulators called
the “mass collection of individuals’ medical records” and whether security or
privacy were sacrificed. Google earlier said it would cooperate, and an HHS
spokeswoman declined to give an update.
Ascension’s innovations and strategy chief, Eduardo Conrado,
says hospital officials retain oversight of Google, control the data and audit
access. “In all of this work, access to our private cloud and the clinical
information contained within it is controlled, logged and monitored by
Ascension,” Mr. Conrado said in an email.
Google Health’s roughly 1,000 employees are headquartered in
a beige, unmarked office complex a few miles from Google’s sprawling Mountain
View, Calif., main campus.
The head of Google Health, Dr. Feinberg, is a former
Pennsylvania hospital system executive who joined Google one year ago. Dr.
Feinberg holds medical and business degrees and exercises for two hours each
day beginning at 4 a.m. He boasts about his $5 Wal-Mart fleece jacket, and is
an astrology enthusiast.
“I’m positive,” Dr. Feinberg says to a reporter good
naturedly, if inaccurately, “you’re Sagittarius.”
Dr. Feinberg says Google should be more transparent about
its plans in health care, though he won’t say how many personal health records
the company can currently view.
Reiterating what Google has told lawmakers and industry
executives in private meetings over the past two months, Dr. Feinberg says he
operates on a personal directive from Mr. Schmidt: “Don’t worry about making
comes to Google Health initiatives such as using artificial intelligence to
diagnose illnesses, Dr. Feinberg says the company may give consumers a choice
on whether to participate.
“All that other scary stuff—we’re going to be so explicit
about it,” Dr. Feinberg says. “Most people I think would say ‘Yeah, it’s
great.’ And some people can say, ‘I hate Google, no.’ ”
He says he wants patients to be fully informed of how their
data may be used: “I want to get the moment of consent there.”
is reluctant to allow people to opt out of Google’s core health-search tool. He
likens that to a physician knowingly offering substandard care, he says.
believe me that all we are doing is organizing that information to make it
easier for your doctor, I’m going to get a little paternalistic here: I’m never going to let that get opted
out,” Dr. Feinberg says. “It’s going to screw up your treatment.
We’re not going to be able to take care of you.”
Dr. Feinberg says he can see how the company’s track record
might make that a tough pill to swallow. Google Health’s DeepMind unit three
years ago admitted errors in accessing 1.6 million U.K. patient records.
“There’s a disbelief that what we say we’re doing is what we
are actually doing. And I think that’s Google’s fault,” says Dr. Feinberg, 57.
“There’s been missteps, right? We’ve got to own that. And that’s why we’ve got
to do even better.”
The Google spokesman’s email said the company is proud of
its efforts in the field, which are focused on using its expertise to “boost
access to quality care, free up providers’ time so they can focus on patients,
and expand the frontiers of medicine.”
There are other deals that bear a resemblance to the
Intermountain has for roughly a year had an agreement that
permits Google access to patient health records, according to people familiar
with the matter. The scope of the agreement, and its lack of detailed public
disclosure, is similar to Google’s Ascension partnership. Intermountain
discussed working on a beta version of Google’s Guardian search tool with
patient medical records.
Intermountain spokesman Daron Cowley said the hospital
didn’t share data that identified patients with Google. He said Intermountain’s
agreement with Google continues, but said it has no current projects with the
and its partners say patient data being shared is often “de-identified,” or
aggregated without personal information such as names and birth dates, but
there are indications that avoiding such details is likely to be a challenge.
federal lawsuit from a patient in Illinois alleges that one such arrangement
between Google and University of Chicago Medical Center includes information
that could be traced back to an individual using other data the search-engine
Google and the University of Chicago deny that, saying they
comply with federal privacy laws and have moved to dismiss the lawsuit.
“You can’t put knowledge in a box,” said Deven McGraw, an
advisor to Alphabet’s life-sciences arm and chief regulatory officer of health
startup Ciitizen. “If people can learn things, machines can learn things better
and faster. It can’t be contained.”
September, Google and the Mayo Clinic announced a partnership to “solve complex
health care problems.” Patient data would remain private and devoid of
identifiable personal information, Mayo officials said then.
neither Mayo nor Google disclosed at the time was that the Mayo contract with
Google permits Mayo to share personally identifiable health data in the future,
executives say. “It was not our intention to mislead the public,” Mayo Chief
Information Officer Cris Ross now says.
and Google both say Mayo hasn’t yet shared personal patient data with the
search giant, and that it would do so only if absolutely necessary. A Mayo
spokeswoman says the health system may split with Google rights to products
developed under the partnership.
“We have a
moral obligation,” Mr. Ross says, “to pursue discovery and advance cures for
As Google has moved to expand its data collection, some
potential partners have been put off by what they viewed as the company’s
aggressive maneuvers to acquire data without providing enough information on
how it would be used.
Google pushed one medical-data manager not to share data
with other companies, according to a person familiar with the pitch.
As part of its huge offer for Cerner, whose software is
embedded in doctors’ offices in 30 countries, Google used its size to its
advantage. Google Cloud executives offered that other arms of the conglomerate
would buy unspecified other services from Cerner, people familiar with the
Cerner ultimately accepted a less generous offer from
Amazon, in part because the company decided Amazon was more trustworthy on
security, according to one of these people.
Existing players in the health-care data market also fear
that the tech giant will gain too much power in their industry. Some hospital
and technology executives say they declined deals with Google lest it become a
“We could never pin down Google on what their true business
model was,” says a Cerner executive involved in the discussions.