Tag Archives: healthcare

Google’s Project Nightingale’ Gathers Personal Health Data on Millions of Americans

Google’s ‘Project Nightingale’ Gathers Personal Health Data on Millions of Americans

Search giant is amassing health records from Ascension facilities in 21 states; patients not yet informed


Google launched the effort last year with Ascension, the country’s second-largest health system.
PHOTO: DAVID PAUL MORRIS/BLOOMBERG NEWS

By Rob Copeland
Updated Nov. 11, 2019 4:27 pm ET

Google is engaged with one of the U.S.’s largest health-care systems on a project to collect and crunch the detailed personal-health information of millions of people across 21 states.

The initiative, code-named “Project Nightingale,” appears to be the biggest effort yet by a Silicon Valley giant to gain a toehold in the health-care industry through the handling of patients’ medical data. Amazon.com Inc., Apple Inc. and Microsoft Corp. are also aggressively pushing into health care, though they haven’t yet struck deals of this scope.

Google began Project Nightingale in secret last year with St. Louis-based Ascension, a Catholic chain of 2,600 hospitals, doctors’ offices and other facilities, with the data sharing accelerating since summer, according to internal documents.

The data involved in the initiative encompasses lab results, doctor diagnoses and hospitalization records, among other categories, and amounts to a complete health history, including patient names and dates of birth.

Paging Nurse Google

The tech giant is teaming with Ascension on an ambitious project to crunch patient data for treatment and administrative purposes.

Neither patients nor doctors have been notified. At least 150 Google employees already have access to much of the data on tens of millions of patients, according to a person familiar with the matter and the documents.

In a news release issued after The Wall Street Journal reported on Project Nightingale on Monday, the companies said the initiative is compliant with federal health law and includes robust protections for patient data.

Some Ascension employees have raised questions about the way the data is being collected and shared, both from a technological and ethical perspective, according to the people familiar with the project. But privacy experts said it appeared to be permissible under federal law. That law, the Health Insurance Portability and Accountability Act of 1996, generally allows hospitals to share data with business partners without telling patients, as long as the information is used “only to help the covered entity carry out its health care functions.”

Google in this case is using the data in part to design new software, underpinned by advanced artificial intelligence and machine learning, that zeroes in on individual patients to suggest changes to their care. Staffers across Alphabet Inc., Google’s parent, have access to the patient information, internal documents show, including some employees of Google Brain, a research science division credited with some of the company’s biggest breakthroughs.

Google Cloud President Tariq Shaukat said the company’s goal for health care is centered on “ultimately improving outcomes, reducing costs, and saving lives.”

Eduardo Conrado, an executive vice president at Ascension, said: “As the health-care environment continues to rapidly evolve, we must transform to better meet the needs and expectations of those we serve as well as our own caregivers and health-care providers.”

Google and nonprofit Ascension have parallel financial motives. Google has assigned dozens of engineers to Project Nightingale so far without charging for the work because it hopes to use the framework to sell similar products to other health systems. Its end goal is to create an omnibus search tool to aggregate disparate patient data and host it all in one place, documents show.

The project is being developed under Google’s cloud division, which trails rivals like Amazon and Microsoft in market share. Google Chief Executive Sundar Pichai has said repeatedly this year that finding new areas of growth for cloud is a priority.

Ascension, the second-largest health system in the U.S., aims in part to improve patient care. It also hopes to mine data to identify additional tests that could be necessary or other ways in which the system could generate more revenue from patients, documents show.

Ascension is also eager to have a system that is faster than its existing decentralized electronic record-keeping.

Google, like many of its Silicon Valley peers, has at times drawn criticism for not doing enough to protect user privacy. Its YouTube unit agreed in September to pay $170 million in fines and change its practices in response to complaints that it illegally collected data on children to sell ads. YouTube neither admitted nor denied wrongdoing.

Last year, the Journal reported that Google opted not to disclose to users a flaw that exposed hundreds of thousands of birth dates, contact information and other personal data of subscribers in its now-defunct social-networking website Google Plus, in part because of fears that the incident could trigger regulatory scrutiny. Google said at the time it went beyond legal requirements in determining not to inform users.

Regulators are now scrutinizing the company on a number of fronts. Federal and state investigators over the summer made public separate antitrust inquiries into Google. The federal probe is examining whether Google’s existing trove of data amassed from its flagship search engine, home speakers, free email service and numerous other arms give the company an unfair advantage over competitors, people familiar with the matter said.

Google has said its products increase consumer choice and that it is committed to cooperating with the inquiries. This year, Mr. Pichai has touted new privacy protections for Google’s billions of users.

The company made public this month a $2.1 billion deal for wearable fitness maker Fitbit Inc., which makes watches and bracelets that track health information like a person’s heart rate. Politicians of both parties quickly criticized the deal; Rep. David Cicilline (D., R.I.), chairman of the House Antitrust Subcommittee, warned that the Fitbit deal would give Google “deep insights into Americans’ most sensitive information.”

The companies said they would be transparent about any Fitbit data they collect.

Google appears to be sharing information within Project Nightingale more broadly than in its other forays into health-care data. In September, Google announced a 10-year deal with the Mayo Clinic to store the hospital system’s genetic, medical and financial records. Mayo officials said at the time that any data used to develop new software would be stripped of any information that could identify individual patients before it is shared with the tech giant.

Google was founded with the goal of organizing the world’s information, and health has been a fascination of its top executives from the early days. Google Health, a fledgling effort to digitize existing medical records, was shut down in 2011 after three years of limited adoption. Alphabet has since poured millions of dollars into its under-the-radar Calico and Verily divisions, which aim to combat aging and manage disease, respectively.

Google co-founder Larry Page, in a 2014 interview, suggested that patients worried about the privacy of their medical records were too cautious. Mr. Page said: “We’re not really thinking about the tremendous good that can come from people sharing information with the right people in the right ways.”

Write to Rob Copeland at rob.copeland@wsj.com

Article written by Rob Copeland and posted on the WSJ.com.

Article reposted on Markethive by Jeffrey Sloe

Visit MarketHive to learn more: http://markethive.com/jeffreysloe

Topics in Mobile Redirect Issues Part 6: SSL- Redirect to Mobile Redirect-Problem and Solution

 

Glenn E. Fleming, MD, MPH, Contributor, MarketHive

(Reposted from Patrick Sexton, https://varvy.com)

There are four common types of redirects that affect how your users and Google see your mobile pages. Each of them is bad for performance (speed). They include:

       *    Initial redirect – canonical (www.example.com vs example.com)

  • SSL – secure pages redirect
  • Redirect to mobile version
  • Content driven redirects

Content-Driven Redirects

  1. Problem

          Content-driven redirects are not required to display a page. These redirects have been added because mobile and                   desktop versions of a given webpage may not display the same content.Thus, some mobile pages are redirected to                 other locations.

          Bottom-line: Content-driven redirects are more of a design issue rather than a technical issue.

       b. Solution

         The use of content-driven redirects should be avoided if possible.The solution here is to utilize responsive web design.            This will ensure that both website versions (mobile and desktop versions) display the same content with no need for a              content-driven redirect.

Topics in Mobile Redirect Issues Part 5: SSL- Redirect to Mobile Redirect-Problem and Solution

Glenn E. Fleming, MD, MPH, Contributor, MarketHive

(Reposted from Patrick Sexton, https://varvy.com)

There are four common types of redirects that affect how your users and Google see your mobile pages. Each of them is bad for performance (speed). They include:

       *    Initial redirect – canonical (www.example.com vs example.com)

  • SSL – secure pages redirect
  • Redirect to mobile version
  • Content driven redirects

Redirect to mobile version

  1. Problem

            When you have a different web address (url) for your mobile pages than you do for your desktop pages, the mobile                 device must somehow get to the mobile version. The way it does so is through a redirect.

           In other words, the mobile redirect is the method in which your mobile page gets displayed.This redirect only occurs                when a different url is utilized for mobile devices versus the desktop version. This redirect does not happen when a                  responsive web design is employed.

 

       b. Solution

         As previously mentioned, a mobile redirect only occurs when a different url is utilized for mobile devices versus the                  desktop version.

         Using responsive web design or dynamic serving will remedy this issue by eliminating the need for separate urls for the          same website (i.e., mobile v. desktop version).

Topics in Mobile Redirect Issues Part 4: SSL-Secure Pages Redirect-Problem and Solution

Glenn E. Fleming, MD, MPH, Contributor, MarketHive

(Reposted from Patrick Sexton, https://varvy.com)

There are four common types of redirects that affect how your users and Google see your mobile pages. Each of them is bad for performance (speed). They include:

       *    Initial redirect – canonical (www.example.com vs example.com)

  • SSL – secure pages redirect
  • Redirect to mobile version
  • Content driven redirects

SSL-Secure Pages Redirect

  1. Problem

               Pages that use SSL will often be redirected from the url

              "http://www.example.com" to the secure version of that page at "https://www.example.com"

              This redirect usually occurs when a webmaster uses a site-wide 301 redirect as a simple step to forward all pages to               the secure versions of the page.

       b. Solution

              A redirect exists for SSL sites typically because the webmaster used an "easy fix" of doing a site-wide 301 redirect to               make all traffic forwarded to the secure version of their pages.

             A better option would be to use HTTP Strict Transport Security (HSTS) which forces all traffic to use secure pages.                  This means your pages will be more secure and load faster by not using that 301 redirect.

 

 

Topics in Mobile Redirect Issues Part 3: Initial Redirects-Problem and Solution

Glenn E. Fleming, MD, MPH, Contributor, MarketHive

(Reposted from Patrick Sexton, https://varvy.com)

There are four common types of redirects that affect how your users and Google see your mobile pages. Each of them is bad for performance (speed). They include:

       *    Initial redirect – canonical (www.example.com vs example.com)

  • SSL – secure pages redirect
  • Redirect to mobile version
  • Content driven redirects

Initial Redirect (Canonical)

 

  1. Problem

Example: The url "www.example.com" and the url "example.com" are actually two different urls even though they typically will have the same content.

One has the "www" and one does not. Oftentimes webmasters will choose one or the other throughout their site (www or no www).To ensure that pages are always using the same version of the url, a site-wide redirect is typically used.

Thus, when typing "google.com" into a browser, the end-result is "www.google.com".

  1. Solution

This type of redirect was typically implemented for SEO purposes.The common logic was to obtain credit for each link given to a page because some people link to the "www" version and some link to the non-version of a page.

As a webmaster, one must decide if this value even still exists and if so, is it worth the redirect?

Google understands pages and sites much better now than it did when this redirect became a common practice and Google even offers you a way via Webmaster Tools to choose which version you prefer (without the redirect).

Take Home Points:

*Regardless, make sure your site-wide redirects are smartly working with other redirects like ssl.

*Do not redirect users to one version of page just to be redirected again to the secure (ssl) version.

*The way to actually review / update / remove it for most webmasters is to go to their htaccess file and find it:

RewriteCond %{HTTP_HOST} ^domain.com [NC]
RewriteRule ^(.*)$ http://www.domain.com/$1 [R=301,NC]

Topics in Mobile Redirect Issues Part 2: Consequences of Redirects

Glenn E. Fleming, MD, MPH, Contributor, MarketHive

(Reposted from Patrick Sexton, https://varvy.com)

Consequences of Redirects

In the past, redirects were oftentimes utilized for various reasons (i.e., SSL redirects).  As a result, extremely long redirect chains have occurred. 

The below example illustrates a typical conversation that occurs often on the mobile web. Please note that this conversation has to take place before any of your webpage even begins to be displayed at all:

  1. Mobile device: "Give me http://example.com"
  2. Web server: "http://example.com has been moved to "http://www.example.com"
  3. Mobile device: "Okay, give me "http://www.example.com"
  4. Web server: "http://www.example.com has been moved to "https://www.example.com"
  5. Mobile device: "Okay, give me "https://www.example.com"
  6. Web server: "https://www.example.com has a mobile version at "https://m.example.com"
  7. Mobile device: "Okay, give me "https://m.example.com"
  8. Web server: "https://m.example.com has a better version at "https://m.example.com/better/"
  9. Mobile device: "Okay, give me "https://m.example.com/better/"
  10. Web server: "Okay here is that page"
  11. Mobile device: "I will now start loading the page."

In this scenario, several seconds have passed before the mobile device even starts loading the page. In other words, even if that page loads in less than a second, it would still take several seconds for a user to see that page because of the redirects.

*Note that the above process is just for the html of your page. In some scenarios, this process will occur for every request. Each image, each css file, each JavaScript file, etc. on your page may end up with the same issues if you are not careful about how you are doing things.

OK, Healthcare Entrepreneurs…Your Turn.  Let’s Resuscitate Your Professional Portfolio

Glenn E. Fleming, MD, MPH, Contributor, MarketHive

In this era of inbound marketing, we are constantly discussing the importance of making sure that the traits and characteristics that are associated with our personal lives are congruent with those that define our professional lives.   Many would refer to this as our “brand,” or that ‘intersection’ of values, traits, & characteristics that are prevalent in both our personal and professional worlds.  

For most, it should be easy to determine another person’s character within a specific period of time of interacting with them.  Having this information combined with a decent understanding of that person’s professional background, would serve as a good starting point for understanding that individual’s brand.

As healthcare professionals, many of us are guilty of what many may call outbound marketing strategies.  When we are applying for jobs or looking to advance our careers, we tend to update our CVs and then jump right into the “applying process” but then we forget to do all the other important things that matter.  These include having a completed LinkedIn profile with updated professional photo and publishing articles (or blogs) that further explain who we are & what we do. 

More specifically, we should consider:

*Establishing ourselves with our potential customer base (i.e., patients, hospitals/healthcare facilities, etc) by making sure we can be easily found online

*Making sure our online professional profiles (think LinkedIn) are congruent with who we are and what our mission (or company’s mission may be (i.e., branding).

*Making sure we have a current, professional photograph that clearly shows our face

*Ensuring that our certifications/credentials are highlighted and current

* Publishing blogs (articles) about our product(s) and how it relates to our potential customer base (i.e., areas of healthcare we practice, our target patient population, what services we offer, etc)

In summary, we must take the time to make ourselves more visible.  Gone are the days when patients and healthcare facilities would solely depend on our state’s medical board or sites like Healthgrades to conduct their due diligence.

They want to be able to do a quick Google search and find us along with our current professional photo, our certifications/qualifications, areas of practice, beliefs, etc so that they can make better choices as informed consumers and stakeholders in healthcare. 

Remember that healthcare, like many other sectors, is rapidly changing and will continue to become more like a “big business.”  This means familiarizing ourselves with inbound marketing strategies while ensuring that our online professional portfolio remains current.

Ultimately, the assumption is that we will build a loyal customer base (i.e., patients/healthcare facility/etc) and if our product (or services) is really great, then they will keep coming back for more and they will tell their friends, colleagues, etc about it. 

Because we took the time to establish credibility and online authority through implementation of the above, we will have accomplished two things:  

  1. positive word-of-mouth references from former patients/employers/healthcare facilities, etc (more subjective); and
  2.  a legitimate online “place” for those who do not yet know who we are (or our business) to easily find us to verify the information (more objective).