A new lawsuit alleges that information on shared medical records could be combined with Google’s location data to reveal identifying information about patients.
CNET reports that a lawsuit has been filed against the University of Chicago Medical Center and tech giant Google over a partnership between the two groups. The lawsuit, which was filed on Wednesday in U.S. District Court for Northern Illinois, alleges that too much personal information of patients was revealed as a result of the alliance between the university and the Masters of the Universe.
The lawsuit claims that “the personal medical information obtained by Google is the most sensitive and intimate information in an individual’s life, and its unauthorized disclosure is far more damaging to an individual’s privacy” than leaked credit card or social security numbers that are often targeted in hacking attempts.
The project developed by Google and the University used A.I. to predict medical events including how long a patient could be hospitalized for and whether or not their health is deteriorating. The lawsuit alleges that the inclusion of certain dates violates HIPAA which requires that hospitals hide personal information of patients. The lawsuit claims that the dates, when combined with geolocation that Google collects from apps such as Waze and Maps, could be used to identify when individuals entered or exited the university’s hospital.
Google and the University of Chicago defended the project, with a Google spokesperson stating: “We believe our health care research could help save lives in the future, which is why we take privacy seriously and follow all relevant rules and regulations in our handling of health data.”
A spokesperson for the University of Chicago stated: “The University of Chicago Medical Center has complied with the laws and regulations applicable to patient privacy. The Medical Center is committed to providing excellent patient care and to protecting patient privacy.”