Hospital censured for sharing personal data with Google

11th July 2017

Hospital censured for sharing personal data with Google

If your organisation handles personal data, you need to fully understand your legal obligations. Failure to do so could land you with severe problems, as one NHS hospital recently discovered.

The UK’s Information Commission (ICO) recently ruled that the Royal Free NHS Foundation Trust did not do enough to protect the privacy of patients when it shared data with Google.

Details on about 1.6 million patients was provided to Google’s DeepMind division during the early stages of an app test last year, the BBC has reported.

The information was used to develop and refine an alert, diagnosis and detection system that can spot when patients are at risk of developing acute kidney injury (AKI).

The deal first became public in February 2016 and caused controversy over the amount of patient information being shared without public consultation.

In March this year, an academic report into the way patient data had been handled found “inadequacies” in the way information had been handed over. The authors said that it was “inexcusable” that patients had not been told about what had been happening to their data.

Information Commissioner Elizabeth Denham censured the Royal Free NHS Foundation Trust, saying attempts to make creative use of data had to be carefully managed.

“The price of innovation does not need to be the erosion of fundamental privacy rights,” she said.

The trust has not been fined as a result of the investigation but it has signed an undertaking to make changes to the way it handles data.

In a statement, the Royal Free said: “We accept the ICO’s findings and have already made good progress to address the areas where they have concerns.”

Google said it welcomed the “thoughtful resolution” of the case and added that it would reflect on its involvement with the hospitals.

How can our Business Law Solicitors help?

Understanding the requirements of the Data Protection Act 1998 is a key responsibility for any business. And if your organisation deals with public bodies such as local authorities and councils, you need to understand your obligations under the Freedom of Information Act 2000.

Last year the Government confirmed it will be adopting the European General Data Protection Regulation (GDPR) – and while complying with the existing data protection regime should give businesses a head start, the GDPR introduces new concepts.

It comes into force on May 25, 2018, introduces a risk-based approach to compliance and requires various documents to be maintained.

At Gotelee, our specialist team of business law solicitors can help ensure you don’t fall foul of the law and leave yourself exposed to a severe penalty. We can give advice on all aspects of data protection and freedom of information, as well as the incoming GDPR.

To find out more, call in to one of our offices in Ipswich, Hadleigh, Felixstowe, Melton or Woodbridge, or call 01473 298181.

Practice Areas
Business Law
Commercial Dispute Resolution
Dispute Resolution
Blog Posts

Is your fulfilment business under threat?


The Fulfilment House Due Diligence Scheme - the new weapon in the war on…

Read More
Upcoming Events

Gotelee Coffee Morning, Melton


Join us again for another coffee morning, this time at our Melton office -…

Read More
News Posts

An icy warning for drivers defrosting their cars


Suffolk has woken with a shiver this week as winter edges nearer and temperatures…

Read More


"Pat Smith's efficient, calm, most capable, helpful and friendly manner."

- AG

"The patience and understanding from a sincere Miss Holland."

- AD

"Prompt, efficient and knowledgeable service"

- KB

"Clarity, plenty of information provided and responses in a timely manner"

- AG

"Mrs Tracey Hammond is very professional and helpful, efficient and very friendly"

- KS

"Judy Barfoot's approachable and knowledgeable professionalism was second to none"

- CM & SM

"Ms Stuart's friendly but direct approach. I always felt understood"

- JR

"Very flexible and accommodating, very positive & clearly explained my options"

- SD

"Friendly and approachable - using language I could understand"

- CV

"Efficient, polite, friendly service with very helpful advice"

- JA

Please select preferred method of contact

* We will only contact you by telephone if you select this as primary form of contact.