Hospital censured for sharing personal data with Google

11th July 2017

Hospital censured for sharing personal data with Google

If your organisation handles personal data, you need to fully understand your legal obligations. Failure to do so could land you with severe problems, as one NHS hospital recently discovered.

The UK’s Information Commission (ICO) recently ruled that the Royal Free NHS Foundation Trust did not do enough to protect the privacy of patients when it shared data with Google.

Details on about 1.6 million patients was provided to Google’s DeepMind division during the early stages of an app test last year, the BBC has reported.

The information was used to develop and refine an alert, diagnosis and detection system that can spot when patients are at risk of developing acute kidney injury (AKI).

The deal first became public in February 2016 and caused controversy over the amount of patient information being shared without public consultation.

In March this year, an academic report into the way patient data had been handled found “inadequacies” in the way information had been handed over. The authors said that it was “inexcusable” that patients had not been told about what had been happening to their data.

Information Commissioner Elizabeth Denham censured the Royal Free NHS Foundation Trust, saying attempts to make creative use of data had to be carefully managed.

“The price of innovation does not need to be the erosion of fundamental privacy rights,” she said.

The trust has not been fined as a result of the investigation but it has signed an undertaking to make changes to the way it handles data.

In a statement, the Royal Free said: “We accept the ICO’s findings and have already made good progress to address the areas where they have concerns.”

Google said it welcomed the “thoughtful resolution” of the case and added that it would reflect on its involvement with the hospitals.

How can our Business Law Solicitors help?

Understanding the requirements of the Data Protection Act 1998 is a key responsibility for any business. And if your organisation deals with public bodies such as local authorities and councils, you need to understand your obligations under the Freedom of Information Act 2000.

Last year the Government confirmed it will be adopting the European General Data Protection Regulation (GDPR) – and while complying with the existing data protection regime should give businesses a head start, the GDPR introduces new concepts.

It comes into force on May 25, 2018, introduces a risk-based approach to compliance and requires various documents to be maintained.

At Gotelee, our specialist team of business law solicitors can help ensure you don’t fall foul of the law and leave yourself exposed to a severe penalty. We can give advice on all aspects of data protection and freedom of information, as well as the incoming GDPR.

To find out more, call in to one of our offices in Ipswich, Hadleigh, Felixstowe, Melton or Woodbridge, or call 01473 298181.

Practice Areas
Business Law
Commercial Dispute Resolution
Dispute Resolution
Blog Posts

Hundreds enjoy a day messing about on the river at Woodbridge Regatta


Music, sailing, fun and games were the order of the day as hundreds of…

Read More
Upcoming Events

Suffolk Dog Day


For all you dog lovers out there, Gotelee Solicitors are sponsoring Suffolk Dog Day…

Read More
News Posts

Employment Tribunal fees are illegal and a barrier to justice, rules Supreme Court


The Supreme Court has ruled that Employment Tribunal fees are "illegal" and prevent workers…

Read More


"Clarity and speed. A refreshing absence of legal jargon and gobblodygook!"

- PS

"The down to earth manner of the solicitors."

- GN

"Not too formal - felt like a chat with a friend."

- JG

"As your entire service was excellent, it is not possible to single out anything special to mention."

- AH

"A big firm with a local touch!"

- RG

"Great service, never made things complicated!"

- JW

"Warm friendly service with clear responses to all my questions."

- BF

"Mr Rowland was sincere, approachable, understanding and professional throughout."

- GD

"Personal, prompt, caring and communication by email was excellent."

- Anonymous

"Feeling at ease knowing that they were putting my best interests first."

- Anonymous

Please select preferred method of contact

* We will only contact you by telephone if you select this as primary form of contact.