Hospital censured for sharing personal data with Google

11th July 2017

Hospital censured for sharing personal data with Google

If your organisation handles personal data, you need to fully understand your legal obligations. Failure to do so could land you with severe problems, as one NHS hospital recently discovered.

The UK’s Information Commission (ICO) recently ruled that the Royal Free NHS Foundation Trust did not do enough to protect the privacy of patients when it shared data with Google.

Details on about 1.6 million patients was provided to Google’s DeepMind division during the early stages of an app test last year, the BBC has reported.

The information was used to develop and refine an alert, diagnosis and detection system that can spot when patients are at risk of developing acute kidney injury (AKI).

The deal first became public in February 2016 and caused controversy over the amount of patient information being shared without public consultation.

In March this year, an academic report into the way patient data had been handled found “inadequacies” in the way information had been handed over. The authors said that it was “inexcusable” that patients had not been told about what had been happening to their data.

Information Commissioner Elizabeth Denham censured the Royal Free NHS Foundation Trust, saying attempts to make creative use of data had to be carefully managed.

“The price of innovation does not need to be the erosion of fundamental privacy rights,” she said.

The trust has not been fined as a result of the investigation but it has signed an undertaking to make changes to the way it handles data.

In a statement, the Royal Free said: “We accept the ICO’s findings and have already made good progress to address the areas where they have concerns.”

Google said it welcomed the “thoughtful resolution” of the case and added that it would reflect on its involvement with the hospitals.

How can our Business Law Solicitors help?

Understanding the requirements of the Data Protection Act 1998 is a key responsibility for any business. And if your organisation deals with public bodies such as local authorities and councils, you need to understand your obligations under the Freedom of Information Act 2000.

Last year the Government confirmed it will be adopting the European General Data Protection Regulation (GDPR) – and while complying with the existing data protection regime should give businesses a head start, the GDPR introduces new concepts.

It comes into force on May 25, 2018, introduces a risk-based approach to compliance and requires various documents to be maintained.

At Gotelee, our specialist team of business law solicitors can help ensure you don’t fall foul of the law and leave yourself exposed to a severe penalty. We can give advice on all aspects of data protection and freedom of information, as well as the incoming GDPR.

To find out more, call in to one of our offices in Ipswich, Hadleigh, Felixstowe, Melton or Woodbridge, or call 01473 298181.

Practice Areas
Business Law
Commercial Dispute Resolution
Dispute Resolution
Blog Posts

Is your fulfilment business under threat?


The Fulfilment House Due Diligence Scheme - the new weapon in the war on…

Read More
Upcoming Events

FREE Seminar – Planning your future


Gotelee Solicitors invite you to a FREE seminar which will provide you with some…

Read More
News Posts

Victims of child sexual abuse could be refused compensation under new guidelines


Campaigners are urging the Government to rethink guidance that could see victims of child…

Read More


"Friendly and helpful staff. A smooth and efficient legal service."

- MR

"Professional yet friendly service available from a conveniently located office."

- JR

"Clear, helpful advice, polite and friendly, prompt attention."

- GP

"High degree of professionalism whilst remaining sympathetic and friendly."

- PC

"Helpful and swift service, delivered in a friendly and approachable way."

- AC

"Gotelee inspires a sense of calm, confidence, trust & history."

- PB

"Determination, patience and diligence of Chris Moffat."


"Diana really seemed to care and made the whole process as painless as possible."

- PL

"Rhonda Pryke was very helpful, explained what was to happen, dealt with queries very efficiently."

- DH

"All reception staff very friendly, Hilary Durrell made everything simple so I could understand what was needed."

- AD

Please select preferred method of contact

* We will only contact you by telephone if you select this as primary form of contact.