The Office for Civil Rights in the Department of Health and Human Services told the Wall Street Journal Tuesday it is investigating the data-sharing relationship between Google and not-for-profit hospital system Ascension.
Why it matters: Per Axios health care business reporter Bob Herman, exchanging patients’ health information is legal under federal privacy law, and this data sharing is common, even when patients aren’t aware. The government is making sure Google is contracted as a "'business associate" with Ascension.
What they're saying: Office director Roger Severino said in a statement to the WSJ that the federal regulator "will seek to learn more information about this mass collection of individuals’ medical records to ensure that HIPAA protections were fully implemented."
The other side: Following the announcement, Google updated its blog on its partnership with Ascension with the additional FAQ "Do Google employees have access to Protected Health Information (PHI)? If so, why?"
- "A limited number of Google employees have been approved by Ascension to potentially handle PHI, in order to provide the services to Ascension," the FAQ answer states.
"Because every health system is different, and the data is very complex and non-standardized, we need to configure and tune our processing systems to ensure correct product operations and patient safety."
— Google statement Editor's note: This article has been updated with comment from Google.
Go deeper: What your hospital knows about you
