The US Department of Health and Human Services says it is now looking into “this mass collection of individuals’ medical records with respect to the implications for patient privacy”. But the lack of patient knowledge - and the fact that identifiable data weren’t scrubbed from the records - has caused US lawmakers to cry foul. Google says that Nightingale, first reported in The Wall Street Journal on 11 November, is meant to develop technology that would enable Ascension to deliver improved health care.īoth companies say that they abided by US laws to protect health-care information. The people were treated at facilities run by the health network Ascension, which is based in St Louis, Missouri. Google and one of the largest health-care networks in the United States are embroiled in a data-privacy controversy that researchers fear could jeopardize public trust in data-sharing practices and, potentially, academic studies.Īt issue is a project dubbed Nightingale that gives Google access to the health-care information, including names and other identifiable data, of tens of millions of people without their knowledge. Google has gained access to identifiable health-care data for millions of people without their consent.