Google to use patient data to develop healthcare algorithms for hospital chain
-
I hope they realize that they are then responsible for following HIPAA regulations as to all patient data, and can be severely fined (see below) for each record if any of that data is released. Greed knows no bounds. 'HIPAA violations are expensive. The penalties for noncompliance are based on the level of negligence and can range from $100 to $50,000 per violation (or per record), with a maximum penalty of $1.5 million per year for violations of an identical provision.'
Hah! That's trivial pocket change. You want a real fine? Break GDPR regulations:
GDPR Penalties and Fines | What's the Maximum Fine?[^]
The UK GDPR and DPA 2018 set a maximum fine of £17.5 million or 4% of annual global turnover – whichever is greater – for infringements.
The Eu will fine you the same amount (depending on currency fluctuations), depending on the severity. A less serious breach gets you a lower fine:
What are the GDPR Fines? - GDPR.eu[^]
The less severe infringements could result in a fine of up to €10 million, or 2% of the firm’s worldwide annual revenue from the preceding financial year, whichever amount is higher. They include any violation of the articles governing:
Still want to store your passwords in clear text? :laugh: [edit] I just checked, and ... :gulp: For Google, based on the last years financial statement, that 4% fine is £5,131,143,628 - 5 Billion pounds, or 7.25 Billion dollars US ...
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony "Common sense is so rare these days, it should be classified as a super power" - Random T-shirt AntiTwitter: @DalekDave is now a follower!
-
I hope they realize that they are then responsible for following HIPAA regulations as to all patient data, and can be severely fined (see below) for each record if any of that data is released. Greed knows no bounds. 'HIPAA violations are expensive. The penalties for noncompliance are based on the level of negligence and can range from $100 to $50,000 per violation (or per record), with a maximum penalty of $1.5 million per year for violations of an identical provision.'
Member 14840496 wrote:
Greed knows no bounds.
Data is google's business. It doesn't always have to be about greed.
-
Hah! That's trivial pocket change. You want a real fine? Break GDPR regulations:
GDPR Penalties and Fines | What's the Maximum Fine?[^]
The UK GDPR and DPA 2018 set a maximum fine of £17.5 million or 4% of annual global turnover – whichever is greater – for infringements.
The Eu will fine you the same amount (depending on currency fluctuations), depending on the severity. A less serious breach gets you a lower fine:
What are the GDPR Fines? - GDPR.eu[^]
The less severe infringements could result in a fine of up to €10 million, or 2% of the firm’s worldwide annual revenue from the preceding financial year, whichever amount is higher. They include any violation of the articles governing:
Still want to store your passwords in clear text? :laugh: [edit] I just checked, and ... :gulp: For Google, based on the last years financial statement, that 4% fine is £5,131,143,628 - 5 Billion pounds, or 7.25 Billion dollars US ...
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony "Common sense is so rare these days, it should be classified as a super power" - Random T-shirt AntiTwitter: @DalekDave is now a follower!
Yes, that's high. But remember that it $50,000 per record. Do have any idea how many records (multiple per patient) that is, and the number of patients they are talking about?
-
I hope they realize that they are then responsible for following HIPAA regulations as to all patient data, and can be severely fined (see below) for each record if any of that data is released. Greed knows no bounds. 'HIPAA violations are expensive. The penalties for noncompliance are based on the level of negligence and can range from $100 to $50,000 per violation (or per record), with a maximum penalty of $1.5 million per year for violations of an identical provision.'
I am fairly confident that no HIPAA laws will be broken. I am also fairly confident that Google is operating on this project within the confines of the law.
Member 14840496 wrote:
Greed knows no bounds.
Google is in the business to make money, among other things. I would think people would know this by now.
-
Member 14840496 wrote:
Greed knows no bounds.
Data is google's business. It doesn't always have to be about greed.
-
I am fairly confident that no HIPAA laws will be broken. I am also fairly confident that Google is operating on this project within the confines of the law.
Member 14840496 wrote:
Greed knows no bounds.
Google is in the business to make money, among other things. I would think people would know this by now.
With the increase in hacking that is going on today, I would be careful about stating "fairly confident". Nobody said they were not operating within the law; that is, until patient data gets loose. However, I am fairly confident that if YOUR medical history, or someone in your family's medical history got all over the internet, you would be the first to complain. The statement echoes so many of the true life crimes where the people always say "we never thought that would happen here, to us". Amazing naiveté.
-
With the increase in hacking that is going on today, I would be careful about stating "fairly confident". Nobody said they were not operating within the law; that is, until patient data gets loose. However, I am fairly confident that if YOUR medical history, or someone in your family's medical history got all over the internet, you would be the first to complain. The statement echoes so many of the true life crimes where the people always say "we never thought that would happen here, to us". Amazing naiveté.
Member 14840496 wrote:
, I am fairly confident that if YOUR medical history, or someone in your family's medical history got all over the internet, you would be the first to complain.
Why? Are you embarrassed by your medical history? If someone posted that you were treated for a heart attack on such and such a date and then had your tonsils out another date, then had gonorrhea on this date, etc., etc., I would not care. Why do you? And if someone did steal data they are going to steal millions of files so if they post millions of patients data the likelihood that anyone who knows you will see your data is very slim. Don't misunderstand, I am all for privacy, but if someone's health care data is leaked, I have zero interest in finding out what the leaked data is. You could not pay me to go looking at the stolen data.
-
Can you summarize?
-
With the increase in hacking that is going on today, I would be careful about stating "fairly confident". Nobody said they were not operating within the law; that is, until patient data gets loose. However, I am fairly confident that if YOUR medical history, or someone in your family's medical history got all over the internet, you would be the first to complain. The statement echoes so many of the true life crimes where the people always say "we never thought that would happen here, to us". Amazing naiveté.
the same could be said about any doctor's office or hospital in the world, not just Google. I work with PHI, and HIPAA data all the time. Its the core data that our websites and applications service. I think you are operating on 100% fear factor here, and you are all worked up, and you want to tell the world and get them all worked up and afraid, just like you are. Have fun with that. Cheers.
-
Member 14840496 wrote:
, I am fairly confident that if YOUR medical history, or someone in your family's medical history got all over the internet, you would be the first to complain.
Why? Are you embarrassed by your medical history? If someone posted that you were treated for a heart attack on such and such a date and then had your tonsils out another date, then had gonorrhea on this date, etc., etc., I would not care. Why do you? And if someone did steal data they are going to steal millions of files so if they post millions of patients data the likelihood that anyone who knows you will see your data is very slim. Don't misunderstand, I am all for privacy, but if someone's health care data is leaked, I have zero interest in finding out what the leaked data is. You could not pay me to go looking at the stolen data.
Embarrassed - no. No STD's in my records. Yours? Life insurance companies would love to have medical histories. Some employers would too. But I am glad YOU wouldn't want to look at them. lol. I get the feeling that some people in here have Google stock.
-
Member 14840496 wrote:
Greed knows no bounds.
Data is google's business. It doesn't always have to be about greed.
SeanChupas wrote:
Data Advertising is google's business.
FTFW. Which should now answer the obvious follow-up question, which is why they're collecting that data. It *is* all about greed. I'm going to assume you're not really believing they're a benevolent company.
-
the same could be said about any doctor's office or hospital in the world, not just Google. I work with PHI, and HIPAA data all the time. Its the core data that our websites and applications service. I think you are operating on 100% fear factor here, and you are all worked up, and you want to tell the world and get them all worked up and afraid, just like you are. Have fun with that. Cheers.
So your job is to pooh-pooh a topic and read people's minds. Wow. BTW - I worked with HIPAA data form 9 years. Cheers.
-
Member 14840496 wrote:
, I am fairly confident that if YOUR medical history, or someone in your family's medical history got all over the internet, you would be the first to complain.
Why? Are you embarrassed by your medical history? If someone posted that you were treated for a heart attack on such and such a date and then had your tonsils out another date, then had gonorrhea on this date, etc., etc., I would not care. Why do you? And if someone did steal data they are going to steal millions of files so if they post millions of patients data the likelihood that anyone who knows you will see your data is very slim. Don't misunderstand, I am all for privacy, but if someone's health care data is leaked, I have zero interest in finding out what the leaked data is. You could not pay me to go looking at the stolen data.
-
Oh, here we go. The ol' "if you have nothing to hide, you have nothing to worry about" fallacy...
dandy72 wrote:
fallacy
Why is it a fallacy? What do we have to worry about? If the threat is real then you should be able to quantify it.
-
SeanChupas wrote:
Data Advertising is google's business.
FTFW. Which should now answer the obvious follow-up question, which is why they're collecting that data. It *is* all about greed. I'm going to assume you're not really believing they're a benevolent company.
No, they are a data company. They make data useful. Yes, they also run ads. No, google is a corrupt company. Stop assuming things.
-
Embarrassed - no. No STD's in my records. Yours? Life insurance companies would love to have medical histories. Some employers would too. But I am glad YOU wouldn't want to look at them. lol. I get the feeling that some people in here have Google stock.
Member 14840496 wrote:
Life insurance companies would love to have medical histories.
They usually ask for that anyway.
Member 14840496 wrote:
I get the feeling that some people in here have Google stock.
Everybody should. It performs very well.
-
SeanChupas wrote:
Data Advertising is google's business.
FTFW. Which should now answer the obvious follow-up question, which is why they're collecting that data. It *is* all about greed. I'm going to assume you're not really believing they're a benevolent company.
Google to use patient data to develop healthcare algorithms for hospital chain - The Verge[^] anonymous patient data.
-
Member 14840496 wrote:
Life insurance companies would love to have medical histories.
They usually ask for that anyway.
Member 14840496 wrote:
I get the feeling that some people in here have Google stock.
Everybody should. It performs very well.
Yep. Thank you for confirming my suspicions.
-
I hope they realize that they are then responsible for following HIPAA regulations as to all patient data, and can be severely fined (see below) for each record if any of that data is released. Greed knows no bounds. 'HIPAA violations are expensive. The penalties for noncompliance are based on the level of negligence and can range from $100 to $50,000 per violation (or per record), with a maximum penalty of $1.5 million per year for violations of an identical provision.'
I hate to break this to those of you living in the US, but here are exerpts from an email that I received recently. Whatever Google does, the horse left the barn long ago:
Quote:
[S]tarting in 2003, changes made to HIPAA eliminated your right to control the disclosure of your own medical records. The phrase “patient permission” was changed to “regulatory permission.” This one rule change means your medical records can now be disclosed to any "covered entity," including data clearinghouses, accounting firms, law firms, and banks without your permission. In certain circumstances, your employer can obtain “regulatory permission” to view your medical records. Your medical records can even be released to marketing companies if what they’re selling is related to your condition or how it’s treated; the management or coordination of your care; or involves alternative treatments, therapies, health care providers, or other care settings. What's more, a federal rule that went into effect in 2006 allows lenders to obtain or use medical information for determining if you qualify for credit. They can’t do it directly, but if they gain access to your medical records, they can legally share it with their "affiliates." This magically converts the data into credit information, not medical data. Indeed, your “protected health information” can be disclosed without your authorization in 12 different scenarios. Consider this diagram from thedatamaporg[^] showing where the data of “You, the Patient” is shared. Thus, when you visit a physician or health care facility in the United States, never assume that what you disclose to them will remain private. And the “HIPAA Notice” almost every medical facility requires you to sign as a condition of treatment virtually guarantees your medical records will be used, disclosed, and disseminated without your consent. You can, of course, request that your physician or other health care provider restrict disclosure of your personal medical data. But they are under no legal obligation to comply. Nor do they have to state a reason for denying your request, or for that matter, respond to it at all. And even if they agree to a restriction, in some cases, they might be prohibited from honoring it.
-
I hate to break this to those of you living in the US, but here are exerpts from an email that I received recently. Whatever Google does, the horse left the barn long ago:
Quote:
[S]tarting in 2003, changes made to HIPAA eliminated your right to control the disclosure of your own medical records. The phrase “patient permission” was changed to “regulatory permission.” This one rule change means your medical records can now be disclosed to any "covered entity," including data clearinghouses, accounting firms, law firms, and banks without your permission. In certain circumstances, your employer can obtain “regulatory permission” to view your medical records. Your medical records can even be released to marketing companies if what they’re selling is related to your condition or how it’s treated; the management or coordination of your care; or involves alternative treatments, therapies, health care providers, or other care settings. What's more, a federal rule that went into effect in 2006 allows lenders to obtain or use medical information for determining if you qualify for credit. They can’t do it directly, but if they gain access to your medical records, they can legally share it with their "affiliates." This magically converts the data into credit information, not medical data. Indeed, your “protected health information” can be disclosed without your authorization in 12 different scenarios. Consider this diagram from thedatamaporg[^] showing where the data of “You, the Patient” is shared. Thus, when you visit a physician or health care facility in the United States, never assume that what you disclose to them will remain private. And the “HIPAA Notice” almost every medical facility requires you to sign as a condition of treatment virtually guarantees your medical records will be used, disclosed, and disseminated without your consent. You can, of course, request that your physician or other health care provider restrict disclosure of your personal medical data. But they are under no legal obligation to comply. Nor do they have to state a reason for denying your request, or for that matter, respond to it at all. And even if they agree to a restriction, in some cases, they might be prohibited from honoring it.
Really. Your dates are interesting. Because when I went to work for a large health care service company in 2009 until 2018, I had to take a HIPAA exam every year; and none that verbiage was ever in those exams. So I will assume that your dated information (2003-2006) was changed somewhere along the line. If anything, they kept tightening the regulations. So I guess by your info, the company was just wasting money creating and forcing these exams on employees based on the current HIPAA regulations during that period just for fun. You have any new info as of 2021 by any chance? Because I would like to see what they are now.
