Concerns have been raised about the scope of a data-sharing agreement between Google-owned DeepMind and the UK’s National Health Service (NHS) after it was revealed the agreement covers access to wide-ranging patient data from the three London hospitals involved, rather than a more targeted subset of data relating to the specific medical condition the healthcare app in question (Streams) is focused on.

Back in February DeepMind announced a collaboration with the NHS to build an app for clinicians treating kidney disease. The company also acquired an existing early stage clinical task management app, called Hark, built by a team from Imperial College London — evidently with the intention of building on that base tech, but giving it a more specific medical focus in the first instance.

The Streams app aims to streamline alerts and access to patient data for doctors and nurses working in the front-line of medical care. But it is not a general medical data alerts or messaging platform. Rather it is specifically focused on a single use-case: detecting cases of AKI (acute kidney injury).

At the time he announced the project, DeepMind co-founder Mustafa Suleyman said AKI accounts for some 40,000 deaths annually in the UK — a quarter of which he said were estimated to be preventable.

“Streams will deliver the right data to the right clinician at exactly the right time. Really the objective here is for us to try and shift some of the 97% or so of activity in the hospital today which is reactive further towards activity which is pro-active and ultimately preventative,” he said at the launch.

“This of course is where our cutting edge analytics and machine learning comes in. How do you prioritize the series of alerts that go to a doctor or a nurse? How do you identify which person on the clinical team should be receiving the right data and how do you ensure they’ve been followed up in good time?”

However, late last week New Scientist obtained the data-sharing agreement between DeepMind and the Royal Free NHS Trust, which operates the three hospitals, where an estimated 1.6 million patients are treated annually. The agreement shows DeepMind Health is gaining access to all admissions, discharge and transfer data, accident & emergency, pathology & radiology, and critical care at these hospitals.

It also includes five years’ of historical medical records data on patients who have been treated at the hospitals. The data-sharing agreement with DeepMind is set to run until September 29, 2017, after which the document specifies that all data be transferred back to the NHS trust and any residual data be destroyed.

The data in question is not being stored or processed at DeepMind’s office, but is rather held by a contracted third party (whose name has been redacted on the document).

DeepMind staff who have undergone information governance training and signed a confidentiality agreement as part of their employment are specified as the authorised users of the data.

Consent from patients who use the Royal Free NHS Trust to have their data shared with the Google-owned company has been implied via the NHS’ Caldicott Information Governance Review regime — meaning NHS trusts do not need to explicitly seek consent to share data (although patients can opt-out of any information sharing agreements with non-NHS organisations by contacting the trust’s data protection officer. And assuming they know about the existence of the data-sharing agreement in the first place).

Criticism of the agreement has focused on why DeepMind needs access to so much patient data, given their app is apparently targeted on one specific medical condition (i.e. AKI).

There is also a wider critical point to consider about the trade-offs of having such a large commercial entity (DeepMind’s parent, Google/Alphabet) gain access — albeit indirectly, in this particular instance — to sensitive and highly valuable (and ultimately taxpayer-funded) medical data.

On the one hand it’s entirely possible that clinical outcomes and patient care might be improved by the money and agility of private companies. On the other, are we as a society comfortable letting profit-driven companies take the lead in public health by affording them access to value data sets — and potentially chaining any benefits to the commercial sector for the foreseeable future?

Meanwhile less well resourced public sector research efforts — which would be motivated to share any gleaned health insights more broadly — are left to labour in the rear.

One critical voice raised against the DeepMind data-sharing agreement is health data privacy group MedConfidential, which is particularly concerned about why Royal Free Trust data streams are being shared for all patients, rather than just for those who have had kidney function tests.

Phil Booth, coordinator of the group, points out that NHS data-sharing agreements require a statement of why particular data is required. “So why do Google need the full data from the entire hospital? Why do they get data on everyone who has no tests done?” he tells TechCrunch. “For patients who are having such tests, the patient medical history is available as part of direct care, why do they need everything else?

“Their answers don’t add up.”

DeepMind declined to be interviewed on this topic, and several members of its review board did not respond to requests for comment. Update: One of these DeepMind-appointed (but unpaid) reviewers, former MP Julian Huppert, has now responded, saying he has asked for the data scope issue to be discussed at the first panel meeting “so that we can assure ourselves what data access there actually is, and how it can be used”.

“In particular, I would want to be absolutely clear that none of this sensitive information can be used by other parts of Google, and that DeepMind stick to their commitment that ‘privacy and security are protected at all times’,” he told TechCrunch.

“There are potentially huge advantages for all of us in improving the way our health system uses data, both so that we can have our own data used to help us faster and more efficiently, and by using aggregate data to make predictions. However, the misuse of this sensitive data can also be hugely problematic, as can the potential privacy intrusion, and I would want to maximise the benefit while minimising the risks.”

A spokeswoman for DeepMind provided the following two canned statements in response to requests for an interview:

Mustafa Suleyman, Co-Founder at DeepMind, said: “We are working with clinicians at the Royal Free to understand how technology can best help clinicians recognise patient deterioration – in this case acute kidney injury (AKI). We have, and will always, hold ourselves to the highest possible standards of patient data protection. This data will only ever be used for the purposes of improving healthcare and will never be linked with Google accounts or products.” Dominic King, a Senior Clinician Scientist at Google DeepMind said: “Access to timely and relevant clinical data is essential for doctors and nurses looking for signs of patient deterioration. This work focuses on acute kidney injuries that contribute to 40,000 deaths a year in the UK, many of which are preventable. The kidney specialists who have led this work are confident that the alerts our system generates will transform outcomes for their patients. For us to generate these alerts it is necessary for us to look at a range of tests taken at different time intervals.”

A spokesman for the Royal Free, which was reachable by telephone, told TechCrunch the reason DeepMind is being provided with access to all patient data is on account of AKI affecting a large proportion of patients — and the condition not having a clear set of particular signals/symptoms associated with it, meaning early detection requires drawing on a lot of data.

“Acute kidney injury affects one in six patients. So it’s not that this is being used to treat people with specific kidney conditions. It’s used to spot the likelihood of acute kidney injury occurring in any in patient. So the way it does that is not just by assessing their blood test results but looking at their patient history. That’s why they get the full patient records,” he said.

It is undoubtedly a rather convenient argument, for the advancement of DeepMind’s AI-based ambitions, that the nature of the specific medical condition it has kicked off its healthcare app efforts with apparently requires access to all hospital patient data — even, for example, people admitted to hospital for an abortion, say, or a drugs overdose. Or someone who arrived in A&E after falling on the stairs and breaking a leg.

But the spokesman for the Royal Free Trust asserted that handing over all data is necessary in order for the app to function effectively, in this particular instance.

“It’s not that they specifically get abortion data [for example]… it’s just that for a patient to be fully assessed for the likelihood of acute kidney their patient records are analyzed,” he said.

“The point is, and the way the algorithm works, is [there isn’t any one sub-set of relevant patient data]. The algorithm uses all kinds of data to make that judgement. So there isn’t a clear sub-set of data that is the only thing that indicates whether somebody is about to go into acute kidney injury. Because it’s not just about your own personal blood test results, or your own personal anything results. It’s about the type of person you are. It looks at your whole medical history and makes a judgement — and that’s what makes the algorithm so effective.”

TechCrunch also contacted the Royal Free Trust’s patient data protection officer for comment and will update this post with any response.

DeepMind confirmed it is not, at this point, performing any machine learning/AI processing on the data it is receiving, although the company has clearly indicated it would like to do so in future. A note on its website pertaining to this ambition reads:

[A]rtificial intelligence is not part of the early-stage pilots we’re announcing today. It’s too early to determine where AI could be applied here, but it’s certainly something we are excited about for the future.

The Royal Free spokesman said it is not possible, under the current data-sharing agreement between the trust and DeepMind, for the company to apply AI technology to these data-sets and data streams.

That type of processing of the data would require another agreement, he confirmed.

“The only thing this data is for is direct patient care,” he added. “It is not being used for research, or anything like that.”

However quite how the NHS Trust can hope to maintain control over any future AI algorithms that DeepMind might create — trained off of the insights it gleans from the original public data-set — is unclear.

Another critical point to note here is that while private companies are being provided with access to sensitive public data sets, they are not required to be accountable for their decisions and actions to the public — hence DeepMind feeling entirely comfortable in declining multiple requests to be interviewed by the media on the topic.

And as New Scientist has pointed out, if it has nothing to hide about its use of NHS data, why so secretive? Public health data does not combine well with high-handed secrecy. Nor does the latter provide the necessary public reassurance about private sector motivations when it comes to handling and processing hugely sensitive public data sets. So, in short, DeepMind/Google needs to learn to improve its bedside manner if it wants to win patients’ hearts and minds.

This post was updated with additional comment