(Bloomberg Gadfly) — Britain's National Health Service probably needs a little lie-down after the past week. The WannaCry ransomware attack hit more than 50 hospitals. Surgeries, routine appointments and scans were cancelled as this role model for universal public health care was shown to have dangerously outdated tech defenses.
Then Sky News revealed that DeepMind, a Google-owned artificial intelligence company, had been given "legally inappropriate" access to the personal medical files of 1.6 million Britons.
While unrelated, both incidents show how supremely difficult it is to digitize the vast healthcare sector. Government agencies are struggling to keep their guards up as more machines such as X-ray and MRI scanners are connected to the internet. That the publicly-funded NHS can't match the hackers is no great surprise given its perennial budget crunch.
For similar financial reasons, you can see why it might want private sector help to modernize patient care, as with DeepMind. Unfortunately, it has stepped into another kind of data minefield. It effectively bartered information on the patients of three hospitals for DeepMind's assistance in developing health care apps.
The first was a project to help hospital staff identify patients at risk of kidney failure by sending them smartphone alerts after poor blood tests. While such apps may turn out to be a blessing, the NHS wasn't transparent enough about what data was being shared and how it would be used. An investigation by the national data protection regulator is under way, which could bring fines and reforms.
The backlash is unfortunate because the DeepMind and NHS collaboration has great promise. Using self-learning algorithms to analyze huge data sets is an entirely sensible way to improve and better target expensive patient care. The kidney app is just a taste of what organizations like DeepMind and the NHS could do together.
