Project Nightingale seems to square with HIPAA, but next steps matter

The health data sharing collaboration between Google and Ascension has sparked concerns about patient privacy. While the project appears to meet HIPAA compliance standards, some employees at Ascension worry that Google’s tools for importing and exporting data may not adhere to HIPAA privacy standards. There are also concerns about how Google might use and monetize the data, as well as the ability to truly de-identify the data in Google’s possession. The collaboration has prompted a federal inquiry and highlights the need for policymakers to reexamine privacy protections for patient data.