Experts Raise Privacy Concerns Over NHS Alexa Tie-Up

alexa turned spy

Experts in the legal and security fields have raised concerns over a new NHS deal with Amazon which will allow patients to access health information through voice-assistant technology. Announced last week, the goal is to help those who face difficulties when accessing the NHS website, such as the elderly or the blind.

The concern over NHS and Alexa

This could help reduce the workload for GPs and pharmacists who take extra time to field simple questions on common illnesses, according to the NHS.

“The public need to be able to get reliable information about their health easily and in ways they actually use,” claimed Matthew Gould, CEO of the new digital transformation unit NHSX. “By working closely with Amazon and other tech companies, big and small, we can ensure that the millions of users looking for health information every day can get simple, validated advice at the touch of a button or voice command.”

Personal data

Marcus Vass, co-head of digital health at international law firm, Osborne Clarke, argued that many patients view the NHS website as a valuable source and that enabling Alexa Search is an extension of that.

However, he went on to say that patients and doctors will be keen to know whether any personal data regarding health is being collected or used, and where it is stored.

“Details of any specific protections in place have not yet been disclosed – and in particular whether the NHS has agreed with Amazon any terms including enhanced security provisions over and beyond the obligations under GDPR and the Data Protection Act legislation,” he said.

“Any lack of clarity as to the use by Amazon of the personal data and health data would of course be subject to the valid consents of patients. Any concern from patients about the use of their health data would be corrosive to the trust in using voice assisted technology or other algorithms to access the NHS website.”

The need for transparency

Kaspersky principal security researcher, David Emm, called for Amazon to be more transparent about the deal.

“We know that people are relying on these devices more and more, and their popularity is growing. They do have their benefits, and they are convenient, however, they are, at their core, smart listeners and have made headlines in recent times because of this – leaving a scepticism around them,” he argued.

“We also know that Amazon is storing and analyzing data that these devices collect, which also raises cybersecurity alarms when it comes to how this data will be used. They will be privy to sensitive health data, and so it must be made clear to the public how our data will be protected.”

Staying aware

Synopsys senior security engineer, Boris Cipot, stressed that users should always be cautious when it comes to using internet connected services.

“If an insurance provider gains access to the user-specific data, they could potentially categorize users into risk categories based on the advice they sought which could also lead to increased insurance rates for those deemed high risk,” he added.

“Doctor-patient privacy could also be circumvented through this method of data collection since a doctor isn’t actually involved; therefore, nullifying patient privacy protection policies.”

Join us for PSEICT UK

Join us on 26th November 2019 as we explore the growth of the govtech market, how government is placing govtech at the centre of its digital transformation strategy, what this means for public sectors workers and its projected societal impact. We will be showcasing the latest technology innovations, showcasing thought leadership around emerging trends and practices, and considering how govtech is a key enabler for public sector transformation allowing for greater agility, efficiencies, and cost savings.