John Blacksmith reports:
Verily, owned by Alphabet, is facing a lawsuit filed by an ex-employee who alleges the misuse of the personally identifiable health information of over 25,000 patients, and the failure of the company to submit HIPAA breach reports, as per the Health Insurance Portability and Accountability Act (HIPAA) requirement.
Verily, previously known as Google Life Sciences, is a research institution owned by Alphabet, Google’s parent organization. The Verily platform uses AI-powered health solutions that assist pharmaceutical companies in getting new treatments to market faster and help health systems and payers enhance patient results at a cheaper price. The legal action claims that an internal inspection verified the HIPAA breaches related to HIPAA-secured information extracted from 14 HIPAA-covered entities. The lawsuit states patient information was used without consent, a HIPAA Privacy Rule violation. Additionally, the investigation uncovered instances of patient information misuse, but Verily did not disclose the data breach, delaying notifications as contract renewals were negotiated with the impacted regulated entities, a violation of the HIPAA Breach Notification Rule.
Read more at Defensorum.