Frequently asked questions

We're immensely proud of the work we are doing with our partners across the NHS, and welcome discussion and debate about the best way to improve patient care while protecting patient privacy. 

Given the complexity of the NHS and the sensitivity of patient data, we know that we have an important responsibility to build understanding and trust in our work. Below, we've answered some of the most common questions we hear, covering DeepMind Health, Google, our NHS partners, our use of data and much more.

And if you have a question that is not answered here, please get in touch.


About DeepMind Health

  • What is DeepMind, and what is DeepMind Health?

    We founded DeepMind in London in 2010, with the aim of building AI technologies and proving that they could have positive social impact. 

    DeepMind Health is central to this social mission. We work with the NHS to put the UK's most advanced technology at the service of patients, nurses and doctors.

    Most people get world-class care, but 1 in 10 in-patients suffer some kind of avoidable harm because they don't get the treatment they need. Every single day patients in the UK are dying from curable conditions, because their test results aren't interpreted and acted on in time.

    To address this, we research and build AI and mobile tools that help hospitals get patients from test to treatment, as quickly and accurately as possible. Our priorities are shaped by NHS patients and clinicians, unlike many previous top-down IT projects that have proved costly and ineffective. 

  • Is Google involved in DeepMind's work with the NHS?

    No. Google acquired DeepMind in 2014, because they were excited about the potential for our technology. As part of this acquisition, we agreed that DeepMind would continue to operate independently, and that we would put our technology at the service of other groups like the NHS in line with our social mission. DeepMind Health is our first effort to achieve this.

    Most importantly, NHS patient data will only ever be used to help improve hospital care. That means data will never be connected to Google accounts or services, or used for any commercial purposes like advertising or insurance. Doing so would be completely impossible under our NHS contracts and the law, and would go against the ethical code that underpins our culture and work. 

  • What qualifies DeepMind to work in healthcare?

    Our team brings together doctors and clinical academics with world-leading experts in technology and security.

    We work in close partnership with NHS hospitals and patients, spending significant time understanding the challenges they face, the systems they use and the outcomes they need first hand.

    To learn more about our team visit our ‘Meet the team’ page

  • What is DeepMind Health's business model?

    We're lucky to have significant financial resources, and so we're able to carry out research and development without needing to generate immediate income. 

    However, in the long term we'd like to make DeepMind Health a self-sustaining initiative. We aren't looking to maximise profit, but rather to achieve sustainability so we can continue to grow our team, work with more hospitals and help more patients. 

    For Streams, our secure clinical app, we don't have an established business model yet. First, we need to prove that our technologies improve care and reduce costs over a period of time. In the meantime, our partner hospitals for Streams may pay us a very limited amount in support costs.

    Once this is proven, we hope that hospitals will want to pay to use our mobile technology, like they pay for other software that supports care. We'd like to explore some kind of outcomes-based element within this, so that costs are related to the benefits we deliver, but that will be up to our partner hospitals. 

    For our AI health tools, which remain at the research stage, we're further away from a firm business model. There are early efforts underway in the NHS to define the right charging models for AI and algorithmic tools, to ensure that they bring improvements in care while also protecting the British taxpayer. 

    This is an important and emerging area, and we look forward to the NHS community deciding the right way forward. 


  • Will DeepMind commercialise NHS patient data?

    Absolutely not. We only use patient data to help improve care, under the instructions of our NHS partners. Each of our NHS partnerships have strict rules about how data can be used. We will never use patient data outside of these rules. That means data will never be connected to Google accounts or services, or used for any commercial purposes like advertising or insurance.

  • Will AI technology replace nurses and doctors one day?

    We don't think so, no. We're developing much-needed tools to support doctors and nurses provide even better care. They are no substitute for a qualified medical professional’s diagnosis.

  • I have an idea - how can I get involved?

    Whether you're a patient, clinician, NHS Trust - or whether you'd like to join our team - we'd love to hear from you! Please head over to this page for more details. 


We founded DeepMind in London in 2010, with the aim of building AI technologies and proving that they could have positive social impact. 

DeepMind Health is central to this social mission. We work with the NHS to put the UK's most advanced technology at the service of patients, nurses and doctors.

Most people get world-class care, but 1 in 10 in-patients suffer some kind of avoidable harm because they don't get the treatment they need. Every single day patients in the UK are dying from curable conditions, because their test results aren't interpreted and acted on in time.

To address this, we research and build AI and mobile tools that help hospitals get patients from test to treatment, as quickly and accurately as possible. Our priorities are shaped by NHS patients and clinicians, unlike many previous top-down IT projects that have proved costly and ineffective. 

Data and Security

  • What regulations cover your use of data?

    NHS data is only ever processed by DeepMind Health under the provisions of our agreements in place with the Trusts, and in compliance with both parties’ information governance requirements and applicable law. 

    Our agreements ensure that patients' data will always be processed in England and won’t ever be linked or associated with Google accounts, products or services. We have established and will maintain the best information security practices, including technical protections, to safeguard this data.

    You can learn more about our data and security processes here.

  • How are the Information Governance policies enforced?

    All staff part of DeepMind Health must undergo NHS Digital training, as well as our internal training programme which specifically assesses their knowledge and compliance with the policies and procedures we have in place. 

    Staff are subject to regular spot checks, and we carry out incident simulations which ensure staff are confident of how to follow procedures during these event types. 

    We also have an Information Governance board which oversees key aspects including reviewing data security reports, approves policy updates, monitors training and reviewing the risk register.

    DeepMind Health has also appointed a panel of Independent Reviewers who meet regularly to ensure independent oversight and scrutiny of all our health work. 

  • Can your partner hospitals check how DeepMind uses patient data?

    Yes. Every time our systems receive or interact with patient data from our partner hospitals, we create a log that hospital administrators can audit later. Those logs are also regularly reviewed by our Information Governance team to ensure that accesses are legitimate, as well as being open to review by our Independent Reviewers.

    We’re also building on this further to give our partner hospitals an additional real-time and fully proven mechanism to check how we're processing data. That will allow our partners to continuously verify that our systems are working as they should, and that data is only being used as it should be.

    Read more about Verifiable Data Audit.

  • How do you protect against data leaks or cyber attacks?

    The DeepMind Health infrastructure has been designed and built to the highest security standards.

    Our security systems and processes have undergone and passed multiple NHS audits. We have also had external penetration tests carried out by CREST certified consultants. 

    All traffic in and out of the infrastructure is restricted and closely monitored, and there are mechanisms which allow us to verify the presence of unusual or unapproved activity. The data itself is encrypted both in transit and at rest. Code is thoroughly reviewed and audited from a security perspective and we analyse any third party libraries we use for vulnerabilities.

    Throughout the course of every project, DeepMind takes rigorous measures to protect the security of patient data.

    Learn more about data and security here 

NHS data is only ever processed by DeepMind Health under the provisions of our agreements in place with the Trusts, and in compliance with both parties’ information governance requirements and applicable law. 

Our agreements ensure that patients' data will always be processed in England and won’t ever be linked or associated with Google accounts, products or services. We have established and will maintain the best information security practices, including technical protections, to safeguard this data.

You can learn more about our data and security processes here.

Streams & the Royal Free

  • What is Streams?

    Hospitals like the Royal Free are able to use our Streams app to automatically review test results for serious issues, such as acute kidney injury. If one is found, the system sends an urgent secure smartphone alert to the right clinician to help, along with information about previous conditions so they can make an immediate diagnosis.

    For more detail, please head to our ‘How we’re helping today’ page

  • Why does Streams process identifiable data?

    The Royal Free is the data controller for patient data, so the amount and type of data DeepMind processes is entirely determined by the trust.

    Streams processes personally identifiable data to support direct patient care by notifying doctors of patients who are at risk of Acute Kidney Injury (AKI).

    When a patient with AKI is identified, it's necessary to point the clinicians to that patient. As required by the NHS Digital interface guidelines we must display their name, date of birth, NHS number and gender within the app.


    Learn more about how we process personal data here

  • Is it unusual for a hospital to use a third party service like Streams to process data?

    No. NHS organisations routinely contract with third parties to process patient data, up to and including full electronic patient records services. 

    The data processed for Streams is comparable to the data many other third party organisations also process.

    There are many recorded third-party organisations who receive some level of NHS Digital approval, with the potential to be processing patient data at present. 


    You can also watch a video on how the Royal Free use patient data.

  • Is DeepMind processing more patient data than is needed to diagnose acute kidney injury?

    No. We can only process the patient data that our partner hospitals tell us is necessary to help them care for their patients. 

    The Royal Free currently uses Streams to detect whether patients are at risk of acute kidney injury (AKI). To make this possible, they ask us to process patient information relevant to an AKI diagnosis.

    The primary way to detect possible AKI is via a blood test, which can show whether the kidneys are operating normally. But because other medical factors affect how the kidneys operate, those results differ from person to person.

    For example, pregnancy alters kidney function. That means pregnant women have different test results, so a blood test result that’s healthy for one woman could be dangerously high for another. Including that information in the app means that doctors and nurses can take the most accurate decisions.

    Historical information is also vitally important for doctors and nurses when they're deciding the best treatment. AKI can be challenging to treat, because the blood test result that is used to detect it has to be compared to earlier results when the kidneys were operating normally. Without that extra context, it’s impossible for clinicians to tell if a result reflects normal kidney function or is dangerously higher.

    Other historical data is also relevant. Patients who have had kidney problems in the past, for example, are much more likely to develop very serious forms of AKI, so it’s important that clinicians are made aware of this as quickly as possible so they can give patients the most appropriate treatment. The same is true for whether a patient has recently had emergency surgery, or if they’ve had heart disease.

    To deliver fast and reliable alerts to clinicians through mobile devices, this relevant patient information must be stored in advance, ready to be sent to a doctor or nurse at the first sign of a problem.

    You can find our more about how we are working with the NHS here, or you can see our agreements online in our transparency page
.

  • Why does Streams process data for patients who haven’t had blood tests?

    One of the most important benefits of Streams is that it presents the right patient data to the right clinicians quickly, integrating data from a number of different electronic systems in one place. Clinicians need to have quick access to a wide range of information about patients’ previous medical history and laboratory results (including blood tests) to make safe and accurate diagnoses. 

    For example, if blood tests pick up a patient suffering sudden AKI, it’s important for clinicians to know if the patient has had a previous kidney transplant. To deliver fast and reliable alerts to clinicians through mobile devices, that relevant patient information must be stored in advance ready to be sent to a doctor or nurse at the first sign of a problem in the blood tests.

    Find our more about how we use Streams to help patients here.

  • Why can’t Streams just process data from patients who are in the hospital and known to be unwell?

    AKI can affect patients for a wide variety of reasons - including patients who develop AKI as a consequence of another procedure, such as a hip replacement, or because of another medical condition, such as pneumonia or sepsis. 

    That means it’s very difficult to predict exactly which patients will develop AKI. In addition, AKI often develops without patients showing any symptoms, so it’s also incredibly hard to isolate just those patients who have it from those who do not.

  • Does Streams use AI? If not, then why is an AI company like DeepMind building it?

    Streams doesn’t currently use AI. Right now, we’re simply focusing on getting the right test results to the right nurse or doctor via a secure mobile app. This is an essential first step before any more advanced technology like AI can be introduced.

    Of course, this first step can also bring enormous patient benefits. We’re already hearing stories of people whose care has been helped by Streams, and some nurses are saying that the technology is already saving them two hours each day. 

    Learn more about how we are helping patients today.

  • Do patients at the Royal Free give their explicit consent for Streams?

    Hospitals are the data controllers with a direct relationship with their patients, and they are in charge of decisions about patient consent and opt-outs. DeepMind Health, as a data processor, strictly adheres to the instructions we're given by the hospital.

    In general, hospitals don't ask for explicit consent from patients before using a "data processor", because the NHS remains in control of the patient information throughout.

    You can learn more about how we use personal data here

  • Why did you sign a second agreement with the Royal Free in November 2016?

    Following our work on kidney injury, we wanted to explore whether Streams can be used to improve patient care in other ways, to help make the Royal Free one of the safest hospitals in the world. 

    In November 2016 we signed a new agreement with the Trust, which superseded the previous agreement from 2015. We will be expanding our alerting technology to a range of other potentially fatal conditions, including sepsis and organ failure. Alerting doctors and nurses to patients who need their attention in seconds rather than hours could dramatically improve patient safety. 

    We’re also planning to include the task management features of Streams at the Royal Free, allowing them to view and update records and assign clinical tasks to each other from their mobile, which we hope will eliminate the need for doctors to shuffle through paper and receive pager alerts.

    By knitting this system together into an infrastructure based on open standards, other medical innovators will also be able to develop their own technologies for the Royal Free.

    Finally, we’re also building an unprecedented level of data security with our audit infrastructure, which will allow the Royal Free to verify exactly when and by whom patient information is accessed, with no possibility of falsification or tampering. 

    You can discover a lot more about Verifiable Data Audit here.

    You can find full details of our agreement with the Royal Free here

  • What were the conclusions of the Information Commissioner’s Office investigation into the Royal Free?

    The Information Commissioner (ICO) has now concluded a year-long investigation that focused on how the Royal Free tested Streams in late 2015 and 2016. This testing was intended to guarantee that the service could be deployed safely at the hospital.


    The ICO wasn’t satisfied that there was a legal basis for this use of patient data in testing (as the National Data Guardian said, too), and raised concerns about how much patients knew about what was happening. The undertaking recognises that many of these issues have already been addressed by the Royal Free, and has asked the Trust to sign a formal undertaking to ensure compliance in future.


    The ICO also recognised that the Royal Free has stayed in control of all patient data, with DeepMind confined to the role of “data processor” and acting on the Trust’s instructions throughout. No issues have been raised in relation to the safety or security of the data.


    We welcome the ICO’s thoughtful resolution of this case, which we hope will guarantee the ongoing safe and legal handling of patient data for Streams.

    You can read more about this on our blog here.

Hospitals like the Royal Free are able to use our Streams app to automatically review test results for serious issues, such as acute kidney injury. If one is found, the system sends an urgent secure smartphone alert to the right clinician to help, along with information about previous conditions so they can make an immediate diagnosis.

For more detail, please head to our ‘How we’re helping today’ page

Streams & Imperial

We haven’t yet started processing data for Imperial College Healthcare NHS Trust, but expect to start in 2017 as our technologies go through clinical safety testing followed by a phased deployment.

You can learn more about our partnership with Imperial here

Streams and Taunton and Somerset

We haven’t yet started processing data for Taunton and Somerset NHS Foundation Trust, but expect to start later in 2017.

You can learn more about our partnership with Taunton and Somerset here.

Our research with Moorfields

  • What will the project involve?

    Eye health professionals use scans of patients’ eyes to detect and diagnose serious conditions and diseases. Many thousands of eye scans are performed around the UK every day, both in hospital eye clinics and in the community. 

    For example, more than 3,000 optical coherence tomography (OCT) scans are performed every week in Moorfields Eye Hospital alone.

    OCT scans are highly complex and require specialised training for doctors and other eye health professionals to analyse. As a result, there are often significant delays in how quickly patients can be seen to discuss their diagnosis and treatment. To date, traditional computer analysis tools have been unable to solve this problem

    Our research project aims to investigate how machine learning technology could help to analyse these eye scans, giving eye care professionals a better and faster understanding of eye disease.

    Learn more about the collaboration with Moorfields here

  • Where can I find more detail on the agreement between DeepMind and Moorfields?

    You can request a copy of the research collaboration agreement (with minor redactions for commercial sensitivity) and the ROAD (research on anonymised data) form which was approved by Moorfields Research and Development department by emailing press.office@moorfields.nhs.uk.

    You can also view a copy of a research protocol we've written for this project on the open access website F1000Research.

  • How much data is being shared?

    Over the course of the research project, Moorfields Eye Hospital will share approximately one million de-personalised digital eye scans, used by eye health professionals to detect and diagnose eye conditions. 

    Anonymous clinical diagnoses, information on the treatment of eye diseases, the model of the machine used to acquire the images and demographic information on age (shown to be associated with eye disease) will also be shared during the course of the project.

    Learn more about our collaboration with Moorfields.

  • What approvals has DeepMind been given for this research project?

    DeepMind has been given permission for data access via a Research Collaboration Agreement with Moorfields Eye Hospital, and an approval to carry out research from the Moorfields Research & Development team through their Research On Anonymised Data (ROAD) approval pathway.

  • How can patients be sure that no personally identifiable data is being shared with DeepMind?

    De-personalisation procedures are thoroughly validated and formally approved by the Moorfields Eye Hospital information governance team before any data transfer to DeepMind takes place.

  • What processes are in place to ensure the data transferred to DeepMind is only ever seen by the research team?

    A data custodian has been appointed by DeepMind to control access to the data. Only those who require access to conduct the research work will be granted access. All researchers who are involved in the study are required to complete information governance training before beginning research work.

Eye health professionals use scans of patients’ eyes to detect and diagnose serious conditions and diseases. Many thousands of eye scans are performed around the UK every day, both in hospital eye clinics and in the community. 

For example, more than 3,000 optical coherence tomography (OCT) scans are performed every week in Moorfields Eye Hospital alone.

OCT scans are highly complex and require specialised training for doctors and other eye health professionals to analyse. As a result, there are often significant delays in how quickly patients can be seen to discuss their diagnosis and treatment. To date, traditional computer analysis tools have been unable to solve this problem

Our research project aims to investigate how machine learning technology could help to analyse these eye scans, giving eye care professionals a better and faster understanding of eye disease.

Learn more about the collaboration with Moorfields here

Our research with UCLH

  • What does UCLH’s research agreement with DeepMind Health involve?

    Under the agreement, UCLH will provide DeepMind Health secure access to anonymised CT and MRI scans of approximately 700 head and neck cancer patients. All patients have consented to their data being used for research purposes.

    Learn more about our collaboration with UCLH here

  • Where can I find more detail on the agreement between DeepMind and UCLH?

    A summary of the project is available on the Health Research Authority's website. You can also view a copy of a research protocol we've written for this project on the open access website F1000Research.

  • What is the purpose of the research?

    The purpose of the research is to develop technology which can automatically identify and differentiate between cancerous and healthy tissues on CT and MRI scans of head and neck cancer patients to help target radiotherapy treatment.

    At present, this process, known as segmentation, can take clinicians up to four hours to complete manually, as tumours in head and neck patients are situated in extremely close proximity to healthy structures such as the eyes and nerves.

    The research aims to develop artificial intelligence technology to assist clinicians in the segmentation process so that it can be done more rapidly but just as accurately. Clinicians will remain responsible for deciding radiotherapy treatment plans but it is hoped that the segmentation process could be reduced from up to four hours to an hour.

    Longer term this has the potential to free up clinicians to spend even more time on patient care, education, and research, all of which would be to the benefit of UCLH patients and the populations they serve.

    In addition, given that head and neck cancer is one of the most complex tumour sites to treat, if we can develop technology to assist in planning radiotherapy treatment for these tumours, we would expect that such a breakthrough could be transferrable to other types of cancer.

    Learn more about our collaboration with UCLH here

  • Does the patient data used in the project relate to former or current patients?

    The research involves anonymised scans dating back to 2008 of head and neck cancer patients who have since completed radiotherapy treatment. At the time, these patients would have consented to their anonymised data being used for research purposes. Scans of patients currently undergoing radiotherapy treatment will not be included in the research.

    Under the agreement, UCLH will provide DeepMind Health secure access to anonymised CT and MRI scans of approximately 700 head and neck cancer patients. All patients have consented to their data being used for research purposes.

    Learn more about de-personalised data here.

  • What processes are in place to ensure that the de-personalised data transferred to DeepMind Health is only ever seen by the research team?

    A data custodian has been appointed by DeepMind Health to control access to the data. Only those who require access to conduct the research work will be granted access. 

    All researchers who are involved in the study are required to complete Health and Social Care Information Centre (HSCIC) training and internal DeepMind Health information governance training before beginning research work.

Under the agreement, UCLH will provide DeepMind Health secure access to anonymised CT and MRI scans of approximately 700 head and neck cancer patients. All patients have consented to their data being used for research purposes.

Learn more about our collaboration with UCLH here