In June of 2019, Matt Dinerstein brought suit against Google, the University of Chicago Medical Center, and the University of Chicago alleging that they violated his privacy by sharing (and receiving) his and hundreds of thousands of other protected medical records. See Dinerstein v. Google, LLC, Case No. 1:19-cv-04311 (N.D. Ill. June 26, 2019).
The University of Chicago Medical Center had provided Google with “deidentified” medical records from every patient treated by the university medical system from 2009 to 2016. The data sharing was part of a collaboration to develop machine learning artificial intelligence for detecting and diagnosing health conditions. The core issue in the case is whether the tremendous data-mining capabilities of a large data company like Google renders moot the exception under health privacy laws for deidentified data.