Project Nightingale: Take-Away Lesson for Providers and Payors

By Joel K. Goloskie December 30, 2019Health Care Law

There has been much ado lately about a newly-revealed joint venture between Ascension Medical Group and Google. Ascension is the nation’s largest non-profit health care system; Ascension Medical Group is the company’s subsidiary physician group, with facilities in more than twenty states. Google is, well, Google. The joint venture being undertaken by these industry behemoths is known as “Project Nightingale.” Ascension and Google describe Nightingale as a treatment-focused initiative, designed to facilitate access and use of data in the medical records of Ascension’s patients. It also involves migrating Ascension’s data from proprietary storage to Google’s cloud-based storage. The software tool developed from this initiative allegedly makes it easier for a doctor to access and use specific patient data such as recent test results, medications, and more.

The initiative appears to be squarely of the type that HIPAA (the package of laws that protect a patient’s privacy) would permit to be undertaken by a provider’s “business associate.” The two companies assert that they have signed a business associate agreement (“BAA”), and also assert that the terms of the agreement prohibit Google from using Ascension’s PHI (Protected Health Information) for any other purpose than for provisioning this tool for use by Ascension clinicians. Further, the BAA allegedly prohibits Google from combining Ascension’s patient data with Google consumer data.

Nightingale is now under scrutiny from the HHS Office of Civil Rights (“OCR”), the office charged with enforcing HIPAA. The agency’s examination comes as no surprise given the controversies around Big Tech companies’ mass collection of data, privacy rights and who exactly has access to personal information and why. To help health care providers and consumers understand the issue, PLDO health care attorney Joel K. Goloskie explores the Nightingale controversy in his latest advisory, Project Nightingale and the Take-Away Lesson for Providers and Payors. The thought-provoking article provides readers with information as to why Nightingale has received such a storm of whistleblower complaints, public backlash and now, an OCR investigation. If you have questions on Project Nightingale or need assistance for your organization, please contact Attorney Goloskie at 401-824-6100 or email



Disclaimer: This blog post is for informational purposes only. This blog is not legal advice and you should not use or rely on it as such. By reading this blog or our website, no attorney-client relationship is created. We do not provide legal advice to anyone except clients of the firm who have formally engaged us in writing to do so. This blog post may be considered attorney advertising in certain jurisdictions. The jurisdictions in which we practice license lawyers in the general practice of law, but do not license or certify any lawyer as an expert or specialist in any field of practice.

Back to Blog
Joel K. Goloskie is a Partner with Pannone Lopes Devereaux & O’Gara LLC with over 25 years of experience providing an array of litigation, regulatory, and corporate services. While focusing deeply on the health care, data privacy, and construction industries, Attorney Goloskie delivers value and results for clients across a wide spectrum of business activities and professions. Health Care Repeatedly recognized by Best Lawyers® as a Best Lawyer in health care in the highly-competitive Boston market, Attorney Goloskie’s decades of health care experience ranges from compliance and HIPAA, to regulatory representations, to significant mergers and acquisitions. In recent years, his focus has turned to the increasingly-central role of data, helping clients capitalize on the rapidly-evolving nature of health information in today’s consumer-centric, interoperable, app-enabled, IoT-connected world of empowered consumers. Previously, he served as Deputy General Counsel/Director of Compliance, Privacy & Ethics of a multi-hospital system, and served as primary sell-side counsel in the sale of the entire system. He founded a nonprofit corporation comprising four hospitals and several community health centers. He also founded a highly successful health care consulting firm, providing reimbursement, compliance, and strategic advisory services to over sixty hospitals in fifteen states, and recovering many tens of millions of dollars from federal and state health care programs. Privacy and Cybersecurity Presently, he serves as Privacy & Compliance Counsel to the nation’s largest cloud-based analytics platform, housing medical data on over 230 million Americans and 30 billion medical events. Unlike HIPAA, new privacy regimes such as the 21st Century Cures Act, GDPR, and CCPA reject the traditional view of customers’ information as the chattel property of the entity that created it. Today, ownership, privacy and security concerns threaten every business that compiles personal data, and Attorney Goloskie’s years of experience pay dividends for clients in every industry. Construction From the filing of (or defense against) Mechanics’ Liens to complex litigation or arbitration, Attorney Goloskie’s ability to speak the language of construction disputes and to assemble and manage the often-voluminous documentation supporting such claims has been the foundation of his successful representation of construction industry clients in often-sizable litigation or arbitration matters. Whether a dispute is governed by AIA agreement templates or the parties’ own contract documents, he revels in reducing a mountain of change orders, invoices, time cards, and emails into a well-supported narrative that a court or arbitrator can easily follow. Litigation and Arbitration Whether in court or in arbitration, Attorney Goloskie has assembled a notable string of successes in disputes ranging from the defense of licensure actions and employment discrimination charges to multi-million-dollar contract disputes. His ability to lead a team and manage large, document-heavy issues has allowed his clients to recover significant sums in arbitrations, state courts, and federal courts including the U.S. Circuit Court of Appeals. Perhaps informing his love for contested matters, Attorney Goloskie was previously a captain in the U.S. Air Force, flying in combat and serving as an Instructor/Evaluator Special Operations Navigator on C-130 and C-141 aircraft. Attorney Goloskie received a J.D. from Boston College Law School, an M.B.A. from Webster University, and a B.S. from Thomas College. He is member of the American Health Lawyers Association and the American College of Healthcare Executives. He is licensed to practice in Rhode Island and Massachusetts and is a member of Rhode Island Bar Association and the Boston Bar Association, where he served as a member of the Health Law Section Steering Committee and co-chair of Health Law Education Committee. To contact Attorney Goloskie, please call 401-824-5100 or email

Leave a Reply