• A letter signed by five senators probes Verily on how it will handle sensitive user data, including whether it is HIPAA-compliant.
  • The letter is the latest in a chain between senators and Google, as Verily scales up its testing facilities.
  • Visit Business Insider's homepage for more stories .

Five US senators have sent a letter to Alphabet life science company Verily, asking how it will safeguard user data collected by its COVID-19 screening website.

As Verily continues to expand its range of testing facilities, concerns are being raised over what the company is doing with users' information.

To use Verily's screening service, users must either link an existing Google account or create a new one. The senators are asking why this is necessary and pressuring Verily to change this rule.

"Going forward, will Verily provide an alternative method of authentication for individuals unwilling or unable to sign up for a Google account?" asks the letter , which was signed by Democratic senators Sherrod Brown of Ohio, Richard Blumenthal of Connecticut, Kamala Harris of California, and Cory Booker and Robert Menendez of New Jersey.

The senators also ask Verily to clarify whether its screening website is in compliance with the HIPAA Privacy Rule a set of standards to protect users' medical data.

This is actually the second letter that has been sent by the senators probing for more information. The first was sent on March 18 and addressed to Google CEO Sundar Pichai and Vice President Mike Pence. It asked whether Google had entered into any agreements with the Trump administration to launch a screening website, and how Google would protect personal health data.

It also made explicit reference to Project Nightingale , Google's controversial initiative with Ascension that was revealed last year.

Verily responded to that letter, telling senators that it "will delete information collected through the Baseline COVID-19 Program, unless an individual separately authorizes further retention and use of their information." The company shared this same response with Business Insider at the time. It also told Business Insider that it shares some user data with third parties such as Salesforce to help its customer service team contact individuals.

But it didn't provide the answers lawmakers wanted, and so they're digging in further, this time throwing the questions directly at Verily CEO Andrew Conrad.

The latest letter requests that Verily explain how individuals will be asked to authorize further use of their information, when Verily plans to give users this option, and how long the data might be held.

There are also questions on which government agencies Verily and Google are working with, and whether Verily will voluntarily follow the guidelines of the California Consumer Privacy Act should it open testing facilities in other states with more lax data laws.

The letter asks that Verily respond by April 6. A Verily spokesperson did not respond to Business Insider's request for comment.

Verily was caught in a muddled story this month when President Donald Trump announced that Google was working on a COVID-19 screening website. That screening site launched soon after but by Google's sister company Verily instead, and limited to people in the Bay Area in California.

Google later launched its own COVID-19 website, but the site remains a portal for resources and tips for dealing with the pandemic, and does not offer screenings.

Verily has since scaled up its program with a growing number of drive-through testing facilities , and plans to add more. It also just released guidelines for others looking to build community testing sites.

NOW WATCH: Most maps of Louisiana aren't entirely right. Here's what the state really looks like.

See Also:

SEE ALSO: Google's revenue is on track to shrink for the first time ever because of the coronavirus, according to one of the internet industry's top analysts