|
|
|
|
|
Sharing Medical Data |
Keywords: computer science research, privacy, technology, human subjects, IRB, privacy technology, data privacy
Citation:
An earlier version of the paper above appears as:
Tell me more about:
Abstract
Often organizations release and receive medical data with all explicit identifiers, such as
name, address, phone number, and Social Security number, removed in the incorrect belief that
patient confidentiality is maintained because the resulting data look anonymous; however, we
show that in most of these cases, the remaining data can be used to re-identify individuals by
linking or matching the data to other databases or by looking at unique characteristics found in
the fields and records of the database itself. When these less apparent aspects are taken into
account, each released record can be made to ambiguously map to many possible people,
providing a level of anonymity which the user determines; the greater the number of candidates
per record, the more anonymous the data. We examine three general-purpose computer
programs for maintaining patient confidentiality when disclosing electronic medical records:
the Scrub System which locates personally-identifying information in letters between doctors
and notes written by clinicians; the Datafly System which generalizes values based on a profile
of the recipient at the time of access; and, the Mu-Argus System which is becoming a European
standard for disclosing public use data. Despite the possible effectiveness of these systems,
completely anonymous data may not contain sufficient details for all uses, so care must be taken
when released data can identify individuals and such care must be enforced by coherent policies
and procedures.
L. Sweeney. Weaving Technology and Policy Together to Maintain Confidentiality.
Journal of Law, Medicine & Ethics, 25, nos. 2&3 (1997): 98-110.
(PDF)
L. Sweeney. Maintaining Patient Confidentiality When Sharing Medical Data
Requires a Symbiotic Relationship Between Technology and Policy.
Artificial Intelligence Laboratory, Massachusetts Institute of Technology,
AIWP-WP344, May 1997. (PDF)
Related Links