Upcoming Webinars Archived Webinars Training Vitals Host A Webinar About Get Updates Contact

Could Anonymized Healthcare Data Pose A Risk To Patient Privacy?

XTALKS VITALS NEWS

Healthcare Data

According to a recent paper in the journal, Anesthesia & Analgesia, this practice of data sharing could be a threat to patient privacy.

Share this!

May 17, 2016 | by Sarah Massey, M.Sc.

When publishing in medical journals, researchers are often encouraged to submit their original data to encourage information sharing and open access. According to a recent paper in the journal, Anesthesia & Analgesia, this practice of data sharing could be a threat to patient privacy.

Despite the fact that most health data is anonymized before posting, the authors say that an individual patient’s health records could still be identified by malicious individuals accessing the publically posted database. What’s more, they say that current protective measures may not be sufficient from mitigating these risks.

Healthcare databases are often openly shared to allow other researchers to validate the findings, thereby promoting research integrity. Identifiable information is removed from the data prior to posting, to protect patient privacy.

Unfortunately, even de-identified research data can pose risks to patient privacy. This risk is most pronounced in datasets containing only a few patients, which is the norm for research in the fields of anesthesiology and surgery.

With just a few pieces of crucial information, attackers may be able to identify an individual participant. To prove their point, researchers showed that it was possible to identify the health records of a public figure by matching voter registration data to an anonymized healthcare database.

“For anesthesia studies, the variables most likely to result in identification of individuals are the combination of hospital and surgical procedures,” said Liam O'Neill, healthcare management expert with the University of North Texas-Health Science Center. For less commonly performed surgical procedures, data matching techniques could allow anyone to identify a specific individual.



In their paper, the researchers discussed various methods by which attackers could violate patient privacy, along with the defensive measures currently in place to prevent this from happening. All of the defense methods do have their own limitations however, and the researchers warn that compliance with the Health Insurance Portability and Accountability Act (HIPAA) “Safe Harbor” privacy rules, may not be enough to protect against all attacks.

To demonstrate the vulnerabilities via a case study, the researchers measured the uniqueness of a population of patients listed in a Texas surgical database. The database contained over 2.8 million patient records, and the researchers found that the uniqueness of each was relatively low. Still, the researchers calculated that the hackers would have a good shot at uncovering an individual patient’s identity.

“While the methods available to those who would undermine privacy have undergone rapid development, the methods of 'defense' have not achieved similar breakthroughs,” said the authors. “An adversary would have about a 42.8 percent chance of linking the anesthesia record to the hospital database, and thereby discovering the patient's sensitive information.”

Even more alarmingly, the researchers say this risk could be even higher for patients in smaller, less-populous states. The authors suggest that the same safeguards used in economics and business may be insufficient protection for patient data published in medical and healthcare journals.

Their article also outlines some potential policies that these journals could adopt to reduce threats against patient privacy. One such proposed policy is that the data could be supplied only to qualified researchers, in a format maintained by the journal’s editor.

“For my entire term as editor, I have pushed authors to share data, under the assumption that anonymized data could be safely shared,” said Dr. Steven L. Shafer of Stanford University, Editor-in-Chief of Anesthesia & Analgesia. “Our authors show that this is not the case. For the editors of major medical journals, this article will quickly ice their plans to promote scientific exchange of data. I don't like what this paper demonstrates, but it is better to know an uncomfortable truth than to remain ignorant.”


Keywords: Healthcare Data, Patient Privacy, Medical Journal


| NEXT ARTICLE | MORE NEWS | BLOGS | VIDEOS | POLLS & QUIZZES | WEBINARS |

Share this with your colleagues!

MORE NEWS
Exclusion Criteria for Clinical Trials Poses Major Barrier to Patient Enrollment

August 17, 2017 - UT Southwestern researchers say that clinical investigators continue to increase the number of exclusion criteria, preventing more patients from participating in clinical trials.

Featured In: Clinical Trials News


Targeting Cellular Nitrogen Metabolism Could Offer a New Treatment for Pancreatic Cancer

August 17, 2017 - An enzyme involved in regulating the amount of nitrogen in the cell could be a new drug target for pancreatic cancer, according to researchers from Boston Children's Hospital and the Broad Institute of MIT and Harvard.

Featured In: Life Science News


Regeneron’s Drug for Respiratory Syncytial Virus Fails in Phase III Clinical Trial

August 16, 2017 - Biotechnology company Regeneron has announced it will not continue development of its antibody drug, suptavumab, after a failure in a Phase III clinical trial.

Featured In: Clinical Trials News


LEAVE A COMMENT
 
  
THE XTALKS VITALS INDUSTRY BLOG

One Patient’s Perspective on Clinical Trials

REGISTER FOR THESE WEBINARS

Planning and Conducting Trials of the Latest Immunotherapies


ISO 13485:2016 for Medical Device Manufacturers: Ensuring a Smooth Transition through Effective Preparation


Medical Devices: Reviewing Regulatory Changes in the US and EU


Moving Beyond Regulatory and Performance Metrics in Starting Clinical Trials


Copyright © 2016-2017 Honeycomb Worldwide Inc.