Tomorrow’s issue of the Canadian Medical Association Journal has an article by Ann Silversides that begins:
It took no time at all for Dr. Khaled El Emam’s colleague to identify an infant who had been a patient at the Children’s Hospital of Eastern Ontario (CHEO) in Ottawa.
But there was a major problem: The colleague had identified the infant from a prescription record and discharge data that was believed to be anonymous or, in privacy jargon, “de-identified.”
“We asked if anyone in the office knew a child who had been admitted to CHEO during the period [of the data set]. Somebody said yes, my neighbour’s one-year-old girl, at this postal code, around this time. We re-identified her and found all her drugs and her diagnosis,” says Dr. El Emam, a Canada research chair in electronic health information at the University of Ottawa’s faculty of medicine.
The data sets had been requested in mid-2008 by Brogan Inc., a private Ottawa-based commercial research firm. The company indicated that the same data had already been obtained from 100 hospitals across Canada, El Emam says.
“Without a formal analysis of the risk of re-identification, assurances of data anonymity may not be accurate,” he stated in an recent article detailing the episode (Can J Hosp Pharm 2009; 62:307–19).
Read more here.
The issue of supposedly de-identified or anonymized data being re-identified is one that has drawn considerable attention in the privacy community as articles posted to this site and PogoWasRight.org attest. The risks of re-identifying supposedly de-identified protected health information in rural or remote areas are even greater. As the push to allowing “de-identified” data to be used for research or marketing purposes continues, those of us who are concerned about privacy need to keep legislators and others aware of these reports as we get them.