Info-scrubbing algorithm unveiled to protect patient privacy
Medical data without the secrets
US researchers have devised a novel way to protect the privacy of patients whose medical histories are included in public databases and electronic medial records, according to news reports.
The method, which was unveiled Monday by researchers from Vanderbilt University in Nashville, masks parts of a patient's records that aren't relevant to a particular inquiry. By generalizing vast amounts of clinical information, patients remain anonymous while still supplying researchers with data that's relevant to a specific project or topic.
The information-scrubbing algorithm has so far withstood simulated attempts to identify the individuals using data belonging to more than 2,600 patients. The mock hack assumed the would-be attackers knew the patient's identity and some or all of the patient's itemized medical history.
"There is definitely a need to de-identify individuals," Nils Homer of the University of California at Los Angeles, told Science News. He was part of a team that demonstrated two years ago that it was possible to trace a genetic signature back to the individual even when the patient's DNA profile was buried in a pool of thousands.
The finding prompted National Institutes of Health to restrict access to genetic databases.
This brave (more like naive) new Orwellian world :( ...
So what happens when someone works out a way to crack this algorithm. At that point all the medical data then leaks out. Once its leaked thats it, no way to hide it again. So with medical records I sense a privacy disaster in the making.
Plus with ever increasing amounts of data on everyone on multiple databases, how long will it be before one database is used to effectively crack another database. With multiple databases it gets ever easier to identify enough general info to effectively crack a medical database enough to identify people (when that medical database chooses to leak parts of the data on patents). For example here some ways in which other databases could be used to cross reference data on the medical database (e.g. what doctor do you have, what phone numbers have you dialed (is it your general doctor or a specialist doctor, in which case what do they specialize in (e.g. a cancer specialist)), what is your physical position given by your GPS enabled phone locating you in say a cancer ward for 5 days and then the following week going to a cancer out patience center) etc..
Plus the merciless advertisers would love all that kind of info because then in that kind of situation they could for example bombarded you with cheap rate funeral insurance (and worse e.g. hospices etc..) ... (Many advertisers have no morality or empathy at all, so they wouldn't care how their adverts made you feel while you were ill. This is proved by even when they just find out your age. If you are over 65 they already bombard you with funeral insurance and so on).
This brave new Orwellian world of total information spreading (and leaking) everywhere is opening up a nightmare potential for exploitation of that information. Yet the law is way to slow (and very unwilling) to punish exploitation of that information.
If we can't stop the information spreading the law has to move to greatly limit exploitation of that information otherwise its going to be a free for all for all the ruthless people in this world with no morality or empathy towards other people (for example Phorm have already shown this utterly ruthless attitude). The law needs to move to protect everyone. Sadly I thought protection was the original purpose of the law!. But these days the law keeps showing examples of ways it now allows the exploitation of the majority of people for the profit of an ever more powerful few. But then thats sadly hardly surprising after suffering decades of the rich and powerful lobbying government to get things their own way and so resulting in us sinking into this ever more twisted corrupt society lacking so much empathy for the majority of people whilst serving the wishes of the increasingly powerful few. :(
This technique does however rely on correct assumptions about what correlation-cause (multiple factors will be important to researchers. Providing researcher with the ability to reanonymise based on interest in something unforseen might well open it to hacking again.
Wonder what happens in the NHS
Wonder if they even care about anonymity.