Featured Research

from universities, journals, and other organizations

Anonymization remains a powerful approach to protecting the privacy of health information

Date:
December 8, 2011
Source:
Children's Hospital of Eastern Ontario Research Institute
Summary:
De-identification of health data has been crucial for all types of health research, but recent articles in medical and scientific literature have suggested that de-identification methods do not sufficiently protect the identities of individuals and can be easily reversed. A recent review did not uncover evidence to support this.

De‐identification of health data has been crucial for all types of health research, but recent articles in medical and scientific literature have suggested that de‐identification methods do not sufficiently protect the identities of individuals and can be easily reversed.

Related Articles


A recent review conducted by researchers at CHEO entitled "A Systematic Review of Re‐identification Attacks on Health Data" and published in PLoS ONE, did not uncover evidence to support this. "If re‐identification rates were as high as some of these articles suggest, it would be worrisome," says lead author, Dr. Khaled El‐Emam. "But our review did not support these claims -- there is no broad empirical support for a failure of anonymization."

Such a failure would have significant policy implications. For example, it may become necessary to obtain patient consent before data is released (a time‐consuming undertaking), incentive to de‐identify would decline, and the likelihood of breaches would increase. For this reason, Dr. El‐ Emam and his team conducted a review that set out to characterize known re‐identification attacks on health data and compare them to attacks on other types of data, calculate the number of records correctly identified in these attacks, and assess whether the results indicate a weakness in current de‐identification methods.

After identifying 14 relevant studies and analyzing them in detail, the group was unable to find convincing evidence that existing de‐identification methods are not effective. Few of these attacks involved health data which is naturally protected more strenuously. Secondly, many of the attacks were on small databases with large confidence intervals around their success rates. Most importantly, the majority of re‐identified data was not de‐identified according to existing standards. "Of the 24 studies we examined, only six were attacks on health data and only one of these was de‐identified according to standards," Dr. El‐Emam points out. "In that particular study, the proportion of correctly re‐identified records was very low: about 0.013%." In certain well‐publicized re‐identification attacks, adversaries were able to make use of such information as an individual's date of birth, gender, and residential zip code. Since these 3 features were not modified in any way, the database would not meet basic standards for de‐ identification. If anything, such a breach serves to underscore the importance of implementing existing de‐identification standards.

Dr. El‐Emam concludes by saying that in order to have a more accurate picture of the extent to which de‐identification protects against real attacks, future research on re‐identification attacks should focus on large databases that have been de‐identified according to existing standards, and that success rates should be correlated with how well de‐identification was performed. In the meantime, it is suggested that data custodians continue to de‐identify using current best practices.


Story Source:

The above story is based on materials provided by Children's Hospital of Eastern Ontario Research Institute. Note: Materials may be edited for content and length.


Journal Reference:

  1. Khaled El Emam, Elizabeth Jonker, Luk Arbuckle, Bradley Malin. A Systematic Review of Re-Identification Attacks on Health Data. PLoS ONE, 2011; 6 (12): e28071 DOI: 10.1371/journal.pone.0028071

Cite This Page:

Children's Hospital of Eastern Ontario Research Institute. "Anonymization remains a powerful approach to protecting the privacy of health information." ScienceDaily. ScienceDaily, 8 December 2011. <www.sciencedaily.com/releases/2011/12/111208145346.htm>.
Children's Hospital of Eastern Ontario Research Institute. (2011, December 8). Anonymization remains a powerful approach to protecting the privacy of health information. ScienceDaily. Retrieved November 27, 2014 from www.sciencedaily.com/releases/2011/12/111208145346.htm
Children's Hospital of Eastern Ontario Research Institute. "Anonymization remains a powerful approach to protecting the privacy of health information." ScienceDaily. www.sciencedaily.com/releases/2011/12/111208145346.htm (accessed November 27, 2014).

Share This


More From ScienceDaily



More Science & Society News

Thursday, November 27, 2014

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

Ebola Leaves Orphans Alone in Sierra Leone

Ebola Leaves Orphans Alone in Sierra Leone

AFP (Nov. 27, 2014) The Ebola epidemic sweeping Sierra Leone is having a profound effect on the country's children, many of whom have been left without any family members to support them. Duration: 01:02 Video provided by AFP
Powered by NewsLook.com
EU Pushes Google For Worldwide Right To Be Forgotten

EU Pushes Google For Worldwide Right To Be Forgotten

Newsy (Nov. 27, 2014) Privacy regulators recommend Google expand its requested removals to apply to all its web domains. Video provided by Newsy
Powered by NewsLook.com
Who Will Failed Nuclear Talks Hurt Most?

Who Will Failed Nuclear Talks Hurt Most?

Reuters - Business Video Online (Nov. 25, 2014) With no immediate prospect of sanctions relief for Iran, and no solid progress in negotiations with the West over the country's nuclear programme, Ciara Lee asks why talks have still not produced results and what a resolution would mean for both parties. Video provided by Reuters
Powered by NewsLook.com
FCC Forces T-Mobile To Alert Customers Of Data Throttling

FCC Forces T-Mobile To Alert Customers Of Data Throttling

Newsy (Nov. 25, 2014) T-Mobile and the FCC have reached an agreement requiring the company to alert customers when it throttles their data speeds. Video provided by Newsy
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:

Breaking News:

Strange & Offbeat Stories


Science & Society

Business & Industry

Education & Learning

In Other News

... from NewsDaily.com

Science News

Health News

Environment News

Technology News



Save/Print:
Share:

Free Subscriptions


Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

Get Social & Mobile


Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

Have Feedback?


Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
Mobile: iPhone Android Web
Follow: Facebook Twitter Google+
Subscribe: RSS Feeds Email Newsletters
Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins