Deidentified Data Doesn’t Exist… and What to Do About It (Part I)

Posted January 29, 2008 by Lygeia Ricciardi

Ah, the promise of deidentified health data. If we can just strip any identifying characteristics from your health information—whether it’s the medical record your physician maintains or the information in your PHR—imagine what we can do with your data! We’ll slow disease outbreaks, develop wonder drugs, and maybe even cure cancer. All this and your privacy will remain completely protected.

If only it were so. While many of the potential benefits of sharing “deidentified” health data for research, public health and other laudable purposes exist, the unfortunate truth is that it is technically very difficult to classify any meaningful data as deidentified. While a single data element may be hard to trace, alone it holds little value. The more data elements you link together, the more valuable—and sourceable—they become.

Peter Swire, formerly the country’s Chief Counselor for Privacy, helped to illustrate the problem for me. As Peter explained it, let’s imagine you know someone’s date of birth. Birth date splits the population into roughly 25,000 categories—365 days in most years times roughly 80 years of life. So a city of 100,000 people (say, Albany, NY) has on average only four people with that exact date of birth. That makes it relatively easy to identify a particular person based on birth date alone. Now add more data (such as gender, zip code, or a particular health condition), and it quickly becomes much too easy to zero in on an individual. (Though technically date of birth is considered “protected health information” under HIPAA—and thus would not be part of a legally “deidentified” data set, it illustrates the point that by knowing only a little information about someone you can home in significantly on his or her identity.)

A related problem is that clinical data in one database can be matched with the same clinical data in an allegedly deidentified database. For instance, your pulse reading during a workout might be “67, 68, 93, 110, 115, 84, 67” on a certain date. If that sequence appears in a deidentified data set, then anyone who gets access to the identified version on pulse can match it to your entire “deidentified” record.

The fact that deidentification is so tough is pretty discouraging, considering its value and the fact that the success of PHRs is tied to dramatically increasing the amount of health data collected and exchanged about individuals. And of course data collection and storage is proliferating in nearly every other aspect of our lives, too (someone is recording who we call and email, where we drive, what we buy…and on and on).

So what can we do? One answer implied by relatively extreme views of health information exchange (see for example Patient Privacy Rights, which states that “the greatest use of your health records today is to hurt you, not help you”) is to slow or minimize the electronic exchange of health data. I don’t support that view. The potential benefits are much too great—and I doubt we could realistically do so even if we wanted to. Rather, I think we must employ a variety of parallel strategies to address the nonexistence of foolproof “deidentification” – in addition to the other privacy risks inherent in electronic health data exchange. I’ll discuss some of the ways to approach this challenge in Part 2 of this entry, stay tuned….

Openness in health care paper released

Posted January 22, 2008, by Lygeia Ricciardi

Today the Digital Connections Council of the Committee for Economic Development released “Harnessing Openness to Transform American Health Care” by Elliot Maxwell.

This is the paper many of you read advance copies of through this blog last October. Thanks for your interest and for harnessing openness yourselves by submitting your own commentary here and to the author directly.

Minimal federal government impact on PHRs in 2008?

Posted January 16, 2008 by Lygeia Ricciardi

The recently released budget for ONC—the Office of the National Coordinator (for Health IT)—remains the same as last year: $61.3 million. It didn’t receive the dramatic boost requested by President Bush (who asked for $117.9 million).

Though National Coordinator Robert Kolodner vows to “keep making progress”, anticipated work in a couple of areas will be curtailed, including the build out of the Nationwide Health Information Network (NHIN), for which expansion to additional communities had been planned, and work on defining the architecture of personal health records.

While in general I favor greater federal support for health information exchange, I tend to agree with Chillmark Research’s assessment of the budgetary flatlining – at least as it applies to PHRs. In short, PHRs and HIT in general will be “saved from meddling”. As Chillmark blogger John Moore points out, there are numerous other private sector and NGO efforts underway (he mentions Project HealthDesign among them) that are likely to be more relevant and effective in helping PHRs to progress.

When it comes to defining the platform architecture, technical features, and the like for PHRs, I strongly believe the private sector should take the lead, and government should avoid doing anything to hamper creative development. This is not to say that there isn’t a crucial role for the feds to play—notably in the area of defining legal and regulatory parameters to protect public privacy, as well as in making new tools and services available to underprivileged populations.

Though ONC is unlikely to make any dramatic moves affecting PHRs, and indeed major policy shakeups of any kind are unlikely in an election year, I am still keeping my eye on the Wired for HealthCare Quality Act, which I really do think is likely to pass this year.

Regardless of what happens in the federal government, we can look forward to June, when Project HealthDesign grantees unveil their prototype PHR applications at a DC event that culminates their 18-month journey.  Stay tuned for more details!

Making a "Moodmeter": A Glimpse into Next Generation PHR Design

Posted by Lygeia Ricciardi on January 15, 2008

One of the Project HealthDesign teams, the Living Profiles Team, based at the Art Center College of Design in Pasadena, is developing a PHR application to help adolescents with chronic illnesses transition from pediatric to the adult care system.

What’s really interesting about this team from my perspective is that it is intensely focused on understanding teens and their specific needs, in part by learning from applications that are popular among this age group, such as phone texting, IM, Facebook, and YouTube. Teens use these applications in building social connections--and their social interactions with each other often incorporate how they are feeling.

Naturally, how you are feeling can be very relevant from a health perspective, as well as a purely social one. The Living Profiles Team is trying to come up with ways that teens can convey their feelings to caregivers through a PHR. A member of the team, Gilad Lotan, has been blogging about some of the interesting questions that arise, such as “What is a mood, anyway?” And “How can you use images to convey it?” Have a look at Gilad’s blog for more.