Posted on March 7, 2008 by Lygeia Ricciardi
This is the second part of the entry called “Deidentified Data Doesn’t Exist… and What to Do about It”. In the first installment, I wrote about the extreme difficulty of stripping the identity from any reasonably meaningful set of health data.
If we assume there is a clear distinction between personally identifiable and deidentified data, we can apply certain policies to the former and other, less restrictive ones, to the latter. But unfortunately, if we conclude that genuine deidentification of data is very hard to achieve and/or yields outputs of relatively low value for most purposes, we need a more sophisticated (though not necessarily uniform) degree of privacy protection for virtually all health data—including data in PHRs generated by patients or consumers.
There is no silver bullet when it comes to privacy protection. No single element can do the job, but an array of coordinated polices and technologies together can be very effective. There is a lot we can gain from previous efforts to protect privacy in disciplines other than health. For more than 25 years, Fair Information Practices have been used in the US, Canada, and Europe to define appropriate ways of handling electronic personal information, whether it is health information, financial information, or any other kind.
According to the US Federal Trade Commission, the five core principles of privacy protection embodied in Fair Information Practices are (1) Notice/Awareness; (2) Choice/Consent; (3) Access/Participation; (4) Integrity/Security and (5) Enforcement/Redress. It’s important to apply the practices as a group, not just pick and choose among them. While many stakeholders—especially policymakers—have a role to play in implementing Fair Information Practices, part of the responsibility falls to designers of applications such as PHRs because design shapes use; you can’t just graft privacy protective policies onto a technology after its features have been set.
In 2006 the Markle Foundation released the “Common Framework”, which applies Fair Information Practices specifically to the case of health information exchange. Markle is currently working on a paper as part of the Common Framework that will address consumers’ access to their own health information via PHRs and related tools and services. That paper contains very specific guidelines on, for example, how to write and post a privacy notice, and how to protect the integrity of data. I’ll post a note on this blog when the paper is publicly released later this spring.
In addition, if you are not already familiar with it, I suggest the Project HealthDesign e-primer on privacy as a resource for exploring this topic in greater detail.
