Unformatted text preview: arge
Medicare Data Date
affiliation Date last
Latanya Sweeney, MIT, 1997 Uniqueness in Cambridge voters
Birth date alone
Birth date & gender
Birth date & 5-digit ZIP
Birth date & full postal code 12%
97% Birth date includes month, day and year.
Total 54,805 voters. Information Security Elements
• Availability when and where needed
• Authentication a person or system is who they purport to be (preceded by Identification)
• Access Control only authorized persons, for authorized uses
• Confidentiality no unauthorized information disclosure
• Integrity Information content not alterable except under authorized circumstances
• Attribution/nonrepudiation actions taken are reliably traceable Why is this so hard in Why is this so hard in healthcare contexts?
1. The nature of biomedical data The nature of biomedical data
The nature of biomedical data
• Variable levels of sensitivity; “sensitive” is in the eye of multiple beholders, and highly context
• No bright line between personidentifiable and “anonymous” data
– So inherently rich in attributes that reidentification potential never reaches zero • Genome as Future Diary: An individual’s medical data may have implications for other family members who have much different values and preferences, and for future generations Why is this so hard?
Why is this so hard?
2. The nature of biomedical data
Complex interpersonal and organizational roles with respect to data Complex roles: entities with justifiable Complex roles: entities with justifiable (and variable) rights to medical data
• First order role definitions: – Provider, Patient, Payer, “Society” • Second order: – Providers: primary vs. consultant provider, ancillary support staff
– Patient: self, family, legally authorized reps
– Payer: billing staff and subcontr...
View Full Document
- Winter '14
- J. Am Med Informatics Assoc, E. Coiera et., Coiera et. al., Med Informatics Assoc