Explore the vast range of titles available.

Privacy was defined as a fundamental human right in the Universal Declaration of Human Rights at the 1948 United Nations General Assembly. However, there is still no consensus on what constitutes privacy. In this review, we look at the evolution of privacy as a concept from the era of Hippocrates to the era of social media and big data. To appreciate the modern measures of patient privacy protection and correctly interpret the current regulatory framework in the United States, we need to analyze and understand the concepts of individually identifiable information, individually identifiable health information, protected health information, and de-identification. The Privacy Rule of the Health Insurance Portability and Accountability Act defines the regulatory framework and casts a balance between protective measures and access to health information for secondary (scientific) use. The rule defines the conditions when health information is protected by law and how protected health information can be de-identified for secondary use. With the advents of artificial intelligence and computational linguistics, computational text de-identification algorithms produce de-identified results nearly as well as those produced by human experts, but much faster, more consistently and basically for free. Modern clinical text de-identification systems now pave the road to big data and enable scientists to access de-identified clinical information while firmly protecting patient privacy. However, clinical text de-identification is not a perfect process. In order to maximize the protection of patient privacy and to free clinical and scientific information from the confines of electronic healthcare systems, all stakeholders, including patients, health institutions and institutional review boards, scientists and the scientific communities, as well as regulatory and law enforcement agencies must collaborate closely. On the one hand, public health laws and privacy regulations define rules and responsibilities such as requesting and granting only the amount of health information that is necessary for the scientific study. On the other hand, developers of de-identification systems provide guidelines to use different modes of operations to maximize the effectiveness of their tools and the success of de-identification. Institutions with clinical repositories need to follow these rules and guidelines closely to successfully protect patient privacy. To open the gates of big data to scientific communities, healthcare institutions need to be supported in their de-identification and data sharing efforts by the public, scientific communities, and local, state, and federal legislators and government agencies.

Two steps will help collaborations worldwide to share information and comply with EU privacy rules. Confusion over GDPR is stalling scientific progress Two steps will help collaborations worldwide to share information and comply with EU privacy rules. “The GDPR has stalled at least 40 clinical and observational studies.”

In Canada, commercial data brokers are currently able to use deidentified patient data from pharmacies, private drug insurers, the federal government and medical clinics without patient consent. They are able to do this because of a lack of privacy protections for deidentified data. A proposed federal privacy bill, the Consumer Privacy Protection Act (Bill C-11) would have halted disclosure of deidentified data to commercial entities, although the bill left some important issues unresolved. However, the bill died when parliament was dissolved in Aug 2021. Updated legislation should be strengthened to protect patient data and support appropriate uses. Here, Spithoff et al discuss how deidentified patient data are currently being used, potential harms of their use, views of patients and the public about the use of their deidentified data and how legislation can be strengthened to better protect people in Canada.

In recent years, the use of personal data in marketing, scientific and medical investigation, and forecasting future trends has really increased. This information is used by the government, companies, and individuals, and should not contain any sensitive information that allows the identification of an individual. Therefore, data anonymization is essential nowadays. Data anonymization changes the original data to make it difficult to identify an individual. ARX Data Anonymization and Amnesia are two popular open-source tools that simplify this process. In this paper, we evaluate these tools in two ways: with the OSSpal methodology, and using a public dataset with the most recent tweets about the Pfizer and BioNTech vaccine. The assessment with the OSSpal methodology determines that ARX Data Anonymization has better results than Amnesia. In the experimental evaluation using the public dataset, it is possible to verify that Amnesia has some errors and limitations, but the anonymization process is simpler. Using ARX Data Anonymization, it is possible to upload big datasets and the tool does not show any error in the anonymization process. We concluded that ARX Data Anonymization is the one recommended to use in data anonymization.

Research outlets are increasingly adopting open data policies as a requisite for publication, including studies with human subjects data. We investigated whether open data policies influence participants' rate of consent by randomly assigning participants to view consent forms with and without discussion of open data policies. No participants declined to participate, regardless of condition, nor did rates of drop-out vs. completion vary between conditions. Furthermore, no significant change in potential consent rates was reported when participants were openly asked about the influence of open data policies on their likelihood of consent. However, follow-up analyses indicated possible poor attention to consent forms, consistent with previous research. Moreover, thematic analysis of participants' considerations of open data policy indicated multiple considerations such as concerns regarding confidentiality, anonymity, data security, and study sensitivity. The impact of open data policies on participation raises complex issues at the intersection of ethics and scientific innovation. We conclude by encouraging researchers to consider participants as stakeholders in open data policy and by providing recommendations for open data policies in human subjects research.

The care.data programme was proposed as a way of assisting medical research and monitoring NHS trends and performance more closely by linking patients' GP records with information already collected from acute trusts through hospital episode statistics. [...]the government and the health and care system remain absolutely committed to realising the benefits of sharing information as an essential part of improving outcomes for patients. [...]this work will now be taken forward by the National Information Board, in close collaboration with the primary care community, in order to retain public confidence and to drive better care for patients.\"

While rich medical, behavioral, and socio-demographic data are key to modern data-driven research, their collection and use raise legitimate privacy concerns. Anonymizing datasets through de-identification and sampling before sharing them has been the main tool used to address those concerns. We here propose a generative copula-based method that can accurately estimate the likelihood of a specific person to be correctly re-identified, even in a heavily incomplete dataset. On 210 populations, our method obtains AUC scores for predicting individual uniqueness ranging from 0.84 to 0.97, with low false-discovery rate. Using our model, we find that 99.98% of Americans would be correctly re-identified in any dataset using 15 demographic attributes. Our results suggest that even heavily sampled anonymized datasets are unlikely to satisfy the modern standards for anonymization set forth by GDPR and seriously challenge the technical and legal adequacy of the de-identification release-and-forget model. Anonymization has been the main means of addressing privacy concerns in sharing medical and socio-demographic data. Here, the authors estimate the likelihood that a specific person can be re-identified in heavily incomplete datasets, casting doubt on the adequacy of current anonymization practices.

Background Research into personal health data holds great potential not only for improved treatment but also for economic growth. In these years many countries are developing policies aimed at facilitating such research often under the banner of ‘big data’. A central point of debate is whether the secondary use of health data requires informed consent if the data is anonymised. In 2013 the Danish Minister of Health established a new register collecting data about all ritual male childhood circumcisions in Denmark. The main purpose of the register was to enable future research into the consequences of ritual circumcision. Discussion This article is a study into the case of the Danish Circumcision Registry. We show that such a registry may lead to various forms of harm such as 1) overreaching social pressure, 2) stigmatization, 3) medicalization of a religious practice, 4) discrimination, and 5) polarised research, and that a person may therefore have a strong and legitimate interest in deciding whether or not such data should be collected and/or used in research. This casts doubt on the claim that the requirement of informed consent could and should be waived for all types of secondary research into registries. We finally sketch a new model of informed consent – Meta consent – aimed at striking a balance between the interests in promoting research and at the same time protecting the individual. Summary Research participants may have a strong and legitimate interest in deciding whether or not their data should be collected and used for registry-based research whether or not their data is anonymised.

The secondary use of health data is central to biomedical research in the era of data science and precision medicine. National and international initiatives, such as the Global Open Findable, Accessible, Interoperable, and Reusable (GO FAIR) initiative, are supporting this approach in different ways (eg, making the sharing of research data mandatory or improving the legal and ethical frameworks). Preserving patients' privacy is crucial in this context. De-identification and anonymization are the two most common terms used to refer to the technical approaches that protect privacy and facilitate the secondary use of health data. However, it is difficult to find a consensus on the definitions of the concepts or on the reliability of the techniques used to apply them. A comprehensive review is needed to better understand the domain, its capabilities, its challenges, and the ratio of risk between the data subjects' privacy on one side, and the benefit of scientific advances on the other. This work aims at better understanding how the research community comprehends and defines the concepts of de-identification and anonymization. A rich overview should also provide insights into the use and reliability of the methods. Six aspects will be studied: (1) terminology and definitions, (2) backgrounds and places of work of the researchers, (3) reasons for anonymizing or de-identifying health data, (4) limitations of the techniques, (5) legal and ethical aspects, and (6) recommendations of the researchers. Based on a scoping review protocol designed a priori, MEDLINE was searched for publications discussing de-identification or anonymization and published between 2007 and 2017. The search was restricted to MEDLINE to focus on the life sciences community. The screening process was performed by two reviewers independently. After searching 7972 records that matched at least one search term, 135 publications were screened and 60 full-text articles were included. (1) Terminology: Definitions of the terms de-identification and anonymization were provided in less than half of the articles (29/60, 48%). When both terms were used (41/60, 68%), their meanings divided the authors into two equal groups (19/60, 32%, each) with opposed views. The remaining articles (3/60, 5%) were equivocal. (2) Backgrounds and locations: Research groups were based predominantly in North America (31/60, 52%) and in the European Union (22/60, 37%). The authors came from 19 different domains; computer science (91/248, 36.7%), biomedical informatics (47/248, 19.0%), and medicine (38/248, 15.3%) were the most prevalent ones. (3) Purpose: The main reason declared for applying these techniques is to facilitate biomedical research. (4) Limitations: Progress is made on specific techniques but, overall, limitations remain numerous. (5) Legal and ethical aspects: Differences exist between nations in the definitions, approaches, and legal practices. (6) Recommendations: The combination of organizational, legal, ethical, and technical approaches is necessary to protect health data. Interest is growing for privacy-enhancing techniques in the life sciences community. This interest crosses scientific boundaries, involving primarily computer science, biomedical informatics, and medicine. The variability observed in the use of the terms de-identification and anonymization emphasizes the need for clearer definitions as well as for better education and dissemination of information on the subject. The same observation applies to the methods. Several legislations, such as the American Health Insurance Portability and Accountability Act (HIPAA) and the European General Data Protection Regulation (GDPR), regulate the domain. Using the definitions they provide could help address the variable use of these two concepts in the research community.