摘要:Electronic medical record keeping has led to increased interest in analyzing historical patient data to improve care delivery. Such research use of patient data, however, raises concerns about confidentiality and institutional liability. Institutional review boards must balance patient data security with a researcher’s ability to explore potentially important clinical relationships. We considered the issues involved when patient records from health care institutions are used in medical research. We also explored current regulations on patient confidentiality, the need for identifying information in research, and the effectiveness of deidentification and data security. We will present an algorithm for researchers to use to think about the data security needs of their research, and we will introduce a vocabulary for documenting these techniques in proposals and publications. THE RAPID DIGITIZATION OF medical records and administrative databases coupled with advances in statistics and computing capabilities promise to make epidemiological studies for improving health care more fruitful than ever. Modern computing power provides quantitative researchers with numerous new techniques for exploring and identifying correlations in large data warehouses. 1 Common to such efforts is the need for access to large quantities of potentially sensitive patient health information (protected health information, such as names, record numbers, addresses, and so on). Interest in maintaining—and legal sanctions for violating—patient confidentiality are of particular concern to researchers who use medical data (administrative, diagnostic, etc.) in analytic studies. Balancing the conflicting interests of ensuring patient confidentiality with providing access to sufficiently detailed information for adequate research is a serious challenge to health care organizations and data providers and their respective institutional review boards (IRBs). Although existing legal restrictions in the United States attempt to strike such a balance, no computing system is entirely secure, and there is understandable concern about unintended or inappropriate releases of information. Fortunately, there are numerous concepts and techniques from the domains of data security and statistical disclosure limitation that may be brought to bear on this problem. Application of these techniques allows tradeoffs between data usability and data security, giving researchers access to relevant data while at the same time minimizing the potential damage of a breech in data security. We reviewed privacy issues surrounding the use of electronic data collected in routine medical care, and we considered advanced approaches to minimizing potential privacy violations when data is used for medical research. Because of the complexity of this problem and the array of techniques available for improving data security, we did not delve into specific technologies or security algorithms. Rather, this discussion is intended to be an introduction for researchers and their human participant oversight structures and a starting point for conversations with information service departments about the best security solutions for a given situation.
