CHEO Research Institute develops secure protocol for data disclosure

It is important for health care providers to report health issues, such as influenza outbreaks, to public health authorities. But there is evidence of a reluctance to share patient data for public health purposes due to concerns for both patient privacy and provider confidentiality. Dr. Khaled El-Emam and his research team at the CHEO Research Institute have developed a secure protocol and system that would solve this problem.

The new system would protect the identity of patients and while providing effective and meet the needs of public health to detect and investigate disease outbreaks. The new system and associated research findings are published in this month's edition of the Journal of American Medical Informatics.

Providers have an obligation to report diseases to public health authorities, but new research shows that under-reporting by hospitals and physicians is common and can hinder effective disease control. Concern for is a causal factor, but even when this concern is addressed, physicians feel themselves to be at risk when making such disclosures. For example, many are concerned that the data they report could be used to evaluate their compliance with clinical practice guidelines. Others fear an increased possibility of litigation, due to breach of confidentiality.

"Health care providers are less likely to make accurate reports if they feel the information could be used to evaluate them," says Dr. El-Emam. "The new protocol can provide confidence that the identity of healthcare providers is protected, and removes one more barrier to effective disease surveillance."

The secure protocol would encourage full disclosure from health care providers enabling to accurately track such things as and the spread of infection in hospitals. The system also has a "break the glass" mechanism which would allow public health to identify and contact individual patients in case of an outbreak requiring an investigation.

The protocol uses special cryptographic techniques that allow one to perform computations on the encrypted data themselves. Providers share encrypted data and the public health authorities can still compute infection rates over time and detect abnormalities. This gives strong guarantees that patient and provider identity are hidden.

Systems like this will also make it easier for other entities to automatically report to public health. For example, retail pharmacies can report over-the-counter sales data without worrying about revealing competitive store information, and schools can report absenteeism data. With the ability to access more data sources, public health will be in a better position to detect at their earlier stages.

Provided by Children's Hospital of Eastern Ontario Research Institute

not rated yet
add to favorites email to friend print save as pdf

Related Stories

Novel K-anonimity algorithm safeguards access to data

Nov 20, 2009

As electronic health records become more widely deployed, increasing amounts of health information are being collected. This data has many beneficial applications, such as research, public health, and health system planning. ...

Recommended for you

Face transplants change lives, identity

19 hours ago

Patients are prepared to take significant risks in order to be considered for a face transplant, says Dr David Koppel, director of the largest craniofacial unit in the UK and Honorary Clinical Associate Professor ...

British Lords hold ten-hour debate on assisted dying

Jul 19, 2014

Members of Britain's unelected House of Lords spent almost ten hours on Friday discussing whether to legalise assisted dying, in an often emotional debate putting the question back on the agenda, if not on the statute books.

User comments