Skip to main content
Key Specialties
Cardiology Diabetology Endocrinology Gastroenterology Geriatrics and Gerontology Gynecology and Obstetrics Hematology Infectious Disease Internal Medicine Nephrology Neurology Oncology Pediatrics Respiratory Medicine Rheumatology Surgery
Congress Coverage
2024 ACC Congress 2023 ESMO Congress 2023 EASD Congress 2023 ERS Congress 2023 ESC Congress
Clinical Collections
Advances in Alzheimer’s

Keynote webinar | Spotlight on medication adherence

LIVE: Thursday 27th June 2024, 18:00-19:30 (CEST)
Join our expert panel to discover why you need to understand the drivers of non-adherence in your patients, and how you can optimize medication adherence in your clinics to drastically improve patient outcomes.
ADVANCED SEARCH
Log in
Top
BMC Medical Informatics and Decision Making
Published in: BMC Medical Informatics and Decision Making 1/2013

Open Access 01-12-2013 | Technical advance

Pseudonymization of patient identifiers for translational research

Authors: Harald Aamot, Christian Dominik Kohl, Daniela Richter, Petra Knaup-Gregori

Published in: BMC Medical Informatics and Decision Making | Issue 1/2013

Login to get access

Abstract

Background

The usage of patient data for research poses risks concerning the patients’ privacy and informational self-determination. Next-generation-sequencing technologies and various other methods gain data from biospecimen, both for translational research and personalized medicine. If these biospecimen are anonymized, individual research results from genomic research, which should be offered to patients in a clinically relevant timeframe, cannot be associated back to the individual. This raises an ethical concern and challenges the legitimacy of anonymized patient samples. In this paper we present a new approach which supports both data privacy and the possibility to give feedback to patients about their individual research results.

Methods

We examined previously published privacy concepts regarding a streamlined de-pseudonymization process and a patient-based pseudonym as applicable to research with genomic data and warehousing approaches. All concepts identified in the literature review were compared to each other and analyzed for their applicability to translational research projects. We evaluated how these concepts cope with challenges implicated by personalized medicine. Therefore, both person-centricity issues and a separation of pseudonymization and de-pseudonymization stood out as a central theme in our examination. This motivated us to enhance an existing pseudonymization method regarding a separation of duties.

Results

The existing concepts rely on external trusted third parties, making de-pseudonymization a multistage process involving additional interpersonal communication, which might cause critical delays in patient care. Therefore we propose an enhanced method with an asymmetric encryption scheme separating the duties of pseudonymization and de-pseudonymization. The pseudonymization service provider is unable to conclude the patient identifier from the pseudonym, but assigns this ability to an authorized third party (ombudsman) instead. To solve person-centricity issues, a collision-resistant function is incorporated into the method. These two facts combined enable us to address essential challenges in translational research. A productive software prototype was implemented to prove the functionality of the suggested translational, data privacy-preserving method. Eventually, we performed a threat analysis to evaluate potential hazards connected with this pseudonymization method.

Conclusions

The proposed method offers sustainable organizational simplification regarding an ethically indicated, but secure and controlled process of de-pseudonymizing patients. A pseudonym is patient-centered to allow correlating separate datasets from one patient. Therefore, this method bridges the gap between bench and bedside in translational research while preserving patient privacy. Assigned ombudsmen are able to de-pseudonymize a patient, if an individual research result is clinically relevant.
Appendix
Available only for authorised users
Literature
1.
Gymrek M, McGuire AL, Golan D, Halperin E, Erlich Y: Identifying personal genomes by surname inference. Science. 2013, 339 (6117): 321-324. 10.1126/science.1229566.CrossRefPubMed
2.
Lin Z, Owen AB, Altman RB: Genetics. Genomic research and human subject privacy. Science. 2004, 305 (5681): 183-10.1126/science.1095019.CrossRefPubMed
3.
Prokosch HU, Ganslandt T: Perspectives for medical informatics. Reusing the electronic medical record for clinical research. Methods Inf Med. 2009, 48 (1): 38-44.PubMed
4.
Mathew JP, Taylor BS, Bader GD, Pyarajan S, Antoniotti M, Chinnaiyan AM, Sander C, Burakoff SJ, Mishra B: From bytes to bedside: data integration and computational biology for translational cancer research. PLoS Comput Biol. 2007, 3 (2): e12-10.1371/journal.pcbi.0030012.CrossRefPubMedPubMedCentral
5.
Wolf SM, Crock BN, Van Ness B, Lawrenz F, Kahn JP, Beskow LM, Cho MK, Christman MF, Green RC, Hall R: Managing incidental findings and research results in genomic research involving biobanks and archived data sets. Genet Med. 2012, 14 (4): 361-384. 10.1038/gim.2012.23.CrossRefPubMedPubMedCentral
6.
Greenbaum D, Sboner A, Mu XJ, Gerstein M: Genomics and privacy: implications of the new reality of closed data for the field. PLoS Comput Biol. 2011, 7 (12): e1002278-10.1371/journal.pcbi.1002278.CrossRefPubMedPubMedCentral
7.
Schutze B: Use of medical treatment data outside of the patient supply: best way pseudonymisation. Dtsch Med Wochenschr. 2012, 137 (16): 844-850.CrossRefPubMed
8.
Talmon JL, Ros MG, Legemate DA: PSI: The Dutch Academic Infrastructure for shared biobanks for translational research. Summit on translational bioinformatics. 2008, 2008: 110-114.PubMedPubMedCentral
9.
Joly Y, Dove ES, Knoppers BM, Bobrow M, Chalmers D: Data Sharing in the Post-Genomic World: The Experience of the International Cancer Genome Consortium (ICGC) Data Access Compliance Office (DACO). PLoS Comput Biol. 2012, 8 (7): e1002549-10.1371/journal.pcbi.1002549.CrossRefPubMedPubMedCentral
10.
Faldum A, Pommerening K: An optimal code for patient identifiers. Comput Methods Programs Biomed. 2005, 79 (1): 81-88. 10.1016/j.cmpb.2005.03.004.CrossRefPubMed
11.
12.
Quantin C, Jaquet-Chiffelle DO, Coatrieux G, Benzenine E, Auverlot B, Allaert FA: Medical record: systematic centralization versus secure on demand aggregation. BMC Med Inform Decis Mak. 2011, 11: 18-10.1186/1472-6947-11-18.CrossRefPubMedPubMedCentral
13.
Hu H, Correll M, Kvecher L, Osmond M, Clark J, Bekhash A, Schwab G, Gao D, Gao J, Kubatin V: DW4TR: A Data Warehouse for Translational Research. J Biomed Inform. 2011, 44 (6): 1004-1019. 10.1016/j.jbi.2011.08.003.CrossRefPubMed
14.
Mate S, Burkle T, Kopcke F, Breil B, Wullich B, Dugas M, Prokosch HU, Ganslandt T: Populating the i2b2 database with heterogeneous EMR data: a semantic network approach. Stud Health Technol Inform. 2011, 169: 502-506.PubMed
15.
Riedl B, Grascher V, Fenz S, Neubauer T: Pseudonymization for improving the Privacy in E-Health Applications. Proceedings of the Proceedings of the 41st Annual Hawaii International Conference on System Sciences: 2008. 2008, IEEE Computer Society
16.
Neubauer T, Riedl B: Improving patients privacy with Pseudonymization. Stud Health Technol Inform. 2008, 136: 691-696.PubMed
17.
Neubauer T, Heurix J: A methodology for the pseudonymization of medical data. Int J Med Inform. 2010, 80 (3): 190-204.CrossRefPubMed
18.
Noumeir R, Lemay A, Lina JM: Pseudonymization of radiology data for research purposes. J Digit Imaging. 2007, 20 (3): 284-295. 10.1007/s10278-006-1051-4.CrossRefPubMed
19.
Pommerening K, Reng M: Secondary use of the EHR via pseudonymisation. Stud Health Technol Inform. 2004, 103: 441-446.PubMed
20.
Pommerening K, Reng M, Debold P, Semler S: Pseudonymization in medical research - the generic data protection concept of the TMF. GMS Medizinische Informatik, Biometrie und Epidemiologie. 2005, 1: 17-
21.
Dugas M, Breil B, Thiemann V, Lechtenborger J, Vossen G: Single source information systems to connect patient care and clinical research. Stud Health Technol Inform. 2009, 150: 61-65.PubMed
22.
Claerhout B, De Moor GJ, De Meyer F: Secure communication and management of clinical and genomic data: the use of pseudonymisation as privacy enhancing technique. Stud Health Technol Inform. 2003, 95: 170-175.PubMed
23.
Claerhout B, DeMoor GJ: Privacy protection for clinical and genomic data. The use of privacy-enhancing techniques in medicine. Int J Med Inform. 2005, 74 (2–4): 257-265.CrossRefPubMed
24.
De Meyer F, De Moor G, Reed-Fourquet L: Privacy Protection through pseudonymisation in eHealth. Stud Health Technol Inform. 2008, 141: 111-118.PubMed
25.
De Moor GJ, Claerhout B, De Meyer F: Privacy enhancing techniques - the key to secure communication and management of clinical and genomic data. Methods Inf Med. 2003, 42 (2): 148-153.PubMed
26.
Elger BS, Iavindrasana J, Lo Iacono L, Muller H, Roduit N, Summers P, Wright J: Strategies for health data exchange for secondary, cross-institutional clinical research. Comput Methods Programs Biomed. 2010, 99 (3): 230-251. 10.1016/j.cmpb.2009.12.001.CrossRefPubMed
27.
Lo Iacono L: Multi-centric universal pseudonymisation for secondary use of the EHR. Stud Health Technol Inform. 2007, 126: 239-247.PubMed
28.
Pommerening K, Miller M, Schmidtmann I, Michaelis J: Pseudonyms for cancer registries. Methods Inf Med. 1996, 35 (2): 112-121.PubMed
29.
30.
31.
32.
33.
Oechslin P: Making a faster cryptanalytic time-memory trade-off. In: Advances in Cryptology-Crypto 2003, Proceedings: 2003. 2003, Berlin: Springer-Verlag Berlin, 617-630.
34.
Hellman M: A cryptanalytic time-memory trade-off. IEEE Trans Inf Theor. 2006, 26 (4): 401-406.CrossRef
35.
Senger C, Kaltschmidt J, Schmitt SP, Pruszydlo MG, Haefeli WE: Misspellings in drug information system queries: characteristics of drug name spelling errors and strategies for their prevention. Int J Med Inform. 2010, 79 (12): 832-839. 10.1016/j.ijmedinf.2010.09.005.CrossRefPubMed
36.
Ahn L, Blum M, Langford J: Telling humans and computers apart automatically. Commun ACM. 2004, 47 (2): 56-60. 10.1145/966389.966390.CrossRef
37.
38.
Cassa CA, Miller RA, Mandl KD: A novel, privacy-preserving cryptographic approach for sharing sequencing data. Journal of the American Medical Informatics Association : JAMIA. 2013, 20 (1): 69-76. 10.1136/amiajnl-2012-001366.CrossRefPubMed
39.
Kalra D, Gertz R, Singleton P, Inskip HM: Confidentiality of personal health information used for research. BMJ. 2006, 333 (7560): 196-198. 10.1136/bmj.333.7560.196.CrossRefPubMedPubMedCentral
40.
Fullerton SM, Lee SS: Secondary uses and the governance of de-identified data: lessons from the human genome diversity panel. BMC Med Ethics. 2011, 12: 16-10.1186/1472-6939-12-16.CrossRefPubMedPubMedCentral
41.
Pinkas B, Sander T: Securing passwords against dictionary attacks. In: Proceedings of the 9th ACM conference on Computer and communications security. 2002, Washington, DC, USA: ACMCrossRef
Metadata
Title
Pseudonymization of patient identifiers for translational research
Authors
Harald Aamot
Christian Dominik Kohl
Daniela Richter
Petra Knaup-Gregori
Publication date
01-12-2013
Publisher
BioMed Central
Published in
BMC Medical Informatics and Decision Making / Issue 1/2013
Electronic ISSN: 1472-6947
DOI
https://doi.org/10.1186/1472-6947-13-75

Other articles of this Issue 1/2013

BMC Medical Informatics and Decision Making 1/2013 Go to the issue

Research article

Development and validation of the Japanese version of the Decisional Conflict Scale to investigate the value of pharmacists’ information: a before and after study

Software

Design and implementation of the mobility assessment tool: software description

Research article

Measuring preferences for analgesic treatment for cancer pain: How do African-Americans and Whites perform on choice-based conjoint (CBC) analysis experiments?

Research article

Lessons learned from implementation of computerized provider order entry in 5 community hospitals: a qualitative study

Research article

Designing concept maps for a precise and objective description of pharmaceutical innovations

Research article

Mining FDA drug labels for medical conditions