[MyData & Open Data] [globalpriv-discussion] Catalonia to sell "anonymised" medical records

Phil Booth phil at einsteinsattic.com
Thu Apr 2 15:20:34 UTC 2015 

I agree with Edgar. 

 

Indeed, medConfidential suggested ADRN and the Office for National
Statistics’ Virtual Microdata Laboratory (
http://www.ons.gov.uk/ons/about-ons/business-transparency/freedom-of-informa
tion/what-can-i-request/virtual-microdata-laboratory--vml-/index.html ) as
models when we gave evidence to the UK Parliament’s Health Select Committee
back in March 2014, when the whole care.data fiasco really began to blow up.

 

The Health and Social Care Information Centre (effectively the NHS’ central
information hub) has since begun building a ‘Secure Data Facility’ along
these lines, the first version of which should shortly be operational. N.B.
It’s not just about the tech; robust and rigorous process, procedures and
oversight are equally important, if not more so. 

 

We’ve published a number of papers on ‘safe settings’, links to our
top-level proposals here:

 

https://medconfidential.org/information/towards-every-flow/ - (2) is most
relevant to this discussion, with more detail in the papers we submitted to
a DH consultation in September 2014:

 

https://medconfidential.org/2014/the-department-of-health-protecting-persona
l-health-and-care-data/ 

 

FYI, there are still some outstanding questions about the SPIRE programme in
Scotland ( http://www.spire.scot.nhs.uk/ ) which was put on pause while the
whole care.data debacle played out in England and, unfortunately, we’ve just
last month been forced to take action about a proposal by ONS that it give
commercial companies access to some of the most highly sensitive data held
by Government, including the census, the British Crime Survey, the Health
survey and mandatorily collected workforce and wage information (
http://allbutnames.com/ ). 

 

Even ‘gold standards’ need close, ongoing scrutiny



Cheers,

 

Phil

 

 

From: pi-discussion-bounces at privacyinternational.org
[mailto:pi-discussion-bounces at privacyinternational.org] On Behalf Of
Whitley,EA
Sent: 02 April 2015 15:40
To: Tamir Israel; Judith Vidal-Hall; Phil Booth
Cc: Javier Ruiz; mydata-open-data; SURVEILLANCE at jiscmail.ac.uk;
pi-discussion at privacyinternational.org; Gemma Galdon Clavell; Discussion
list on Data Anonymisation
Subject: Re: [globalpriv-discussion] Catalonia to sell "anonymised" medical
records

 

One model to consider is the UK's ADRN (http://adrn.ac.uk/) - which is for
administrative data sharing (rather than healthcare data) and essentially
involves:

A trusted third party does the linking between various data sets and the
removal of key identifiers.

This linked-and-with key-identifiers-removed data set is then available for
use by accredited researchers on approved research projects in a secure
environment.  Any data that is due to be removed from the secure environment
must then pass through statistical disclosure control mechanisms before it
is released.

 

Edgar

  _____  

From: pi-discussion-bounces at privacyinternational.org
<pi-discussion-bounces at privacyinternational.org> on behalf of Tamir Israel
<tisrael at cippic.ca>
Sent: 02 April 2015 14:48
To: Judith Vidal-Hall; Phil Booth
Cc: Javier Ruiz; mydata-open-data; SURVEILLANCE at jiscmail.ac.uk;
pi-discussion at privacyinternational.org; Gemma Galdon Clavell; Discussion
list on Data Anonymisation
Subject: Re: [globalpriv-discussion] Catalonia to sell "anonymised" medical
records 

 

Hi Gemma, Phil, Judith and all,

In Canada, we are currently trying to assess a recently issued report that
tries to set the roadmap for centralization + expanded access to health data
(for now it's limited to research purposes). It too relies heavily on
'anonymization', but it's going to be 'tempered' hashing because they want
social contextual factors like postal code, nationality, maybe even familial
info, etc., depending on the research context. No opt out/in needed, since
we have risk mitigation via 'anonymization'. 

The report (which we anticipate to be very influential unless countered) is
here:
http://www.scienceadvice.ca/uploads/eng/assessments%20and%20publications%20a
nd%20news%20releases/Health-data/HealthDataFullReportEn.pdf

I'm wondering if anyone is aware of any gold standard (from a civil society
perspective) road maps on implementing this kind of thing? This report
points to scotland/wales as a model to be emulated.

Best,
Tamir

On 02/04/2015 9:25 AM, Judith Vidal-Hall wrote:

Thanks for raising the issue Gemma and as always big Phil some very good
points raised. I'm keeping an eye on the new Institute for Personalized
Medicine in Oxford. Cd be up to the same thing I fear. You get x but you
lose a. 

 

Meanwhile: can anyone tells why the UK media have taken zero interest in the
Google case? I

Sent from my iPhone


On 2 Apr 2015, at 12:46, Phil Booth <medconfidential.coordinator at gmail.com>
wrote:

Dear Gemma,

 

This is deeply concerning. I’m afraid I don’t read Catalan/Spanish so I have
only been able to read the articles via Google Translate. 

 

Please could you clarify a few things:

 

1) If I understand correctly, the government’s plan boils down to
identifiable patient data being passed to a commercial entity, as yet
undetermined, where it will be pseudonymised in some way and then sold on to
third parties.

 

·         Do patients have a right to opt out?

·         If so, how are they to be informed and how do they exercise it?

·         How will the company that will be receiving the population’s
identifiable medical records be chosen? Who owns it, etc. etc.? (I’m not
clear on the difference between ICS, AQuAS, etc. – though that may not be
relevant.)

·         Which third parties will be able to buy data? Who will approve
them, and how?

·         Will the (pseudonymised)data itself be passed to the third parties
or will they only have access to it, e.g. via a ‘safe setting’?

·         What independent oversight mechanisms, audit and transparency
processes are in place?

 

2) Is the proposal to sell data that has been pseudonymised merely by means
of hashing one (or more) identifiers, i.e. they are doing nothing about
quasi-identifiers, and are ignoring all the evidence on re-identification of
linked individual-level data?

 

medConfidential has found it helpful to frame secondary uses of patient data
in terms of “consensual, safe and transparent”. From what I’ve read so far,
the Catalan government’s plans meet none of these criteria.

 

Please feel free to contact me direct or give me a call on +44 7974 230 839,
if it would be helpful to chat.

 

Kind regards,

 

Phil

 

From: pi-discussion-bounces at privacyinternational.org
[mailto:pi-discussion-bounces at privacyinternational.org] On Behalf Of Gemma
Galdon Clavell
Sent: 02 April 2015 11:16
To: Javier Ruiz
Cc: Discussion list on Data Anonymisation;
pi-discussion at privacyinternational.org; <SURVEILLANCE at jiscmail.ac.uk>;
mydata-open-data
Subject: Re: [globalpriv-discussion] Catalonia to sell "anonymised" medical
records

 

Dear all,

As you can see below, the Catalan government has agree to sell medical
records. A PIA was conducted by the regional DPA and there should be a CPO,
but the initiative has been launched despite the opposition from Parliament
and info on the implementation of the PIA recommendations is not available.

I raised some of the issues in El País last year
http://ccaa.elpais.com/ccaa/2014/10/24/catalunya/1414172573_550596.html, and
this led the Parliament to position itself against the initiative. But the
government has decided to move ahead anyway.

 

Any 'noise' you can make about this issue will be greatly appreciated. While
I think that Big Data carries a lot of potential in the field of heath,
without robust pseudonimity (hashing is clearly not enough), transparency
and guarantees this is and extremely irresponsible move.

Kind regards,




Gemma G. Clavell, PhD

Eticas Research & Consulting

C/ Ferlandina 49 (08001 Barcelona) / Reloj 2 (28770 Madrid)

+34 936 005 400 - www.eticasconsulting.com - @eticasconsult

  <http://www.eticasconsulting.es/wp-content/uploads/logoReticaseng.png> 

 

On Thu, Apr 2, 2015 at 12:07 PM, Javier Ruiz <javier at openrightsgroup.org>
wrote:

HI, sorry it is only in Spanish.

 

Catalonian authorities agree to sell medical records to researchers despite
a vote by the regional Parliament to stop the project. 

 

http://politica.elpais.com/politica/2015/04/01/actualidad/1427892067_062214.
html

 

Catalonian data protection authorities and academics had raised concerns
about anonymisation in the context of big data.

 

http://ccaa.elpais.com/ccaa/2014/11/01/catalunya/1414870966_992102.html

 

 

 

_______________________________________________
pi-discussion mailing list
Info and options:
http://mailman.greennet.org.uk/mailman/listinfo/pi-discussion
To unsubscribe, email pi-discussion-unsubscribe at privacyinternational.org





_______________________________________________
pi-discussion mailing list
Info and options:
http://mailman.greennet.org.uk/mailman/listinfo/pi-discussion
To unsubscribe, email pi-discussion-unsubscribe at privacyinternational.org

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.okfn.org/pipermail/mydata-open-data/attachments/20150402/b362f227/attachment-0003.html>

More information about the mydata-open-data mailing list