UK's 'anonymous' health records are wide open

Stefan Mileschin · 26th April 2013, 07:37

Ross Anderson, professor of security engineering at the University of Cambridge Computer Laboratory, told MedConfidential's crowd how proposed 'anonymised' data is anything but.

Data on databases and anonymised will be stored without names, per se, but will still retain the patients' post code and age, meaning that it is actually pretty simple to identify patients and those with sensitive records, such as people who are HIV positive.

Anderson pointed out that it doesn't take much more than one family member or friend with access to patient records to get to that data, either. Considering how many people the NHS employs there are a lot of potential weak links. The emergency care system in Scotland allowed access to the health records of prominent political figures like Gordon Brown and Alex Salmond. The culprit was not prosecuted - as it was not 'in the public interest' - however, it could also be an embarrassing metric of the open nature of supposedly anonymised health records.

Although British Prime Minister David Cameron has promised health records will be anonymised, the anonymisation process seems like a cop out as it is still possible to access very private information. There is indeed an opt out, however, it is "like Facebook" - the defaults are wrong, the privacy mechanisms are "obscure" and they get changed whenever a lot of people learn to use them. Efforts to exempt medical data from European data protection regulation are also underway thanks to the health market lobby.

Anderson concluded that a national system holding 50,000,000 records is too big a target, will be cumbersome, fragile and unsafe, and failures to properly protect privacy will have real costs in safety and access - particularly for the most vulnerable or at risk sections of societies.

Anderson also pointed out that hard data 'thinks' about people in a different way - it doesn't take into account measured human behaviour, and can "look at you in a different, unmoderated way". According to Anderson, for example, it can take just four Facebook 'likes' to determine the sexuality of a user.

http://news.techeye.net/security/uks...-are-wide-open

26th April 2013, 07:37	#1
Stefan Mileschin [M] Reviewer Join Date: May 2010 Location: Romania Posts: 148,597	UK's 'anonymous' health records are wide open Ross Anderson, professor of security engineering at the University of Cambridge Computer Laboratory, told MedConfidential's crowd how proposed 'anonymised' data is anything but. Data on databases and anonymised will be stored without names, per se, but will still retain the patients' post code and age, meaning that it is actually pretty simple to identify patients and those with sensitive records, such as people who are HIV positive. Anderson pointed out that it doesn't take much more than one family member or friend with access to patient records to get to that data, either. Considering how many people the NHS employs there are a lot of potential weak links. The emergency care system in Scotland allowed access to the health records of prominent political figures like Gordon Brown and Alex Salmond. The culprit was not prosecuted - as it was not 'in the public interest' - however, it could also be an embarrassing metric of the open nature of supposedly anonymised health records. Although British Prime Minister David Cameron has promised health records will be anonymised, the anonymisation process seems like a cop out as it is still possible to access very private information. There is indeed an opt out, however, it is "like Facebook" - the defaults are wrong, the privacy mechanisms are "obscure" and they get changed whenever a lot of people learn to use them. Efforts to exempt medical data from European data protection regulation are also underway thanks to the health market lobby. Anderson concluded that a national system holding 50,000,000 records is too big a target, will be cumbersome, fragile and unsafe, and failures to properly protect privacy will have real costs in safety and access - particularly for the most vulnerable or at risk sections of societies. Anderson also pointed out that hard data 'thinks' about people in a different way - it doesn't take into account measured human behaviour, and can "look at you in a different, unmoderated way". According to Anderson, for example, it can take just four Facebook 'likes' to determine the sexuality of a user. http://news.techeye.net/security/uks...-are-wide-open

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Windows 8 Touch Laptops Bad For Your Health?	Stefan Mileschin	WebNews	0	2nd April 2013 08:20
Samsung Galaxy S 4 wireless charging pad and S Health scale hands-on	Stefan Mileschin	WebNews	0	15th March 2013 07:41
Ecuador worried about Assange's health	Stefan Mileschin	WebNews	0	26th October 2012 06:27
'Junk DNA' plays crucial role in health	Stefan Mileschin	WebNews	0	7th September 2012 06:36
The Android Dilemma - An Open Platform Open to Piracy? @ Techgage	Stefan Mileschin	WebNews	0	26th July 2012 08:53
Iceman's genome reveals health problems	Stefan Mileschin	WebNews	0	1st March 2012 07:04
Motherboard with rusty chokes spotted - time for a PC health check?	jmke	WebNews	0	17th January 2010 17:38
Study Finds Health Problems from Wind Farms	jmke	WebNews	0	14th August 2008 17:04
Caution: Laser Printer Could Harm Your Health	Sidney	WebNews	0	24th September 2007 06:24
Open source, open wallet	Sidney	WebNews	2	7th November 2005 15:53