An example of the conditions that may be imposed on secondary research is instructive here. The protections for the personal data in the giant Health Care Financing Administration (HCFA) databases, which contain Medicare records on some 37 million older Americans and Medicaid data from 29 States on 22 million additional beneficiaries, are stringent. (The databases were described on page 19.)
HCFA's "Agreement for Release of [HCFA] Public Use Files" (files in which all personal identifiers have been removed) begins by saying: "In order to ensure the confidence of the American public regarding the confidentiality of information collected and maintained by the Federal government" HCFA expects recipients of its data to comply with specific requirements. Among other undertakings, data-recipients must:
- Designate an official custodian for the files;
- Agree to maintain a specified set of safeguards;
- Agree "that the recipient shall neither publish nor release any information that is derived from the file and that could reasonably be expected to permit deduction of a beneficiary's identity";
- Agree that without express written authorization from HCFA, the recipient will make no attempt to link records in the files to any other source of personally identifiable information; and
- Agree that the recipient "shall make no attempt to identify any specific individual whose record is included in the file" or "unencrypt any person- level information in the file."
HCFA also releases personally identifiable data, under an even more strict "Agreement for Release of [HCFA] Data with Individual Identifiers." Among its additional provisions are that recipients must:
- Submit a statement delineating the exact research purposes;
- Promise to return the data or submit a certificate of destruction; and
- Recognize the right of HCFA to inspect physical security arrangements.
A great many useful studies are performed under these Agreements. The rules are not easy to enforce, because it is difficult for HCFA to follow what the researchers actually do in practice. But surely they are the kinds of rules that make sense. Federal statutory penalties may be imposed if the rules are not followed, or if the data are used wrongfully. And from time to time HCFA does investigate and does sanction offending researchers and their institutions.