Privacy and Health Research. Major Current Issue Clusters


The Report identifies many problem areas. The following are four large groups of issues that, while not entirely new, are growing rapidly in scale and complexity, and must urgently be attended to:

  • Secondary uses of data, and data linking
  • Research on private-sector health data
  • Cybersecurity
  • Genetic privacy.

Issue cluster: Secondary research use of data, and data linking

Secondary use is, as it sounds, use of data subsequent to the original use. Much highly beneficial health research depends on it.

As databases are maturing and increasing in size and quality, their appeal as research resources also is growing. Thus the databases of healthcare finance systems and managed-care organizations, among others, are much in demand. The data hunger of managed care, and of national healthcare systems, is insatiable. Ultimately the public will benefit from research studying these systems themselves as systems, as well as from research that uses data in the systems for external purposes.

If it is decided that personally identifiable data must be used, then the most difficult issue is consent. The Report proposes a scheme of "Consent scenarios in secondary research" in the hope that it will attract discussion and development.

Related to secondary research is data linking, in which associations (links) are made between data on the same data-subject(s) in more than one data collection. Beyond such considerations as consent, the concern about particular linking studies usually is whether they might assemble "too much" information about data-subjects or the social groups of which they are representative, even if personal identities are not revealed, and/or whether the linking can lead to data-subjects' becoming identifiable by deduction.

Issue cluster: Research on private-sector health data

Immense volumes of personally identifiable data and lightly masked key-coded data, as well as effectively key-coded or anonymized data, are handled by managed-care organizations, pharmaceutical and related companies, and other private-sector institutions. Some State legal controls apply, as do the Privacy Act and Federal laws where there is Federal involvement.

But for many health data held in the private sector, few legal controls apply in theory or are enforced in practice regarding such matters as data-subject consent, public notification, Institutional Review Board supervision, or transfer of the data for secondary study. Effective privacy, confidentiality, and security safeguards may well be in place, but this may not be fully evident.

The status of private-sector health data deserves to be reviewed. Probably it should be brought under a uniform Federal regimen.

Issue cluster: Cybersecurity

It is not a exaggeration to say that all over the world, the protection of the confidentiality and security of health data, especially data that are stored, processed, and transferred electronically, is under review. Until the several intersecting (and perhaps conflicting) goals are clarified and these problems are resolved, the envisioned future of lifetime electronic medical databases, elaborate health-data networks, and the like, will not be realized.

These issues are very different from those surrounding the security of paper records and physical filing cabinets (although, these are involved, too). Thus the rubric, "cybersecurity," is used here to connote the new character of the problems.

For research, how are various consents and differential access conditions to be trailed along with various data as the data are moved around, combined with other data, linked to other data, split apart and reassorted, and processed by different users for different purposes?

Issue cluster: Genetic privacy

As the newsmedia are constantly reminding us, the world has entered an entirely new era in genetics: The human genome is being mapped, incredibly sensitive and precise genetic tests have been developed, genetic screening has become commonplace, and an almost incredible array of genetic interventions is being explored. As an area of medicine and public-health practice, so much of the new genetics work is so innovative that for many purposes it must be considered "research."

What is changing rapidly is that we are becoming able to identify genetic factors that increase disease risk but are not uniquely the determinants of disease.

Ethical and policy solutions are being sought that will protect against using genetic data prejudicially against people's interests, such as eligibility for employment, financial credit, or health or life insurance.

Research on stored tissue samples, such as blood samples, biopsied tumor or other pathology materials, semen, and other human tissues that contain nucleated cells involves special questions. Identifiability, consent, and disclosure are the core issues.

Developing ethical guidance over genetic privacy is crucial to the future of both genetic research and applied genetics. Because genetic science is becoming more deeply integrated with other kinds of biomedical knowledge, genetic ethics must be integrated with basic biomedical ethics and not developed entirely separately.