Protecting patient privacy has been recognized as the duty of health-care providers for aHealth Insurance Portability and Accountability Actbout as long as doctors have seen patients. Since 1996, that duty became a legal obligation when Congress passed the Health Insurance Portability and Accountability Act.
HIPAA regulations safeguard patient's personal health information but can also complicate the process of safeguarding public health. Information aggregated from the medical records of vast numbers of individuals is needed to develop new drug therapies and novel medical treatments, to stop epidemics or prevent other life threatening events.
In a study published in the September-October issue of the Journal of the American Medical Informatics Association, Jeff Friedlin, D.O., of the Regenstrief Institute, Inc. and the Indiana University School of Medicine, discusses a new computer program that may resolve the complex issue of privacy vs. public good. Dr. Friedlin writes about the Medical De-identification System (MeDS), a highly accurate and speedy computer software program he has developed and successfully tested for de-identifying patient information while retaining the essential data key to medical research.
"Medical researchers need data from really large numbers of actual patients, but must protect their privacy. The more data we can access, the better our studies will be. This is not the first software program to remove or "scrub" patient identifiers from medical records, but compared to programs that have been evaluated and described in peer reviewed studies, it is both broader and more accurate," said Dr. Friedlin, who is a research scientist at Regenstrief and an assistant professor of family medicine at the IU School of Medicine.
MeDS can eliminate identifying data from history and physicals, discharge notes, and laboratory, pathology and radiology reports. The current generation of de-identifying software concentrates on removing patient identifiers from pathology reports.
The new software program replaces the deleted identifying data with a symbol so the researcher knows something was taken out. To further insure confidentiality, MeDS does not indicate the nature of what was removed. "This software does something that a human could easily do but in a fraction of the time and expense. A human could 'white out' personal identifying information in 10 hefty medical records in about 6 hours. MeDS can do the same thing in under two minutes," said Dr. Friedlin.