ID from medical data could spark ‘crisis’

Researchers face ‘ethics’ scandal over security of records, warns computer scientist

April 10, 2014

Source: Getty

Permanent records: one computer security expert says medical data for research cannot be fully anonymised

The UK could face a data version of the Alder Hey child organ scandal if the public do not know what is happening to their medical records, a professor of computer security has claimed.

Ross Anderson of the University of Cambridge said that it was impossible to fully anonymise medical data for use in research and that there was an inescapable risk of individuals’ privacy being breached. “What we are facing here really is a major ethical crisis,” he added.

There has been a string of controversies around the security of medical data recently. In February, NHS England delayed the roll-out of the care.data programme, which links general practice records to hospital data to create a database for researchers, after criticisms about how the public information campaign was run. The following month, concerns surfaced about a mapping company that had access to a nationwide database of hospital information.

Speaking to Times Higher Education, Professor Anderson hit out at comments made by the chief executive of the Medical Research Council, Sir John Savill, to The Times on 21 March. The article reported Sir John as saying that sharing medical data would make the UK the “best clinical laboratory in the world”. He added that studying “de-identified data” in a “safe haven without specific consent” did not threaten confidentiality. Earlier this year, Sir John also raised concerns about proposals by a European Parliament committee to tighten the rules that protect people’s personal data.

But Professor Anderson said: “Once people know how little effort was made by the NHS and the medical research community to protect our confidentiality, [they] would say there is no way we are going to trust these people again.”

He likened the situation to the Alder Hey Children’s Hospital scandal of the late 1980s and early 1990s, when it emerged that the organs of children who had died at the hospital had been removed and stored without authorisation.

“We have to have an open public debate about what sort of access researchers will have to medical information and under what sort of controls,” Professor Anderson said.

However, Andrew Morris, chief scientist of the Scottish Government Health and Social Care Directorates and director of the Scotland branch of the Farr Institute, a UK network of health informatics centres, said that “few things in life have zero risk”. He added: “The approach that we have taken is to put privacy and confidentiality as number one [priority], and devise really careful safeguards.”

Safeguarding measures at the Scottish institute include linking datasets to answer only specific research questions approved by privacy, ethics and advisory committees, and then giving each project a specific encryption and de-identification algorithm. Only accredited researchers are allowed to access data, and datasets can be linked only in secure and audited environments.

On 24 March, the MRC, the Economic and Social Research Council, the Wellcome Trust and Cancer Research UK also announced that they would withdraw funding from any researchers found to be re-identifying individuals from anonymised data.

Professor Morris added: “The research community needs to clearly articulate the benefits of this type of research and how it has clearly changed not only population health but also individual patient care.”

holly.else@tsleducation.com

Times Higher Education free 30-day trial

You've reached your article limit.

Register to continue

Registration is free and only takes a moment. Once registered you can read a total of 3 articles each month, plus:

  • Sign up for the editor's highlights
  • Receive World University Rankings news first
  • Get job alerts, shortlist jobs and save job searches
  • Participate in reader discussions and post comments
Register

Have your say

Log in or register to post comments

Featured Jobs

Assistant Recruitment - Human Resources Office

University Of Nottingham Ningbo China

Outreach Officer

Gsm London

Professorship in Geomatics

Norwegian University Of Science & Technology -ntnu

Professor of European History

Newcastle University

Head of Department

University Of Chichester
See all jobs

Most Commented

men in office with feet on desk. Vintage

Three-quarters of respondents are dissatisfied with the people running their institutions

students use laptops

Researchers say students who use computers score half a grade lower than those who write notes

Canal houses, Amsterdam, Netherlands

All three of England’s for-profit universities owned in Netherlands

sitting by statue

Institutions told they have a ‘culture of excluding postgraduates’ in wake of damning study

A face made of numbers looks over a university campus

From personalising tuition to performance management, the use of data is increasingly driving how institutions operate