ID from medical data could spark ‘crisis’

Researchers face ‘ethics’ scandal over security of records, warns computer scientist

April 10, 2014

Source: Getty

Permanent records: one computer security expert says medical data for research cannot be fully anonymised

The UK could face a data version of the Alder Hey child organ scandal if the public do not know what is happening to their medical records, a professor of computer security has claimed.

Ross Anderson of the University of Cambridge said that it was impossible to fully anonymise medical data for use in research and that there was an inescapable risk of individuals’ privacy being breached. “What we are facing here really is a major ethical crisis,” he added.

There has been a string of controversies around the security of medical data recently. In February, NHS England delayed the roll-out of the care.data programme, which links general practice records to hospital data to create a database for researchers, after criticisms about how the public information campaign was run. The following month, concerns surfaced about a mapping company that had access to a nationwide database of hospital information.

Speaking to Times Higher Education, Professor Anderson hit out at comments made by the chief executive of the Medical Research Council, Sir John Savill, to The Times on 21 March. The article reported Sir John as saying that sharing medical data would make the UK the “best clinical laboratory in the world”. He added that studying “de-identified data” in a “safe haven without specific consent” did not threaten confidentiality. Earlier this year, Sir John also raised concerns about proposals by a European Parliament committee to tighten the rules that protect people’s personal data.

But Professor Anderson said: “Once people know how little effort was made by the NHS and the medical research community to protect our confidentiality, [they] would say there is no way we are going to trust these people again.”

He likened the situation to the Alder Hey Children’s Hospital scandal of the late 1980s and early 1990s, when it emerged that the organs of children who had died at the hospital had been removed and stored without authorisation.

“We have to have an open public debate about what sort of access researchers will have to medical information and under what sort of controls,” Professor Anderson said.

However, Andrew Morris, chief scientist of the Scottish Government Health and Social Care Directorates and director of the Scotland branch of the Farr Institute, a UK network of health informatics centres, said that “few things in life have zero risk”. He added: “The approach that we have taken is to put privacy and confidentiality as number one [priority], and devise really careful safeguards.”

Safeguarding measures at the Scottish institute include linking datasets to answer only specific research questions approved by privacy, ethics and advisory committees, and then giving each project a specific encryption and de-identification algorithm. Only accredited researchers are allowed to access data, and datasets can be linked only in secure and audited environments.

On 24 March, the MRC, the Economic and Social Research Council, the Wellcome Trust and Cancer Research UK also announced that they would withdraw funding from any researchers found to be re-identifying individuals from anonymised data.

Professor Morris added: “The research community needs to clearly articulate the benefits of this type of research and how it has clearly changed not only population health but also individual patient care.”

holly.else@tsleducation.com

Times Higher Education free 30-day trial

You've reached your article limit.

Register to continue

Registration is free and only takes a moment. Once registered you can read a total of 3 articles each month, plus:

  • Sign up for the editor's highlights
  • Receive World University Rankings news first
  • Get job alerts, shortlist jobs and save job searches
  • Participate in reader discussions and post comments
Register

Have your say

Log in or register to post comments

Featured Jobs

Technical Officer (Paramedic)

Staffordshire University

Professor in Marketing

Henley Business School

Lecturer or Senior Lecturer in Social Work

University Of The West Of Scotland

Research Service Manager

London School Of Hygiene & Tropical Medicine (lshtm)
See all jobs

Most Commented

Daniel Mitchell illustration (29 June 2017)

Academics who think they can do the work of professional staff better than professional staff themselves are not showing the kind of respect they expect from others

James Fryer illustration (27 July 2017)

It is not Luddism to be cautious about destroying an academic publishing industry that has served us well, says Marilyn Deegan

As the pay of BBC on-air talent is revealed, one academic comes clean about his salary

Senior academics at Teesside University put at risk of redundancy as summer break gets under way

University of Oxford

Reinstatement of professor over age discrimination must force rethink over ‘unfair’ retirement rules, say campaigners