86
views
0
recommends
+1 Recommend
0 collections
    4
    shares
      • Record: found
      • Abstract: found
      • Article: found
      Is Open Access

      Pseudonymization of patient identifiers for translational research

      research-article

      Read this article at

      Bookmark
          There is no author summary for this article yet. Authors can add summaries to their articles on ScienceOpen to make them more accessible to a non-specialist audience.

          Abstract

          Background

          The usage of patient data for research poses risks concerning the patients’ privacy and informational self-determination. Next-generation-sequencing technologies and various other methods gain data from biospecimen, both for translational research and personalized medicine. If these biospecimen are anonymized, individual research results from genomic research, which should be offered to patients in a clinically relevant timeframe, cannot be associated back to the individual. This raises an ethical concern and challenges the legitimacy of anonymized patient samples. In this paper we present a new approach which supports both data privacy and the possibility to give feedback to patients about their individual research results.

          Methods

          We examined previously published privacy concepts regarding a streamlined de-pseudonymization process and a patient-based pseudonym as applicable to research with genomic data and warehousing approaches. All concepts identified in the literature review were compared to each other and analyzed for their applicability to translational research projects. We evaluated how these concepts cope with challenges implicated by personalized medicine. Therefore, both person-centricity issues and a separation of pseudonymization and de-pseudonymization stood out as a central theme in our examination. This motivated us to enhance an existing pseudonymization method regarding a separation of duties.

          Results

          The existing concepts rely on external trusted third parties, making de-pseudonymization a multistage process involving additional interpersonal communication, which might cause critical delays in patient care. Therefore we propose an enhanced method with an asymmetric encryption scheme separating the duties of pseudonymization and de-pseudonymization. The pseudonymization service provider is unable to conclude the patient identifier from the pseudonym, but assigns this ability to an authorized third party (ombudsman) instead. To solve person-centricity issues, a collision-resistant function is incorporated into the method. These two facts combined enable us to address essential challenges in translational research. A productive software prototype was implemented to prove the functionality of the suggested translational, data privacy-preserving method. Eventually, we performed a threat analysis to evaluate potential hazards connected with this pseudonymization method.

          Conclusions

          The proposed method offers sustainable organizational simplification regarding an ethically indicated, but secure and controlled process of de-pseudonymizing patients. A pseudonym is patient-centered to allow correlating separate datasets from one patient. Therefore, this method bridges the gap between bench and bedside in translational research while preserving patient privacy. Assigned ombudsmen are able to de-pseudonymize a patient, if an individual research result is clinically relevant.

          Related collections

          Most cited references30

          • Record: found
          • Abstract: found
          • Article: not found

          Identifying personal genomes by surname inference.

          Sharing sequencing data sets without identifiers has become a common practice in genomics. Here, we report that surnames can be recovered from personal genomes by profiling short tandem repeats on the Y chromosome (Y-STRs) and querying recreational genetic genealogy databases. We show that a combination of a surname with other types of metadata, such as age and state, can be used to triangulate the identity of the target. A key feature of this technique is that it entirely relies on free, publicly accessible Internet resources. We quantitatively analyze the probability of identification for U.S. males. We further demonstrate the feasibility of this technique by tracing back with high probability the identities of multiple participants in public sequencing projects.
            Bookmark
            • Record: found
            • Abstract: found
            • Article: not found

            Managing incidental findings and research results in genomic research involving biobanks and archived data sets.

            Biobanks and archived data sets collecting samples and data have become crucial engines of genetic and genomic research. Unresolved, however, is what responsibilities biobanks should shoulder to manage incidental findings and individual research results of potential health, reproductive, or personal importance to individual contributors (using "biobank" here to refer both to collections of samples and collections of data). This article reports recommendations from a 2-year project funded by the National Institutes of Health. We analyze the responsibilities involved in managing the return of incidental findings and individual research results in a biobank research system (primary research or collection sites, the biobank itself, and secondary research sites). We suggest that biobanks shoulder significant responsibility for seeing that the biobank research system addresses the return question explicitly. When reidentification of individual contributors is possible, the biobank should work to enable the biobank research system to discharge four core responsibilities to (1) clarify the criteria for evaluating findings and the roster of returnable findings, (2) analyze a particular finding in relation to this, (3) reidentify the individual contributor, and (4) recontact the contributor to offer the finding. We suggest that findings that are analytically valid, reveal an established and substantial risk of a serious health condition, and are clinically actionable should generally be offered to consenting contributors. This article specifies 10 concrete recommendations, addressing new biobanks as well as those already in existence.
              Bookmark
              • Record: found
              • Abstract: not found
              • Article: not found

              Genetics. Genomic research and human subject privacy.

                Bookmark

                Author and article information

                Contributors
                Journal
                BMC Med Inform Decis Mak
                BMC Med Inform Decis Mak
                BMC Medical Informatics and Decision Making
                BioMed Central
                1472-6947
                2013
                24 July 2013
                : 13
                : 75
                Affiliations
                [1 ]NCT Trial Center, German Cancer Research Center, Heidelberg, Germany
                [2 ]Institute of Medical Biometry and Informatics, Heidelberg University, Heidelberg, Germany
                [3 ]Coordination Center for Clinical Trials (KKS), Heidelberg University, Heidelberg, Germany
                [4 ]Translational Oncology, German Cancer Research Center, Heidelberg, Germany
                Article
                1472-6947-13-75
                10.1186/1472-6947-13-75
                3733629
                23883409
                27a7704f-b6e6-454a-95fa-4d9fe1bfaeff
                Copyright © 2013 Aamot et al.; licensee BioMed Central Ltd.

                This is an Open Access article distributed under the terms of the Creative Commons Attribution License ( http://creativecommons.org/licenses/by/2.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

                History
                : 21 November 2012
                : 23 July 2013
                Categories
                Technical Advance

                Bioinformatics & Computational biology
                pseudonymization,pseudonymisation,pseudonym,anonyms and pseudonyms,translational research,biobanking,data privacy,individual research results,record linkage,re-identification,de-pseudonymization,de-pseudonymisation

                Comments

                Comment on this article