For Publishers
DiscoveryMetadataPeer reviewHostingPublishing
For Researchers
JoinPublishReviewCollect
Register
Blog
About
Search
Advanced search
My ScienceOpen
Search
For Publishers
For Researchers
Blog
About
11
views
62
references
 Top references
cited by
34
    
0 reviews
 Review
0
comments
 Comment
0
recommends
+1 Recommend
1 collections
    0
    shares
      65
      similar
       All similar

      Submit your digital health research with an established publisher
      - celebrating 25 years of open access

      • Record: found
      • Abstract: found
      • Article: found
      Is Open Access

      Use and Understanding of Anonymization and De-Identification in the Biomedical Literature: Scoping Review

      review-article

      Read this article at

      ScienceOpenPublisherPMC
      Bookmark
          There is no author summary for this article yet. Authors can add summaries to their articles on ScienceOpen to make them more accessible to a non-specialist audience.

          Abstract

          Background

          The secondary use of health data is central to biomedical research in the era of data science and precision medicine. National and international initiatives, such as the Global Open Findable, Accessible, Interoperable, and Reusable (GO FAIR) initiative, are supporting this approach in different ways (eg, making the sharing of research data mandatory or improving the legal and ethical frameworks). Preserving patients’ privacy is crucial in this context. De-identification and anonymization are the two most common terms used to refer to the technical approaches that protect privacy and facilitate the secondary use of health data. However, it is difficult to find a consensus on the definitions of the concepts or on the reliability of the techniques used to apply them. A comprehensive review is needed to better understand the domain, its capabilities, its challenges, and the ratio of risk between the data subjects’ privacy on one side, and the benefit of scientific advances on the other.

          Objective

          This work aims at better understanding how the research community comprehends and defines the concepts of de-identification and anonymization. A rich overview should also provide insights into the use and reliability of the methods. Six aspects will be studied: (1) terminology and definitions, (2) backgrounds and places of work of the researchers, (3) reasons for anonymizing or de-identifying health data, (4) limitations of the techniques, (5) legal and ethical aspects, and (6) recommendations of the researchers.

          Methods

          Based on a scoping review protocol designed a priori, MEDLINE was searched for publications discussing de-identification or anonymization and published between 2007 and 2017. The search was restricted to MEDLINE to focus on the life sciences community. The screening process was performed by two reviewers independently.

          Results

          After searching 7972 records that matched at least one search term, 135 publications were screened and 60 full-text articles were included. (1) Terminology: Definitions of the terms de-identification and anonymization were provided in less than half of the articles (29/60, 48%). When both terms were used (41/60, 68%), their meanings divided the authors into two equal groups (19/60, 32%, each) with opposed views. The remaining articles (3/60, 5%) were equivocal. (2) Backgrounds and locations: Research groups were based predominantly in North America (31/60, 52%) and in the European Union (22/60, 37%). The authors came from 19 different domains; computer science (91/248, 36.7%), biomedical informatics (47/248, 19.0%), and medicine (38/248, 15.3%) were the most prevalent ones. (3) Purpose: The main reason declared for applying these techniques is to facilitate biomedical research. (4) Limitations: Progress is made on specific techniques but, overall, limitations remain numerous. (5) Legal and ethical aspects: Differences exist between nations in the definitions, approaches, and legal practices. (6) Recommendations: The combination of organizational, legal, ethical, and technical approaches is necessary to protect health data.

          Conclusions

          Interest is growing for privacy-enhancing techniques in the life sciences community. This interest crosses scientific boundaries, involving primarily computer science, biomedical informatics, and medicine. The variability observed in the use of the terms de-identification and anonymization emphasizes the need for clearer definitions as well as for better education and dissemination of information on the subject. The same observation applies to the methods. Several legislations, such as the American Health Insurance Portability and Accountability Act (HIPAA) and the European General Data Protection Regulation (GDPR), regulate the domain. Using the definitions they provide could help address the variable use of these two concepts in the research community.

          Related collections

          Most cited references62

          • Record: found
          • Abstract: found
          • Article: not found

          Guidance for conducting systematic scoping reviews.

          Micah D.J. Peters, Christina M Godfrey, Hanan Khalil (2015)
          Reviews of primary research are becoming more common as evidence-based practice gains recognition as the benchmark for care, and the number of, and access to, primary research sources has grown. One of the newer review types is the 'scoping review'. In general, scoping reviews are commonly used for 'reconnaissance' - to clarify working definitions and conceptual boundaries of a topic or field. Scoping reviews are therefore particularly useful when a body of literature has not yet been comprehensively reviewed, or exhibits a complex or heterogeneous nature not amenable to a more precise systematic review of the evidence. While scoping reviews may be conducted to determine the value and probable scope of a full systematic review, they may also be undertaken as exercises in and of themselves to summarize and disseminate research findings, to identify research gaps, and to make recommendations for the future research. This article briefly introduces the reader to scoping reviews, how they are different to systematic reviews, and why they might be conducted. The methodology and guidance for the conduct of systematic scoping reviews outlined below was developed by members of the Joanna Briggs Institute and members of five Joanna Briggs Collaborating Centres.
          Article 0 comments Cited 1902 times – based on 0 reviews     Review now
            Bookmark
            • Record: found
            • Abstract: found
            • Article: found
            Is Open Access

            A Systematic Review of Re-Identification Attacks on Health Data

            Khaled El Emam, Elizabeth Jonker, Luk Arbuckle (2011)
            Background Privacy legislation in most jurisdictions allows the disclosure of health data for secondary purposes without patient consent if it is de-identified. Some recent articles in the medical, legal, and computer science literature have argued that de-identification methods do not provide sufficient protection because they are easy to reverse. Should this be the case, it would have significant and important implications on how health information is disclosed, including: (a) potentially limiting its availability for secondary purposes such as research, and (b) resulting in more identifiable health information being disclosed. Our objectives in this systematic review were to: (a) characterize known re-identification attacks on health data and contrast that to re-identification attacks on other kinds of data, (b) compute the overall proportion of records that have been correctly re-identified in these attacks, and (c) assess whether these demonstrate weaknesses in current de-identification methods. Methods and Findings Searches were conducted in IEEE Xplore, ACM Digital Library, and PubMed. After screening, fourteen eligible articles representing distinct attacks were identified. On average, approximately a quarter of the records were re-identified across all studies (0.26 with 95% CI 0.046–0.478) and 0.34 for attacks on health data (95% CI 0–0.744). There was considerable uncertainty around the proportions as evidenced by the wide confidence intervals, and the mean proportion of records re-identified was sensitive to unpublished studies. Two of fourteen attacks were performed with data that was de-identified using existing standards. Only one of these attacks was on health data, which resulted in a success rate of 0.00013. Conclusions The current evidence shows a high re-identification rate but is dominated by small-scale studies on data that was not de-identified according to existing standards. This evidence is insufficient to draw conclusions about the efficacy of de-identification methods.
            Article 0 comments Cited 115 times – based on 0 reviews     Review now
              Bookmark
              • Record: found
              • Abstract: found
              • Article: not found

              Security and privacy in electronic health records: a systematic literature review.

              José Fernández Alemán, Inmaculada Carrión Señor, Pedro Lozoya (2013)
              To report the results of a systematic literature review concerning the security and privacy of electronic health record (EHR) systems.
              Article 0 comments Cited 101 times – based on 0 reviews     Review now
                Bookmark
                All references

                Author and article information

                Contributors
                Raphaël Chevrier:
                Division of Medical Information SciencesUniversity Hospitals of GenevaRue Gabrielle-Perret-Gentil, 4Geneva, 1205Switzerland41 223790847raphael.chevrier@hcuge.ch
                ORCID: http://orcid.org/0000-0002-0334-4883
                Journal
                Journal ID (nlm-ta): J Med Internet Res
                Journal ID (iso-abbrev): J. Med. Internet Res
                Journal ID (publisher-id): JMIR
                Title: Journal of Medical Internet Research
                Publisher: JMIR Publications (Toronto, Canada )
                ISSN (Print): 1439-4456
                ISSN (Electronic): 1438-8871
                Publication date Collection: May 2019
                Publication date (Electronic): 31 May 2019
                Volume: 21
                Issue: 5
                Electronic Location Identifier: e13484
                Affiliations
                [1 ] Division of Medical Information Sciences University Hospitals of Geneva Geneva Switzerland
                [2 ] Faculty of Medicine University of Geneva Geneva Switzerland
                Author notes
                Corresponding Author: Raphaël Chevrier raphael.chevrier@ 123456hcuge.ch
                Author information
                http://orcid.org/0000-0002-0334-4883
                http://orcid.org/0000-0002-8625-0734
                http://orcid.org/0000-0001-6527-5898
                http://orcid.org/0000-0001-8692-7402
                http://orcid.org/0000-0002-2681-8076
                Article
                Publisher ID: v21i5e13484
                DOI: 10.2196/13484
                PMC ID: 6658290
                PubMed ID: 31152528
                SO-VID: 65dc59ca-4410-428d-9410-6f094f818508
                Copyright © ©Raphaël Chevrier, Vasiliki Foufi, Christophe Gaudet-Blavignac, Arnaud Robert, Christian Lovis. Originally published in the Journal of Medical Internet Research (http://www.jmir.org), 31.05.2019.
                License:

                This is an open-access article distributed under the terms of the Creative Commons Attribution License ( https://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work, first published in the Journal of Medical Internet Research, is properly cited. The complete bibliographic information, a link to the original publication on http://www.jmir.org/.as well as this copyright and license information must be included.

                History
                Date received : 24 January 2019
                Date revision requested : 13 February 2019
                Date revision received : 29 March 2019
                Date accepted : 26 April 2019
                Categories
                Subject: Review
                Subject: Review

                ScienceOpen disciplines: Medicine
                Keywords: anonymization,anonymisation,de-identification,deidentification,pseudonymization,privacy,confidentiality,secondary use,data protection,scoping review
                Data availability:
                ScienceOpen disciplines: Medicine
                Keywords: anonymization, anonymisation, de-identification, deidentification, pseudonymization, privacy, confidentiality, secondary use, data protection, scoping review

                Comments

                Comment on this article

                scite_

                Similar content65

                See all similar

                Cited by34

                See all cited by

                Most referenced authors603

                See all reference authors