BBC medical records story
Ken Brown
k.brown at ccs.bbk.ac.uk
Thu, 07 Mar 2002 09:37:52 +0000
M Taylor wrote:
[snip]
> > > c) consider Brands or Chum blinding to create secure "aliases" for
> > > all NHS patients, and treating the medical records of every patient as
> > > if they were a VIP.
> >
> > Nice in theory but I don't think pseudonyms will work all that well in
> > practice in this application. Many NHS records used to be
> > `de-identified' down to postcode plus date of birth, and
> > re-identifying them was so easy that in practice they worked like
> > fully identified records. Technical anonymity is much harder than you
> > think, and in an application like medicine where records contain many
> > facts about individuals, a pseudonym alone is not enough.
>
> I was thinking of multiple pseudonyms (i.e. one of GP, one for cancer
> treatment, one for STD clinic tests, etc.), but I suspect the necessary
> inter-linkage would break down.
Too right. When (God forbid) I fall under the proverbial bus (actually,
as a cyclist in London, it is much more likely to be a white van turning
left) and I'm lying in pain on a trolley in Guy's with the wrong number
of legs I *don't* want the anaesthetist to have to get the
rheumatologist's private key to find out I've been taking indomethacin
for gout and my GP's password to find out that I'm asthmatic.
Sometimes crypto is the wrong solution.
Ken