Data Pseudonymization in a Range That Does Not Affect Data Quality: Correlation with the Degree of Participation of Clinicians.

Personal medical information is an essential resource for research; however, there are laws that regulate its use, and it typically has to be pseudonymized or anonymized. When data are anonymized, the quantity and quality of extractable information decrease significantly. From the perspective of a clinical researcher, a method of achieving pseudonymized data without degrading data quality while also preventing data loss is proposed herein. As the level of pseudonymization varies according to the research purpose, the pseudonymization method applied should be carefully chosen. Therefore, the active participation of clinicians is crucial to transform the data according to the research purpose. This can contribute to data security by simply transforming the data through secondary data processing. Case studies demonstrated that, compared with the initial baseline data, there was a clinically significant difference in the number of datapoints added with the participation of a clinician (from 267,979 to 280,127 points, P < 0.001). Thus, depending on the degree of clinician participation, data anonymization may not affect data quality and quantity, and proper data quality management along with data security are emphasized. Although the pseudonymization level and clinical use of data have a trade-off relationship, it is possible to create pseudonymized data while maintaining the data quality required for a given research purpose. Therefore, rather than relying solely on security guidelines, the active participation of clinicians is important.

Anonymity in EU Health Law: Not an Alternative to Information Governance.

Data sharing has long been a cornerstone of healthcare and research and is only due to become more important with the rise of Big Data analytics and advanced therapies. Cell therapies, for example, rely not only on donated cells but also essentially on donated information to make them traceable. Despite the associated importance of concepts such as 'donor anonymity', the concept of anonymisation remains contentious. The Article 29 Working Party's 2014 guidance on 'Anonymisation Techniques' has perhaps helped encourage a perception that anonymity is the result of data modification 'techniques', rather than a broader process involving management of information and context. In light of this enduring ambiguity, this article advocates a 'relative' understanding of anonymity and supports this interpretation with reference not only to the General Data Protection Regulation but also to European Union health-related legislation, which also alludes to the concept. Anonymity, I suggest, should be understood not as a 'technique' which removes the need for information governance but rather as a legal standard of reasonable risk-management, which can only be satisfied by effective data protection. As such, anonymity can be not so much an alternative to data protection as its mirror, requiring similar safeguards to maintain privacy and confidentiality.

Hacking HIPAA: "Best Practices" for Avoiding Oversight in the Sale of Your Identifiable Medical Information.

In light of the confusion invited by applying the label "de-identified" to information that can be used to identify patients, it is paramount that regulators, compliance professionals, patient advocates and the general public understand the significant differences between the standards applied by HIPAA and those applied by permissive "de-identification guidelines." This Article discusses those differences in detail. The discussion proceeds in four Parts. Part II (HIPAA's Heartbeat: Why HIPAA Protects Identifiable Patient Information) examines Congress's motivations for defining individually identifiable health information broadly, which included to stop the harms patients endured prior to 1996 arising from the commercial sale of their medical records. Part III (Taking the "I" Out of Identifiable Information: HIPAA's Requirements for De-Identified Health Information) discusses HIPAA's requirements for de-identification that were never intended to create a loophole for identifiable patient information to escape HIPAA's protections. Part IV (Anatomy of a Hack: Methods for Labeling Identifiable information "De-Identified") examines the goals, methods, and results of permissive "de-identification guidelines" and compares them to HIPAA's requirements. Part V (Protecting Un-Protected Health Information) evaluates the suitability of permissive "de-identification guidelines," concluding that the vulnerabilities inherent in their current articulation render them ineffective as a data protection standard. It also discusses ways in which compliance professionals, regulators, and advocates can foster accountability and transparency in the utilization of health information that can be used to identify patients.

Health Research, Consent and the GDPR Exemption.

This article analyses the balance which the GDPR strikes between two important social values: protecting personal health data and facilitating health research through the lens of the consent requirement and the research exemption. The article shows that the normative weight of the consent requirement differs depending on the context for the health research in question. This more substantive approach to consent is reflected in the research exemption which allows for a more nuanced balancing of interests. However, because the GDPR articulates the exemption at an abstract and principled level, in practice the balance is struck at Member State level. Thus, the GDPR increases difficulties for EU cross-border health projects and impedes the policy goal of creating a harmonised regulatory framework for health research. The article argues that in order to address this problem, the European Data Protection Board should provide specific guidance on the operation of consent in health research.

Pesquisa com prontuário: análise ético-jurídica à luz dos direitos humanos dos pacientes / Research ethics and access to medical records based on the human rights of patients

Este artigo objetiva analisar as normas internacionais e nacionais que tratam de ética em pesquisa e do acesso a dados de prontuário com base no referencial dos Direitos Humanos dos Pacientes, particularmente do direito à privacidade e do direito à confidencialidade. Neste estudo optou-se pela análise de normas nacionais e internacionais, com base no direito à privacidade e no direito à confidencialidade da informação pessoal. A partir das normas objeto dessa investigação, extraem-se as seguintes prescrições ético-jurídicas: a) o direito à privacidade e à confidencialidade do paciente/participante é o balizador ético jurídico da pesquisa envolvendo seres humanos e os interesses da produção científica não se sobrepõem ao do participante; b) o segundo uso de informação pessoal do paciente para fins de pesquisa não deve ser, prima facie, legalmente vedado; c) ferramentas devem ser adotadas visando assegurar a eticidade do segundo uso de dados pessoais para fins de pesquisa, tal como a anonimização de dados e o emprego de cláusulas especificas. Conclui-se que o segundo uso de dados do prontuário para fins de pesquisa há que ser legalmente autorizado e regulado e que a regra geral deve ser o acesso ao prontuário para fins de pesquisa consentido pelo paciente/participante, essa é a premissa de atuação de qualquer órgão de ética em pesquisa

This article aims to analyze international and national norms on research ethics and access to medical records based on the Human Rights of Patients, particularly the right to privacy and the right to confidentiality. It is a research of theoretical nature based on the Human Rights of Patients. In this study, we opted for the analysis of national and international norms based on the right to privacy and the right to confidentiality of personal information. The following ethical and legal prescriptions are taken out from the norms analyzed: a) the right to privacy and to confidentiality is the ethical-legal benchmark of research involving human subjects and the interests of scientific knowledge do not overlap the participant interest; b) the second use of the patient's personal information for research purposes should not be prima facie legally prohibited; c) tools should be adopted to ensure the ethics of the second use of personal data for research purposes, such as data anonymization and the use of specific clauses. It was concluded that the second use of the medical record for research purposes must be legally authorized and regulated and that the general rule should be access to medical records for the purposes of research by consent of the patient / participant, this is the premiseof any body of research ethics

Revisión de las categorías jurídicas de la normativa europea ante la tecnología del big data aplicada a la salud / Revision of the legal categories of the European regulation in the face of big data technology applied to health

El nuevo RGPD dedica una mayor atención específica a los datos personales relativos a la salud, lo cual era estrictamente necesario. Además, se incluyen de forma explícita y por primera vez varias referencias a los datos genéticos en cuanto datos relativos a la salud, aunque separados de éstos. La posición actual de la UE y de los EM sobre el estatuto jurídico de los datos relativos a la salud ha cambiado sensiblemente, pues, aunque éstos conservan su condición de datos "sensibles", esto es, de datos que gozan de una protección jurídica especial, se ha decidido también facilitar el acceso a estos datos por parte de los diversos profesionales de la salud que tengan que prestar su actividad asistencial con el fin de ganar en eficacia y en rapidez respecto a dicho acceso. Mientras que en este supuesto se han querido primar los intereses del propio titular de los datos en relación con su salud, en el caso de la investigación relativa a la salud o biomédica con la eliminación o relajación de ciertos requisitos se ha dado preferencia al interés social que representa la misma frente al derecho individual a la protección de los datos personales, en la medida en que los resultados y avances científicos en el sector de la salud contribuyen al bienestar de la colectividad. Es obvio que otras disposiciones de carácter más general, que atienden también a situaciones nuevas o cambiantes, y por tanto a las necesidades jurídicas actuales, serán aplicables asimismo a los datos relativos a la salud; así, respecto al tratamiento masivo de datos y el flujo transnacional de datos, que han experimentado modificaciones relevantes con el nuevo marco legal europeo y, como es sabido, ambos supuestos son de extraordinario interés para los datos relativos a la salud. Coherentemente, la legislación interna de nuestro país sobre protección de datos personales ha sido objeto de revisión y de adaptación parlamentarias al RGPD mediante la promulgación de una nueva ley orgánica. En este artículo el autor estudia algunos conceptos y categorías jurídicas nuevos o revisados por la nueva regulación europea o que requieren un enfoque diferente, con el fin de delimitar su verdadero significado y alcance en la actualidad. Para este fin, tiene presente la nueva regulación estatal sobre protección de datos cuando resulta pertinente

The new GDPR devotes more specific attention to personal data relating to health, which was strictly necessary. In addition, for the first time a number of references to genetic data are explicitly included as health-related data but separate from them. The current position of the EU and the MS on the legal status of health data has changed significantly, even though they retain their status as "sensitive" data, i.e. data enjoying special legal protection, it has also been decided to facilitate access to these data by the various health professionals who have to provide care in order to increase the efficiency and speed of such access. While in this case the interests of the data subject in relation to his/her health have been prioritised, in the case of health or biomedical research with the elimination or relaxation of certain requirements, preference has been given to the social interest which it represents over the individual right to the protection of personal data, insofar as scientific results and advances in the health sector contribute to the well-being of the community. It is obvious that other provisions of a more general nature, which also deal with new or changing situations, and therefore with current legal needs, will also apply to data relating to health; thus, with regard to the massive processing of data and the transnational flow of data, which have undergone relevant modifications with the new European legal framework and, as is known, both assumptions are of extraordinary interest for data relating to health. Consistently, our country's internal legislation on the protection of personal data has been subject to parliamentary revision and adaptation to the GDPR through the enactment of a new fundamental law. In this paper the author studies some legal concepts and categories that are new or revised by the new European regulation or that require a different approach, in order to delimit their true meaning and scope at present. To this end, the author takes into account the new state regulation on data protection when it is relevant for that purpose

Implicaciones jurídicas de la internalización de la tecnología del Big Data y Derecho Internacional Privado / Legal implications of the internalization of big data technology and private international law

Este trabajo tiene como objetivo explicar el concepto de Big Data y las consecuencias legales que, a nivel internacional, ha traído consigo el uso de esta tecnología. Somos conscientes que debido al avance tecnológico han irrumpido en el tejido empresarial una serie de organizaciones cuya actividad principal es la prestación de servicios de Big Data. Este estudio está dividido en tres grandes partes: en la primera de ellas, abordaremos el concepto de Big Data y las características que hacen tan singular esta tecnología, para así, entender el motivo por el cual se ha convertido en la herramienta fundamental de las empresas internacionales que se dedican a la prestación de servicios se tratamiento de datos; la segunda parte está dedicada a las implicaciones legales del Big Data susceptibles de problemas de Derecho internacional privado (la protección de datos, la protección legal del algoritmo y la base de datos, las relaciones contractuales y las relaciones laborales en las que se utiliza la tecnología Big Data); y, finalmente, la tercera parte, teniendo en cuenta la posible problemática que pueda surgir y la responsabilidad contractual y extracontractual que pueda generar el uso de la tecnología Big Data, consideramos de gran importancia abordar los temas relativos a la competencia judicial internacional y la determinación de la ley aplicable

This work aims to explain the concept of Big Data and the legal consequences that, at international level, has brought with it the use of this technology. We are aware that due to technological progress, a number of organizations whose main activity is the provision of Big Data services have entered the business fabric. This study is divided into three major parts: in the first of them, we will address the concept of Big Data and the characteristics that make this technology so unique, in order to understand the reason why it has become the fundamental tool of companies international that are dedicated to the provision of services are data processing; the second part is dedicated to the legal implications of Big Data susceptible to problems of private international law (data protection, legal protection of the algorithm and database, contractual relationships and labour relations in which technology is used Big Data); and, finally, the third part, taking into account the possible problems that may arise and the contractual and non-contractual responsibility that may be generated by the use of Big Data technology, we consider it of great importance to address issues related to international judicial competence and the determination of the applicable law

La legitimación para el tratamiento de categorías especiales de datos con finalidades de investigación en el marco del Reglamento (UE) 2016/679 y de la Ley Orgánica 3/2018 / Legitimation for the processing of special categories of data for research purposes within the framework of Regulation (EU) 2016/679 and Fundamental Law 3/2018

La entrada en vigor del Reglamento (UE) 2016/679 del Parlamento y el Consejo Europeo, de 27 de abril de 2016, relativo a la protección de las personas físicas en cuanto al tratamiento de datos personales y a la libre circulación de estos datos y por el cual se deroga la Directiva 95/46/CE (en adelante Reglamento (UE) 2016/679), y de la Ley Orgánica 3/2018, de 5 de diciembre, de Protección de Datos Personales y garantía de los derechos digitales (en adelante LOPD-GDD), supone un impacto directo en las condiciones de uso de datos de salud o datos genéticos para investigación biomédica. A través del Reglamento (UE) 2016/679, y en especial de la Disposición Adicional decimoséptima de la LOPD-GDD, se regulan las condiciones de uso de datos de salud y genéticos con finalidades de investigación, introduciendo novedades en cuanto a su uso y ofreciendo nuevas bases de legitimación para su uso, siendo necesario analizar la incidencia práctica que van a tener

The entry into force of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (here in after Regulation (EU) 2016/679), and Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights (in forward LOPD-GDD), implies a direct impact on the conditions of the use of health data or genetic data for biomedical research. The Regulation (EU) 2016/679, and especially the additional seventeenth provision of LOPD-GDD, establish the conditions for the use of health and genetic data for research purposes and introducing and offering new bases of legitimacy for their use. It is necessary to analyze the practical implications that they are going to have

Autodeterminación informativa, validez del consentimiento y protección de datos sensibles: críticas al nuevo marco normativo / Informative self-determination, validity of consent and protection of sensitive data: criticisms of the new regulatory framework

La entrada en vigor del Reglamento (UE) 2016/679 del Parlamento Europeo y del Consejo de 27 de abril de 2016 relativo a la protección de las personas físicas en lo que respecta al tratamiento de datos personales y a la libre circulación de estos datos y de la nueva Ley Orgánica 3/2018, de 5 de diciembre de Protección de Datos Personales y Garantía de los Derechos Digitales, ha supuesto un antes y un después en cuanto a la toma de conciencia del valor de nuestros datos personales y de nuestra facultad de disponer y controlar su uso. Sin embargo, en relación a la problemática en torno al tratamiento de los datos clínicos y genéticos, las imprecisiones y dudas persisten. Cambia el nombre, no la sustancia

The entry into force of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and the new Organic Law 3/2018, of December 5, Protection of Personal Data and Guarantee of Digital Rights, has meant a before and after in terms of becoming aware of the value of our personal data and our ability to dispose and control their use. However, regarding problems around the treatment of health and genetic data, the inaccuracies and doubts still persist. The name changes, but not the substance

Regulación del tratamiento de los datos en proyectos de investigación sanitaria, en especial, en la aplicación de las tecnologías Bigdata / Regulation of data processing in health research projects, in particular in the application of Bigdata technologies

El presente trabajo tiene por finalidad aclarar el panorama dibujado por los nuevos instrumentos normativos europeos sobre protección de datos en orden a establecer unas rutas de control de los proyectos de investigación con datos de salud en entornos de Bigdata. Aclarar qué rutas debe seguir el investigador de la Biomedicina en el desarrollo de su su tarea sometiéndola a los nuevos controles éticos y jurídicos, contribuirá sin duda a mejorar la calidad de la investigación y de la protección del ciudadano, atendiendo también a un desempeño más eficiente de los órganos de decisión y autorización, que hoy se ven desbordados, no solo por las informaciones que deben tener en cuenta, sino por la constatación de la inseguridad que supone la interpretación de este nuevo marco normativo. Al mismo tiempo, este esfuerzo de clarificación pretende satisfacer la creciente y urgente demanda social de transparencia en la investigación biomédica

This paper aims to clarify the picture drawn by new data protection regulatory instruments in order to establish control routes of health research projects in Bigdata environments. Clarifing which routes should follow the researcher in biomedicine in the development of their task by subjecting it to the new ethical and legal controls, will contribute to improve the quality of research and the protection of the citizen, also attending to a more efficient performance of decision making boards and control authorities. These instances are overwhelmed, not only for the information to be taken into account, but also because of the doubts posed by the interpretation of this new regulatory framework. At the same time, this effort is intended to meet the urgent and growing social demand for transparency in biomedical research

Protección de los datos personales de salud en el proceso penal: efectos en la valoración de la prueba / Protection of personal health data in criminal proceedings: effects on the evaluation of evidence

Este trabajo cuestiona el valor que se debe dar a la prueba que se ha obtenido vulnerando el derecho fundamental a la protección de los datos personales, en general, y a los relativos a la salud, en particular y cuáles deben ser las consecuencias de esa valoración judicial en el proceso penal. Se reclama una regulación procesal más precisa que otorgue mayores garantías al tratamiento de los datos personales del investigado en el proceso penal con el fin de evitar la vulneración de este derecho

This research paper questions the value that should be given to the evidence that has been obtained in violation of the fundamental right to the protection of personal data, in general, and those relating to health, in particular, and what the consequences of that should be judicial evaluation in the criminal process. It demands a more precise procedural regulation that grants greater guarantees to the treatment of the personal data of the investigated in the criminal process in order to avoid the violation of this right

Informe 073667/2018 de la Agencia Española de Protección de Datos sobre la incidencia en el ámbito de la investigación biomédica del Reglamento General de Protección de Datos / No disponible

No disponible

Observational health research in Europe: understanding the General Data Protection Regulation and underlying debate.

Insights into the incidence and survival of cancer, the influence of lifestyle and environmental factors and the interaction of treatment regimens with outcomes are hugely dependent on observational research, patient data derived from the healthcare system and from volunteers participating in cohort studies, often non-selective. Since 25th May 2018, the European General Data Protection Regulation (GDPR) applies to such data. The GDPR focusses on more individual control for data subjects of 'their' data. Yet, the GDPR was preceded by a long debate. The research community participated actively in that debate, and as a result, the GDPR has research exemptions as well. Some of those apply directly; other exemptions need to be implemented into national law. Those exemptions will be discussed together with a general outline of the GDPR. I propose a substantive definition of research-absent in the GDPR-which can warrant its special status in the GDPR. The debate is not over yet. Most legal texts exhibit ambiguity and are interpreted against a background of values. In this case, those could be subsumed under informational self-determination versus solidarity and the deeper meaning of autonomy. Values will also guide national implementation and their interpretation. The value of individual control or informational self-determination should be balanced by nuanced visions about our mutual dependency in healthcare, as an ever-learning system, especially in the European solidarity-based healthcare systems. Good research governance might be a way forward to escape the consent or anonymise dichotomy.

Walking along the road with anonymous users in similar attributes.

Recently, the ubiquitousness of smartphones and tablet computers have changed the style of people's daily life. With this tendency, location based service (LBS) has become one of the prosperous types of service along with the wireless and positioning technology development. However, as the LBS server needs precise location information about the user to provide service result, the procedure of LBS may reveal location privacy, especially when a user is utilizing continuous query along the road. In continuous query, attributes of the user are released inadvertently with per-query, and the information can be collected by an adversary as background knowledge to correlate the location trajectory and infer the personal privacy. Although, a user can employ a central server (CS) to provide privacy preservation for his location, the trustfulness of CS still is without testified and it is usually considered as an un-trusted entity. Thus, in this paper, the trustfulness of CS is verified by a game tree, and then with the result we propose a hash based attribute anonymous scheme (short for HBAA) to obfuscate the attributes released in each query along the road. With the help of HBAA, the CS has no opportunity to get any information about the user who sends his query for generalization service. Furthermore, as the set of attributes is transmitted into a fixed length of hash value, the processing time that spent in attribute generalization is stripped down and the performance of executive efficiency is improved. At last, security analysis and simulation experiment are proposed, and then results of security proving as well as simulation experiments further reflect the superiority of our proposed scheme.