Medical records secured by code-changing algorithm

Medical records databases are a treasure trove for researchers – mapping trends in diseases and studying them to discover better treatment methods has never been easier.

Information that was previously available to a restricted number of researchers is now digital and accessible to many, making the issue of patient privacy prominent in discussions regarding the handling of these records.

Electronic medical records consist of very detailed patient data, where every disease, symptom or injury has its own code, which makes analysis easier and faster. But, the problem is that these codes are available through public databases and electronic medical records, and with this knowledge, this anonymized data can be still tied to the persons to whom it belongs.

To prove that this is a realistic problem, a research team form the Vanderbilt University in Nashville has conducted an experiment which resulted in 96 percent of the 2,762 patients belonging to the test group identified through diagnosis codes.

Scientific American reports that – as a solution to this problem – they introduced an algorithm that generalizes clinical information, but doesn’t interfere with the medical and genetic inter-data connections needed for research. The algorithm exchanges the publicly known ICD codes with an other code system.

They tested it by simulating a hacker attack, with the premise that the hacker is privy to the patients’ identity, their ICD codes and the fact that the patients’ data is included in the database. The test was completely successful – the hacker couldn’t uncover the patient’s private information, and the information remained useful for research.