Summary
E-health allows better communication between health care providers and higher availability of medical data leading to reduced costs and better quality of patients' treatments. However, the downside of interconnected systems is the increased probability of unauthorized access to highly sensitive records which could result in serious discrimination against the patient or identity theft. This article gives an overview of actual privacy threats, such as genetic discrimination, and presents a pseudonymization approach that keeps the patient's privacy and data confidentiality but – at the same time – allows access for authorized persons. This allows primary use of the medical records by health care providers and privacy-preserving secondary use by researchers.
Zusammenfassung
E-Health erlaubt eine effiziente Kommunikation zwischen Gesundheitsdiensteanbietern (GDA) und somit die bessere Verfügbarkeit medizinischer Daten, wodurch nicht nur die Kosten im Gesundheitswesen reduziert, sondern auch die Qualität der Patientenbehandlung verbessert werden kann. Der wesentliche Nachteil der resultierenden Vernetzung besteht in der zunehmenden Wahrscheinlichkeit unautorisierter Zugriffe auf streng vertrauliche Patientendaten, die beispielsweise zur Diskriminierung der betroffenen Personen oder zu Identitätsdiebstahl führen können. Dieser Artikel gibt einen Überblick über gängige Gefahren für den Datenschutz im Gesundheitswesen, so zum Beispiel genetische Diskriminierung. Die Autoren präsentieren einen Ansatz, der basierend auf der Pseudonymisierung von Daten die Vertraulichkeit der Patientendaten garantiert, jedoch gleichzeitig autorisierten Personen den Zugriff gestattet. Dieser Ansatz ermöglicht die direkte Verwendung medizinischer Daten durch GDAs sowie die datenschutzkonforme indirekte Nutzung (Sekundärnutzung) der Daten, beispielsweise durch Forschungseinrichtungen.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Literatur
Aggarwal, C. (2005): On k-anonymity and the curse of dimensionality. In: Proc. of the 31st Int. Conf. on Very Large Databases (VLDB)
Charles, N. (2001): Telling them no. People 56 (2): 81
Chaudry, B., Wang, J., Wu, S., Maglione, M., Mojica, W., Roth, E., Morton, S. C., Shekelle, P. G. (2006): Systematic review: impact of health information technology on quality, efficiency, and costs of medical care. Annals of Internal Medicine 144 (10): 742–752
Coalition for Genetic Fairness (2004): Faces of genetic discrimination – how genetic discrimination affects real people
Congress of the United States of America (2008): Genetic information nondiscrimination act
Council for Responsible Genetics: Genetic discrimination, http://www.councilforresponsiblegenetics.org/ (January 2001)
European Union (1995): Directive 95/46/ec of the European parliament and of the council of 24 october 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Official Journal of the European Communities L 281: 31–50
Evans, R. S., Pestotnik, S. L., Classen, D. C., Bass, S. B., Burke, J. P. (1992): Prevention of adverse drug events through computerized surveillance. In: Proc. of the Annual Symp. on Computer Application in Medical Care 1992: 437–441
Fischer-Hübner, S. (2001): IT-Security and Privacy: Design and Use of Privacy-Enhancing Security Mechanisms. Berlin: Springer
Halbert, T., Ingulli, E. (2008): Law and ethics in the business environment. South-Western College/West, 6th edition
Kaushal, R., Jha, A. K., Franz, C., Glaser, J., Shetty, K. D., Jaggi, T., Middleton, B., Kuperman, G. J., Khorasani, R., Tanasijevic, M., Bates, D. W. (2006): Return on investment for a computerized physician order entry system. Journal of the American Medical Informatics Association 13: 261–266
Roses, A. D. (2000): Pharmacogenetics and the practice of medicine. Nature 405: 857–865
Safran, C., Bloomrosen, M., Hammond, W. E., Labkoff, S., Markel-Fox, S., Tang, P. C., Detmer, D. E. (2007): Toward a national framework for the secondary use of health data: an American medical informatics association white paper. Journal of the American Medical Informatics Association 14: 1–9
Thomson, D., Bzdel. L., Golden-Biddle, K., Reay, T., Estabrooks, C. A. (2005): Central questions of anonymization: a case study of secondary use of qualitative data. Forum Qualitative Social Research 6: 29
United States Department of Health & Human Service (2006): Health Insurance Portability and Accountability Act of 1996. Public Law 104–191
"Verraten und verkauft" – Das Geschäft mit unseren Daten. Stern Nr. 36/2008
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Neubauer, T., Heurix, J., Min Tjoa, A. et al. Pseudonymisierung für die datenschutzkonforme Speicherung medizinischer Daten. Elektrotech. Inftech. 127, 135–142 (2010). https://doi.org/10.1007/s00502-010-0733-2
Received:
Accepted:
Issue Date:
DOI: https://doi.org/10.1007/s00502-010-0733-2