Sale of state databases threatens patient privacy

Hospital data compiled by states and sold to researchers, marketers and others could be used to identify patients when combined with other publicly available information, according to a year-long investigation by Bloomberg. The investigation found public health databases can be paired with news stories and other information to identify patients. Bloomberg reporter Jordan Robertson teamed up with professor Latanya Sweeney--director of the Data Privacy Lab at Harvard University--for the investigation. Sweeney revealed only three pieces of information--ZIP code, date of birth and gender--can be combined with other publicly available information to identify anonymous participants in a public DNA database. Although many states follow HIPAA privacy rule guidelines, which require discharge data be stripped of identifying information, such as age and ZIP code, Washington and at least 25 other states release some combination of these identifiers. >> Read the full FierceHealthIT article