Prof. Sweeney, EPIC, 50 Tech Experts Urge Government to Strengthen "Common Rule," Encourage Research on Techniques for Deidentification
In extensive comments to the Department of Health and Human Services, Professor Latanya Sweeney of the Data Privacy Lab, EPIC, Patient Privacy Rights, and 50 data privacy researchers, warned the federal agency that medical privacy standards for deidentification are "gravely inadequate" and that proposed changes to the Common Rule would deprive the public and policymakers information about the risks of reidentification. The group urged support for stronger techniques for deidentificaiton, based on recent advances in theoretical computer science. Earlier this year, EPIC filed an amicus brief in a Supreme Court case IMS Health v. Sorrell, warning that the deidentification technique adopted by dataminers was not sufficient to protect patient privacy. For more information, see EPIC: Privacy and the Common Rule and EPIC: Medical Record Privacy.