Should we de-identify if technology is moving so fast?

It is sometimes stated that re-identification technology is moving forward all the time, and that new databases useful for linking are being made available all of the time, and therefore that it is futile to de-identify any data sets. There are two counterarguments to this view.

First, if we adopted the "advances in technology will happen" argument then there is no point in using encryption technology either. New ways are being devised to break existing encryption algorithms, either through faster computers or clever algorithms. We know this is likely to happen. When this happens then material that was encrypted with the old technology may be compromised. We hope that this will happen far enough in the future that the compromised information has little value.

In the case of de-identification, we can do something else. With the exception of data sets that are disclosed in the public domain (e.g., on web sites), we can impose additional restrictions such as data sharing agreements and audits on the data recipients as a way to ensure good behavior. That way the custodian can still maintain some control even if technology does advance in the future to make it easier to re-identify individuals. Such agreements can have stipulations for data destruction as a way to mitigate the risk of re-identification becoming easier in the future, and have provisions prohibiting re-identification of the data.

The author(s) retain all copyright to this knowledgebase article. Please include a citation to the web page if you reuse this material. More information is available at our lab web site: http://www.ehealthinformation.ca/.