Linkage of De-Identified Records in Accordance to the European Legislation

Linkage of De-Identified Records in Accordance to the European Legislation

C Quantin (Service de Biostatistique et d'Informatique Médicale (DIM), France & INSERM U866 Université de Bourgogne, France), E Benzenine (Service de Biostatistique et d'Informatique Médicale (DIM), France), M Guesdon (Service de Biostatistique et d'Informatique Médicale (DIM), France), JB Gouyon (Centre d'Etudes Périnatales de l'Océan Indien, La Réunion, France) and FA Allaert (The Evaluation of the Medical Claims of Health Foods, France)
DOI: 10.4018/978-1-4666-5888-2.ch319

Chapter Preview



Legislation on the Security of Nominative Information in Europe

The European directive of 24 October 1995 (Directive 95/46/CE) relative to the protection of physical persons with regard to the processing of personal data and the free circulation of these data has defined “personal data,” as “any information relating to an identified or identifiable natural person ('data subject'); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity.” Given the above considerations, the notion of nominative or personal data concerns a vast amount of information even though the name no longer appears and there is no table to link the name of the person with the alphanumeric code that has replaced it. From a statistical point of view, the chances of identifying a person from apparently anonymous information is far from zero, given the possibility of linkage with the enormous diversity of existing or future files. Who in France would have believed, only a short time ago, that the French tax authorities would be authorized by law to computer process your National Health Insurance number?

Data processing was primarily regulated under the provisions for the Internal Market. Therefore, the general Data Protection Directive 95/46 combines two goals: protecting the fundamental right to data protection and ensuring the free flow of personal data within the internal market.

Most of the difficulties encountered in drafting the Directive, which aimed to harmonise protection provided by national legislation, came about because of the balance between these two principles.

Rather than opt for a maximalist solution that would have imposed as the standard the highest level of protection provided for in the different national legislations, the European legislator seems to have preferred a compromise, which was more difficult to establish, but complied more closely with the community view. It sought the highest level of protection that was acceptable without jeopardizing the protection of individual freedom and was yet compatible with the possible short-term evolution in the legislation in countries that provided the weakest protection to their residents. The resulting text, like all compromises, may have appeared to the most demanding countries as a step backwards with regard to the guarantees provided to citizens. However, it reflects the high priority the European Union gives to enabling less developed countries or countries with very different cultures to integrate the community process without too much antagonism.

Processing involving files that include personal data, and in particular health data, must be conducted in the context of a legal framework that guarantees the rights of patients (patients’ information, data security and confidentiality).

Though the legal framework for processing health data in the context of healthcare or interventional research is clearly defined by current legislation, it is not the case when the final purpose of the processing is modified (reuse of health data for research purposes). Because of this legal void, the actors (healthcare professionals, researchers, managers of healthcare information systems) have to identify the ethical and legal aspects to respect in this new context.

In France, the French Commission for Data Protection (CNIL) and various Committees for the Protection of Persons (CPP) have put forward several proposals to establish an agreement protocol concerning the sharing of data within hospitals. Certain hospitals implemented, following approval from the CNIL and the CPP, a health-data sharing surveillance committee within the establishment. The role of this committee is to provide information on and apply the current legislation by approving and authorizing such uses.

Key Terms in this Chapter

Security: Ensuring the security of the information means preventing the information from being deformed, damaged or communicated to a non-authorized third party, and notably ensuring its confidentiality, authenticity and integrity while making it available to authorized persons.

Health Statistics: The study of the collection, organization, analysis, interpretation and presentation of data in the domain of Health.

Anonymisation: Process of removing from data the part which would allow to relate to a physical person.

Private/Personal Data: Data which can be related to a physical person.

Data Linkage: Process of creating relations between two sets of data, using for example shared identifiers or redundant information between sets.

Medical Information: Knowledge acquired through experience or study in medical domain.

Legislation: The laws so made.

Complete Chapter List

Search this Book: