Electronic Health Records (EHRs) enable the sharing of patients’ medical data. Since EHRs include patients’ private data, access by researchers is restricted. Therefore k-anonymity is necessary to keep patients’ private data safe without damaging useful medical information. However, k-anonymity cannot prevent sensitive attribute disclosure. An alternative, l-diversity, has been proposed as a solution to this problem and is defined as: each Q-block (ie, each set of...

Background: Users of peer-to-peer (P2P) file-sharing networks risk the inadvertent disclosure of personal health information (PHI). In addition to potentially causing harm to the affected individuals, this can heighten the risk of data breaches for health information custodians. Automated PHI detection tools that crawl the P2P networks can identify PHI and alert custodians. While there has been previous work on the detection of personal information in electronic health records, there has been...

Background: Ubiquitous computing technology, sensor networks, wireless communication and the latest developments of the Internet have enabled the rise of a new concept—pervasive health—which takes place in an open, unsecure, and highly dynamic environment (ie, in the information space). To be successful, pervasive health requires implementable principles for privacy and trustworthiness. Objective: This research has two interconnected objectives. The first is to define pervasive...

Background: There are many benefits to open datasets. However, privacy concerns have hampered the widespread creation of open health data. There is a dearth of documented methods and case studies for the creation of public-use health data. We describe a new methodology for creating a longitudinal public health dataset in the context of the Heritage Health Prize (HHP). The HHP is a global data mining competition to predict, by using claims data, the number of days patients will be hospitalized...

During the last 5 years, an ethical debate has emerged, often in public media, about the potential positive and negative effects of physician rating sites and whether physician rating sites created by insurance companies or government agencies are ethical in their current states. Due to the lack of direct evidence of physician rating sites’ effects on physicians’ performance, patient outcomes, or the public’s trust in health care, most contributions refer to normative...

Background: While use of the Internet is increasingly widespread in research, little is known about the role of routine electronic mail (email) correspondence during recruitment and early volunteer–researcher interactions. To gain insight into the standpoint of volunteers we analyzed email communications in an early rheumatoid arthritis qualitative interview study. Objectives: The objectives of our study were (1) to understand the perspectives and motivations of individuals who...

Background: Findings and statements about how securely personal health information is managed in clinical research are mixed. Objective: The objective of our study was to evaluate the security of practices used to transfer and share sensitive files in clinical trials. Methods: Two studies were performed. First, 15 password-protected files that were transmitted by email during regulated Canadian clinical trials were obtained. Commercial password recovery tools were used on these files to try...

Background: Social networking site use is increasingly common among emerging medical professionals, with medical schools even reporting disciplinary student expulsion. Medical professionals who use social networking sites have unique responsibilities since their postings could violate patient privacy. However, it is unknown whether students and residents portray protected health information and under what circumstances or contexts. Objective: The objective of our study was to document and...