Skip to main page content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Access keys NCBI Homepage MyNCBI Homepage Main Content Main Navigation
Review
. 2013 Mar 22:13:39.
doi: 10.1186/1472-6947-13-39.

Managing protected health information in distributed research network environments: automated review to facilitate collaboration

Christine E Bredfeldt  1 Amy ButaniSandhyasree PadmanabhanPaul HitzRoy Pardee
Affiliations
Review

Managing protected health information in distributed research network environments: automated review to facilitate collaboration

Christine E Bredfeldt et al. BMC Med Inform Decis Mak. .

Abstract

Background: Multi-site health sciences research is becoming more common, as it enables investigation of rare outcomes and diseases and new healthcare innovations. Multi-site research usually involves the transfer of large amounts of research data between collaborators, which increases the potential for accidental disclosures of protected health information (PHI). Standard protocols for preventing release of PHI are extremely vulnerable to human error, particularly when the shared data sets are large.

Methods: To address this problem, we developed an automated program (SAS macro) to identify possible PHI in research data before it is transferred between research sites. The macro reviews all data in a designated directory to identify suspicious variable names and data patterns. The macro looks for variables that may contain personal identifiers such as medical record numbers and social security numbers. In addition, the macro identifies dates and numbers that may identify people who belong to small groups, who may be identifiable even in the absences of traditional identifiers.

Results: Evaluation of the macro on 100 sample research data sets indicated a recall of 0.98 and precision of 0.81.

Conclusions: When implemented consistently, the macro has the potential to streamline the PHI review process and significantly reduce accidental PHI disclosures.

PubMed Disclaimer

Figures

Figure 1
Figure 1
Example of a report from the PHI detection macro. (a) High level analysis showing the number of files in the transfer directory, by file type. (b) Detailed report of potential PHI in the sas data set files in the transfer directory (top), as well as example records (middle) and minimum values of numerical variables.
See this image and copyright information in PMC

References

    1. Brown JS, Holmes JH, Shah K, Hall K, Lazarus R, Platt R. Distributed health data networks: a practical and preferred approach to multi-institutional evaluations of comparative effectiveness, safety, and quality of care. Med Care. 2010;48(6 Suppl):S45–S51. - PubMed
    1. Durham ML. Partnerships for research among managed care organizations. Health Aff (Millwood) 1998;17(1):111–122. doi: 10.1377/hlthaff.17.1.111. - DOI - PubMed
    1. Baggs J, Gee J, Lewis E, Fowler G, Benson P, Lieu T, Naleway A, Klein NP, Baxter R, Belongia E. The vaccine safety Datalink: a model for monitoring immunization safety. Pediatrics. 2011;127(Suppl 1):S45–S53. - PubMed
    1. Quality AfHRa: centers for education & research on therapeutics (CERTs) 2012. http://certs.hhs.gov/
    1. Curtis LH, Weiner MG, Boudreau DM, Cooper WO, Daniel GW, Nair VP, Raebel MA, Beaulieu NU, Rosofsky R, Woodworth TS. Design considerations, architecture, and use of the mini-sentinel distributed data system. Pharmacoepidemiol Drug Saf. 2012;21(Suppl 1):23–31. - PubMed

LinkOut - more resources