Info

Encrypted identifier

Yest

Yes

All

*This identifier might be encrypted during data transmission (i.e., the data transmission protocol would encrypt it before transmitting it over-the-wire and then decrypt it on the receiving end), but it would appear in the biosurveillance organization's data systems in unencrypted form. tA possible exception is when the data provider already has an internal identifier for an individual that is not publicly known.

*This identifier might be encrypted during data transmission (i.e., the data transmission protocol would encrypt it before transmitting it over-the-wire and then decrypt it on the receiving end), but it would appear in the biosurveillance organization's data systems in unencrypted form. tA possible exception is when the data provider already has an internal identifier for an individual that is not publicly known.

of decrypting the identifier when it was provided back to the data provider in a request for additional data.This functionality is unlikely to exist in most data providers, and a biosurveillance organization would have to negotiate with the data provider to develop it. Row 2 is an approach that requires no additional work by a data provider but is a gray area in terms of health statutes. Row 3 requires much less technical effort on the part of a data provider than does Row 4, and is more protective of privacy, so is perhaps less of a gray area than is Row 2.

4.4. Data Linkage

Data linkage is the joining of two or more datums that are characteristics of the same entity (e.g., because they are observation about the same patient, same physical location, or same blood sample). Data linkage is trivially easy if datum A and datum B share an identifier that uniquely identifies the entity (e.g., the patient's social security number, street address, or specimen identification number). Data linkage is devilishly hard or impossible if the observations do not satisfy this requirement.

The United States does not have a unique identification system for people. As a result, some hospitals use a patient's social security number to identify the person. Other hospitals use internally generated unique identification numbers. As a result, linking clinical data about the same individual across multiple healthcare contacts (e.g., information obtained from a call center, a subsequent visit to an doctor's office, and a subsequent hospital admission) cannot be done without some errors.

There are statistical algorithms that take as input whatever information the organization about the two datums (e.g., the name, street address, phone number, and zip codes) and produce as output a probability that the observations are for the same entity. The operator of the biosurveillance system must set a threshold probability above which the linkage is established and below which the data will not be linked. This technology is at the heart of all master-person index projects.

Was this article helpful?

0 0

Post a comment