Anonymized health IT data still traceable, House panel warned

As electronic health records start to become pervasive in physician practices--thanks in no small measure to federal incentives--there's a growing worry that electronically-collected health data could violate individual privacy, even when the data has been stripped of personally identifiable information.

Testifying before a House panel on Sept. 30, Deven McGraw, director of the health privacy project at the Center for Democracy and Technology and a member of the federal advisory Health IT Policy Committee, warned that de-identified health data released for analytical purposes can still be traced back to individuals.

"There is value to making data that has a very low risk of re-identification available for a broad range of purposes, as long as the standards for de-identification are rigorous, and there are sufficient prohibitions against re-identification. Neither condition is present today," McGraw wrote in her prepared testimony for the House Science and Technology subcommittee on technology and innovation.