Using routinely collected patient data with and without consent: Trust and professionalism
de Lusignan S.
We are all committed to keeping health data private; and whilst Navarro and Neame have completely different models their very different approaches both seek to mitigate the same risks. Both authors make a valuable contribution to this current debate. Navarro suggest we should measure 'privacy risk breach' and to present a simple theoretical framework for its assessment (privacy risk breech = nature of the data x trust). Neame urges us to think carefully and separately about the context and content of data and to adopt strict rules for sharing context. He also presents a much more patient-centred framework for sharing health data, and health card controlled data access. Hinds presents a model whereby researchers can continue to utilise these data goldmines - something the public currently support. However, this is not support we should take for granted and active engagement of the public in this research and the past and current consultations are to be welcomed in this context. Emerging professionalism in informatics should help develop better definitions and core generaliseable theory about risks to patients' privacy about how to mitigate them; but more importantly informaticians who can be trusted. Further research is needed to explore how to measure the risks and consequences of privacy breach. However, if sharing of health data is blocked then patients may continue to suffer because information known about them in one part of the health system is not made available in another; and research which might improve patient care will not be done. Informatics groups should not allow themselves the luxury of adopting an unconstructive critical approach - but instead should either support current consensus statements or come up with specific proposals of how these might be improved. © 2008 PHCSG, British Computer Society.