Pilot evaluation of sensitive data segmentation technology for privacy

Adela Grando; Davide Sottara; Ripudaman Singh; Anita Murcko; Hiral Soni; Tianyu Tang; Nassim Idouraine; Michael Todd; Mike Mote; Darwyn Chern; Christy Dye; Mary Jo Whitfield

doi:10.1016/j.ijmedinf.2020.104121

Pilot evaluation of sensitive data segmentation technology for privacy

Int J Med Inform. 2020 Jun:138:104121. doi: 10.1016/j.ijmedinf.2020.104121. Epub 2020 Mar 19.

Authors

Adela Grando¹, Davide Sottara², Ripudaman Singh³, Anita Murcko⁴, Hiral Soni⁴, Tianyu Tang⁵, Nassim Idouraine⁴, Michael Todd⁶, Mike Mote⁷, Darwyn Chern⁸, Christy Dye⁸, Mary Jo Whitfield⁹

Affiliations

¹ Biomedical Informatics, College of Health Solutions, Arizona State University, Scottsdale, AZ, United States. Electronic address: agrando@asu.edu.
² Mayo Clinic, Rochester, MN, United States.
³ School of Computing, Informatics and Decision Systems Engineering, Tempe, AZ, United States.
⁴ Biomedical Informatics, College of Health Solutions, Arizona State University, Scottsdale, AZ, United States.
⁵ University of Arizona, College of Medicine, Tucson, AZ, United States.
⁶ College of Nursing and Health Innovation, Arizona State University, Phoenix, United States.
⁷ Health Current, Phoenix, AZ, United States.
⁸ Partners in Recovery, Phoenix, AZ, United States.
⁹ Jewish Family and Children's Services, Phoenix, AZ, United States.

Abstract

Background: Consent2Share (C2S) is an open source software created by the Office of the National Coordinator Data Segmentation for Privacy initiative to support electronic health record (EHR) granular segmentation. To date, there are no published formal evaluations of Consent2Share.

Method: Structured data (e.g. medications) codified using standard clinical terminologies (e.g. RxNorm) was extracted from the EHR of 36 patients with behavioral health conditions from study sites. EHRs were available through a health information exchange and two sites. The EHR data was already classified into data types (e.g. procedures and services). Both Consent2Share and health providers classified EHR data based on value sets (e.g. mental health) and sensitivity (e.g. not sensitive. Descriptive statistics and Chi-square analysis were used to compare differences between data categorizations.

Results: From the resulting 1,080 medical records items, 584 were distinct. Significant differences were found between sensitivity classifications by Consent2Share and providers (χ2 (2, N = 584) = 114.74, p = <0.0001). Sensitivity comparisons led to 56.0 % of agreements, 31.2 % disagreements, and 12.8 % partial agreements. Most (97.8 %) disagreements resulted from information classified as not sensitive by Consent2Share, but sensitive by provider (e.g. behavioral health prevention education service). In terms of data types, most disagreements (57.1 %) focused on procedures and services information (e.g. ligation of fallopian tube). When considering value sets, most disagreements focused on genetic data (100.0 %), followed by sexual and reproductive health (88.9 %).

Conclusions: There is a need to further validate Consent2Share before broad use in health care settings. The outcomes from this pilot study will help guide improvements in segmentation logic of tools like Consent2Share and may set the stage for a new generation of personalized consent engines.

Keywords: Data privacy; Data segmentation; Electronic medical records.

Publication types

Research Support, N.I.H., Extramural

MeSH terms

Electronic Health Records*
Female
Health Information Exchange
Humans
Pilot Projects
Privacy*
Software

Grants and funding

R01 MH108992/MH/NIMH NIH HHS/United States