Anonymization of Longitudinal Electronic Medical Records for Clinical Research

Abstract

Electronic medical record (EMR) systems have enabled healthcare providers to collect detailed patient information from the primary care domain. At the same time, longitudinal data derived from EMRs are increasingly combined with biorepositories to generate personalized clinical decision support protocols. Emerging policies encourage investigators to disseminate such data in a de-identified form for reuse and collaboration, but organizations are hesitant to do so because they fear such actions will jeopardize patient privacy. In particular, there are concerns that residual demographic and clinical features could be exploited for re-identification purposes. Various approaches have been developed to anonymize clinical data, but they neglect replicated diagnosis and temporal information and are thus insufficient for emerging biomedical research paradigms. <br><br> This work proposes two novel privacy-preserving approaches to share patient-specific longitudinal data and a special case of such data while retaining their utility for biomedical investigations. Our methods use heuristics inspired from sequence alignment, clustering and statistics. We demonstrate that the proposed approaches can generate anonymized data that permit effective biomedical analysis, using several patient cohorts derived from the EMR system of the Vanderbilt University Medical Center.