I've spent this morning sitting in on HealthGrid11 in a (slightly sunny) Bristol. The morning kicked off with a rather lively talk from Richard Sinnott the Director, eResearch for the University of Melbourne, and, for me, was followed up with a number of presentations on data sharing and security in HealthGrids.
In this session we heard from Dagmar Krefting of the Charité Universitätsmedizin Berlin who is working on the PneumoGrid project. PneumoGrid is applying grid technologies to the sharing and data processing of chronic obstructive pulmonary disease (COPD). COPD encompasses a number of conditions such as chronic bronchitis and emphysema which limit the airflow in lung sacs and affect breathing. Its main cause is smoking and - despite a number of global anti-smoking campaigns - it still causes 5% of all deaths, and has been estimated to be the third leading cause of death in 2030.
Dagmar's project is concerned with aiding the diagnosis and treatment of COPD. Doctors often treat the condition prescribe asthma-type sprays or breathing exercises. But how can they tell how well these treatments are working?
To do this patients are often monitored by attaching microphones to their chest, to listen to their breathing, and also through dynamic MRI using special contrast agents. But these techniques are very data intensive and also require a lot of analysis.
Like many other projects which deal with these issues, PneumoGrid uses the grid to provide a solution. Grids also allows clinicians to share data with each other. But this presents a problem - how to balance sharing vs privacy.
A way to ensure that patient data is kept safe is to anonymise it but this is a one-way street. Once identity information is removed, there's no way back, which makes it completely useless for treatment. So we have to use pseudoanonymisation instead. However this doesn't eliminate all risk. Reidenification can still occur if someone gets access to enough data about a person or if the reference information is discovered.
PneumoGrid has therefore separated the grid environments from the hospital environment and introduced a trusted third party in the middle to resolve this. Three other techniques - centralised pseudonym management, pooled temporary pseudonyms and twofold pseudonymisation - can also help prevent identification.
This goes to show that sharing health records is a massively hard task. But, with the amount of data we're now able to collect on healthcare, it's essential to solve, if we'd like to move towards better diagnosis, treatment and care of patients.