[Linking anonymous databases for national and international multicenter epidemiological studies: a cryptographic algorithm]
Fiche publication
Date publication
février 2009
Auteurs
Membres identifiés du Cancéropôle Est :
Pr QUANTIN Catherine
Tous les auteurs :
Quantin C, Fassa M, Coatrieux G, Riandey B, Trouessin G, Allaert FA
Lien Pubmed
Résumé
BACKGROUND: Compiling individual records which come from different sources remains very important for multicenter epidemiological studies, but at the same time European directives or other national legislation concerning nominal data processing have to be respected. These legal aspects can be satisfied by implementing mechanisms that allow anonymization of patient data (such as hashing techniques). Moreover, for security reasons, official recommendations suggest using different cryptographic keys in combination with a cryptographic hash function for each study. Unfortunately, such an anonymization procedure is in contradiction with the common requirement in public health and biomedical research as it becomes almost impossible to link records from separate data collections where the same entity is not referenced in the same way. Solving this paradox by using methodology based on the combination of hashing and enciphering techniques is the main aim of this article. METHODS: The method relies on one of the best known hashing functions (the secure hash algorithm) to ensure the anonymity of personal information while providing greater resistance to dictionary attacks, combined with encryption techniques. The originality of the method relies on the way the combination of hashing and enciphering techniques is performed: like in asymmetric encryption, two keys are used but the private key depends on the patient's identity. RESULTS: The combination of hashing and enciphering techniques provides a great improvement in the overall security of the proposed scheme. CONCLUSION: This methodology makes the stored data available for use in the field of public health for the benefit of patients, while respecting legal security requirements.
Référence
Rev Epidemiol Sante Publique. 2009 Feb;57(1):33-9