Learning from experience: privacy and the secondary use of data in health research.

Health services research must continually address the question: Under what conditions may data not collected specifically for research, such as primary medical data, be re-used for research without compromising the privacy of the data-subjects? For secondary use of data in research there are basically three options. Option A: Use personal data with consent or other assent from the data-subjects. To make this both fairer and more practical, in many circumstances broader construals of consent, or permission or approval, need to be explored and instituted. Option B: Anonymise the data, then use them. For many studies, this is the most practical and desirable option. The craft of anonymisation, including reversible anonymisation, or key-coding, needs to be developed and more fully supported under law. Option C: Use personal data without explicit consent, under a public interest mandate. Whether and how the data should be anonymised will depend on the situation. Public health mandates and protections deserve to be clarified, strengthened and extended for a variety of surveillance, registration, clinical audit, health services research and other types of investigation. Safeguards are an integral part of the research promise to the public, offer crucial reassurance and should be emphasised. For health services research, databases are core resources, and their stewardship must be cultivated.