Open Access News

News from the open access movement

Saturday, August 30, 2008

NIH takes two OA DNA databases offline to protect patient privacy

Jason Felch, DNA databases blocked from the public, Los Angeles Times, August 29, 2008.  Excerpt:

The National Institutes of Health quietly blocked public access to [formerly OA] databases of patient DNA profiles after learning of a study that found the genetic information may not be as anonymous as previously believed....

Institute officials took the unusual step Monday and removed two databases on its public website. The databases contained the genetic information of more than 60,000 cooperating patients. Scientists began posting the information publicly eight months ago to help further medical research.

Creators of the databases had taken steps to mask the identities of the patients....However, the independent study released today reported that a new type of DNA analysis could confirm the identity of an individual in a pool of similarly masked data if that person's genetic profile was already known....

"It's possible, but the likelihood is quite low" that a patient's privacy could have been violated, said Dr. Elizabeth Nable, head of the institute's genetic oversight body, in an interview Thursday evening. "We wanted to err on the side of caution." ...

Researchers favor public access to large pools of such data to speed the pace of medical innovation, but the privacy and public policy implications of such moves are still being understood.

Most patients in the databases signed consent forms after being promised their information would remain private....

Update. Also see the article by Elias Zerhouni and Elizabeth G. Nabel on the take-down, Science Magazine, September 4, 2008 (accessible only to subscribers). Zerhouni is the Director of the NIH and Nabel is Co-Chair of the Senior Oversight Committee, NIH Policy for Sharing GWAS Data, and Director of the National Heart, Lung, and Blood Institute.

Update (9/5/08).  Also see Natasha Gilbert's article in Nature News, September 4, 2008.  (Thanks to Kay Chapman.)  Excerpt:

...[S]cientists working in the field are complaining that the moves are premature and will impede research....

Update (9/11/08).  Kay Chapman asked me by email for my thoughts on this development, and then for permission for post them on her blog.  As long as she's posting them, I suppose I should post them as well.  (Thanks for the nudge, Kay.)

The NIH is as strong a supporter of OA as the Wellcome Trust.  But on medical data, both agree that privacy takes priority, or that only anonymized medical data can be made OA.  What’s interesting to me is that the method for identifying individuals from these data was discovered after the data were thought sufficiently private and put online.  Since scientific ingenuity is always at work, that suggests there may be a steadily creeping expansion of the privacy exception to OA.

I'm not very alarmed, in part because the same scientific ingenuity can find new ways to anonymize data, and in part because I share the view that patient privacy takes priority.

Because I don't work in the field, I have no opinion on whether the NIH/Wellcome action was really necessary to protect privacy.  But I don't think the action will have any effect on OA datasets where privacy is not an issue.