In Reply

Abstract

In Reply.—Dr Apfelroth has packed a wide assortment of complaints into his letter. He seems to be attacking the Zero-Check protocol, disputing my expressed motives for creating the protocol, denouncing HIPAA, ridiculing the professionals who wrote HIPAA, and challenging their authority to set standards for de-identification. He advises like-minded health professionals to defy the HIPAA regulations and recruit bureaucracy-free experts to defend them when their violations land them in court. I doubt that this advice will bring much cheer to hospital administrators, legal staff, or Institutional Review Board members. In the final 2 sentences of his letter, he offers a solution, with explanation, to the problem of cross-institutional patient record merges using a daring and seemingly impossible interpretation of a plainly written HIPAA ruling.I can clarify a few points raised by Dr Apfelroth. Zero-Check is a protocol and is not an algorithm, or a function, or a type of hash, or an implementation and does not use a key.1 One of the steps of the Zero-Check protocol involves taking a character string and summing it with a random number, thus producing another random number. This is the computer equivalent of a 1-time pad operation. In a 1-time pad operation, an identifying character string is replaced by a seemingly random number. All the computer power in the world working for all the time remaining in the universe cannot decrypt a random number.2 When a 1-time pad is destroyed (by the two parties involved in the protocol), it becomes possible to conduct a so-called zero knowledge transaction where a specific question is answered while neither party gains any knowledge about the other's data record. The Zero-Check protocol provides a strategy whereby 2 parties can determine whether medical records in their institutions belong to the same patient, without exchanging patient identifiers and without either institution identifying their own patients. When I wrote that under certain circumstances there is a functional equivalence between the 1-time pad operation and the 1-way hash operation, it was only meant to indicate that in both operations, an identifier is replaced by a seemingly random string of characters, and that the original identifier cannot be reconstructed by any examination or manipulation of the resulting character string. Privacy protocols tend to have subtle strengths and weaknesses, and they are much more easily misunderstood than understood.Although HIPAA may have its faults, my experience is that HIPAA is a vast improvement over tried (and failed) congressional efforts to write privacy laws.3 It is also an improvement over the many state laws addressing the same subject. In my opinion, the portions of HIPAA dealing with the research uses of medical data contain some of the most thoughtful and inventive comment that I have ever read on the subject of record de-identification.Zero-Check was written as a data-sharing tool. Quoting the Zero-Check article, “This protocol is just one example of those new methods that will permit pathologists to comply with National Institutes of Health data-sharing policies and with HIPAA privacy laws.” We need a variety of approaches to patient confidentiality.45 It is important to publish these efforts so that researchers can cite published protocols when they include data-sharing proposals in their applications to IRBs and to funding agencies. I would hope that IRBs and study sections will appreciate data-sharing protocols from peer-reviewed journal articles focused on patient protection and HIPAA compliancy.In a recent editorial, I noted that patents are being eagerly pursued in the realm of de-identification protocols.6 If this trend continues and patents for de-identification are awarded, HIPAA will no longer be the biggest obstacle to data sharing. In the future, pathologists may find it difficult to do research with pathology records unless they pay licensing fees to patent holders of de-identification protocols. That's why, from my perspective, it's less important to argue over the relative values of different protocols and more important to develop a variety of public domain protocols that we can modify/improve in our research projects, without paying license fees.