Academic journal article University of New Brunswick Law Journal

Pandemics in a Connected World: Integrating Privacy with Public Health Surveillance

Academic journal article University of New Brunswick Law Journal

Pandemics in a Connected World: Integrating Privacy with Public Health Surveillance

Article excerpt

1. Context

In the 21st century, public health policies and interventions must contend with high human mobility, cross-border data sharing, and unprecedented data analytics capability, all while expectations of privacy continue to evolve. Data surveillance has become a key component of pandemic response plans. Experts predict that the future of public health data surveillance will involve the automatic collection of patient data from electronic health records, which may include the patient's name, address, risk factors, previous immunizations, and treatment. (1) Data collection for pandemics intervention would therefore become a by-product of electronic health record systems used in clinical care. One can imagine the pressure to share information across state borders for even more effective global surveillance.

While public health objectives are imperative during a pandemic, patients and suspected patients will be quick to highlight the privacy risks of pandemic response measures such as the public and institutional dissemination of personal information. At the individual level, these risks include ostracism, stigmatization, exposure of lifestyle, and restriction of freedom. At the collective level, intrusive measures may lead to discrimination, the erosion of medical support through the alienation of potential workers, and the subversion of containment efforts due to the reluctance of patients to seek treatment for fear of the consequences.

Therefore, in the context of electronic global information sharing and analysis, the full realization of public health surveillance goals to prevent and control pandemics requires commensurate safeguards to protect individual privacy and information security. Policy makers must aim to develop a framework that balances individual and collective interests. As discussed below, this will require both technological and administrative safeguards that arc commensurate with the serious risks.

2. A few facts to ground our legal analysis

A pandemic is defined as the global outbreak of a disease, entailing, by definition, cross-border manifestations. (2) Public health surveillance is described as the "continuous, systematic collection, analysis and interpretation of health- related data needed for the planning, implementation, and evaluation of public health practice." (3) The information exchange is ideally multi-institutional and multidisciplinary. Personal health information relates to the individual, while aggregate health data is population-level data reflecting collective trends. Some interventions require personal record-level data, while others require merely population-level data. (4) In addition to personal health data, public health surveillance may also need to rely on other personal information such as cell phone data or other geographical location systems. Mobile phone data (in the form of call data records) are viewed as important mechanisms for providing researchers with the ability to map outbreaks and track population flows so as to anticipate future areas of outbreaks and implement preventative measures. (5) In Mexico, for example, analysis of call data records has helped to measure how effective government mobility restrictions on citizens were in controlling the spread of the H1N1 flu epidemic. (6) In many cases, population- level data may simply be insufficient when dealing with serious virulent diseases that may require contact tracing and isolation measures to control spread of the illness.

Personal health information can be eponymous (where the individual's name is included), pseudonymous (where the name is replaced by a code number), or anonymous, de-identified, or anonymized (where the identifiers have been removed from the health information). (7) Technologists remind us regularly that even anonymized information can be linked back to identifiers with lesser or greater effort depending on numerous factors, such as the size of the sample and the nature of the information that is not de-identified. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed


An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.