Comment by armchairhacker
8 days ago
It’s legal to publish anonymous patient data, doctors do it frequently e.g. in “case studies”. As long as it can’t be traced back to the patient I don’t see why they should care (I wouldn’t). And since it increases public knowledge (e.g. how to treat future patients) I think it’s not only ethical, but should be encouraged.
Doxxing also increases public knowledge, but knowing who’s behind some online pseudonym is much less useful than patient anecdotes (what would you do with the former? Satisfy your interest (or what else do you mean by “public interest”)?). Moreover, unlike anonymous patient data, it has a serious downside: risking someone’s job, relationships, or even life.
Case studies are done with consent, typically. That’s pretty different.
In principle, anonymized case studies do not require consent and historically, they were often published without. Without personally identifiable information, this is and always has been 100% legal. But in modern practice, many journals acknowledge that making a case fully anonymous in the age of the internet might not even be possible without taking away everything noteworthy, so they require some form of consent nowadays.
Alternatively they can do what Scott Alexander did and change irrelevant details.
1 reply →
It’s been known since at least the 90s that it’s really hard to fully anonymize patient records. You can’t be certain but you can infer probabilities from very little information.
1 reply →
I don’t know how typical it is, but HIPAA explicitly doesn’t cover patient data after anonymization, and anecdotally I’ve had an anonymous case study published about me without my consent (although I was notified after).