Appl Clin Inform 2012; 03(04): 392-403
DOI: 10.4338/ACI-2012-07-RA-0028
Research Article
Schattauer GmbH

The False Security of Blind Dates

Chrononymization’s Lack of Impact on Data Privacy of Laboratory Data
J.J. Cimino
1  NIH Clinical Center, US National Institutes of Health, Bethesda, Maryland, USA
› Author Affiliations
Further Information

Publication History

Received 13 July 2012

Accepted 01 October 2012

Publication Date:
19 December 2017 (online)


Background: The reuse of clinical data for research purposes requires methods for the protection of personal privacy. One general approach is the removal of personal identifiers from the data. A frequent part of this anonymization process is the removal of times and dates, which we refer to as “chrononymization.” While this step can make the association with identified data (such as public information or a small sample of patient information) more difficult, it comes at a cost to the usefulness of the data for research.

Objectives: We sought to determine whether removal of dates from common laboratory test panels offers any advantage in protecting such data from re-identification.

Methods: We obtained a set of results for 5.9 million laboratory panels from the National Institutes of Health’s (NIH) Biomedical Translational Research Information System (BTRIS), selected a random set of 20,000 panels from the larger source sets, and then identified all matches between the sets.

Results: We found that while removal of dates could hinder the re-identification of a single test result, such removal had almost no effect when entire panels were used.

Conclusions: Our results suggest that reliance on chrononymization provides a false sense of security for the protection of laboratory test results. As a result of this study, the NIH has chosen to rely on policy solutions, such as strong data use agreements, rather than removal of dates when reusing clinical data for research purposes.

Citation: Cimino J.J. The false security of blind dates: Chrononymization’s lack of impact on data privacy of laboratory data. Appl Clin Inf 2012; 3: 392–403