Patient privacy in the era of medical computer networks: a new paradigm for a new technology.

For twenty five years the legal system has tried to protect the privacy of identified patient data contained in information systems. The rapid development of such technology has repeatedly frustrated the public policies incorporated into the legal system. However the newest information technologies provide the possibility of fundamentally changing the way information is stored in the health care system and, by "De personalizing the data," allow restoration of a reasonable level of personal privacy, without interfering with the legitimate needs for medical data. The system would require a secure "identifier control facility" and act as a network "file access table" able to reconstruct widely distributed bits of the patients record. A disaggregated "virtual record" would replace the integrated patient file, and the risks to data privacy inherent in the use of names or permanent identification numbers would be eliminated.