ABSTRACT
Using and disclosing patients' medical information only threatens their privacy if they can be identified from it. Although identifiable information usually is required for the provision of actual care and treatment, this is not always the case for other types of activities. Many of the secondary purposes for which medical records are used, such as research, disease surveillance and planning, require access to individual patient data, but do not require that patients are actually identified. These purposes often can be achieved, therefore, by use of anonymous data. Doing this will not only protect patients' privacy, but also may benefit healthcare providers and data users, as there are less legal restrictions controlling the way this type of data can be used.
