Privacy interests in prescription data, part 2: Patient privacy

Abstract

Prescription data disclosed by pharmacies without patient consent, could constitute a breach of privacy if individual patients can be re-identified by third parties. This article analyzes the concept of identifiability under Canadian and US privacy laws, including applicable thresholds of risk and the perspective from which the risk must be examined. The article goes on to examine concrete examples of how the risk of re-identifiability of prescription data can materialize in practice. // NOTE // This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.