This cartoon is about de-identifying PHI under HIPAA. De-identifying personal data is quite complicated. Researchers have been able to re-identify sets of personal data with just names, birth dates, and gender. The reason why de-identifying data is difficult is that there is more and more identified personal data online that can be matched up with de-identified data and used to link up names.
According to the AP:
Google Inc. is rebuffing the Bush administration’s demand for a peek at what millions of people have been looking up on the Internet’s leading search engine — a request that underscores the potential for online databases to become tools for government surveillance.
Mountain View-based Google has refused to comply with a White House subpoena first issued last summer, prompting U.S. Attorney General Alberto Gonzales this week to ask a federal judge in San Jose for an order to hand over the requested records.
The government wants a list all requests entered into Google’s search engine during an unspecified single week — a breakdown that could conceivably span tens of millions of queries. In addition, it seeks 1 million randomly selected Web addresses from various Google databases.