Strategic Disregard · Mar 24, 09:00 PM

Related Articles

The following letter, a response to Jon Brodkin’s March 2 article, Study Links Autism, Vaccine, was published in the March 18 Metro West Daily News.

In “Study Links Autism, Vaccine,” Jon Brodkin neglected to cite parents like me who do not attribute our children’s autistic spectrum conditions to vaccines, and are not involved in thimerosal litigation. I know I am not the only person who objects to litigants’ insupportable and stigmatizing assertions that most autistic individuals are “poisoned,” and their promotion of potentially risky “detoxification” treatments that possess little scientific data to substantiate their underlying premises or efficacy.
Dr. Robert Davis was generous in limiting his criticism to Mark and David Geier’s data sources. Dr. Geier’s approval to conduct a 2004 research project was suspended by Kaiser Permanente’s Institutional Review Board (IRB) for his reported attempts to conduct unapproved analyses and remove unauthorized material from the CDC’s Research Data Center.
Richard Deth speaks glowingly about the Geiers’ analysis of Vaccine Adverse Events Reporting System (VAERS) data, U.S. Department of Education (DOE) and California Department of Developmental Services (DDS) statistics. Professor Deth’s enthusiasm should be accompanied by an acknowledgement of his and Dr. Geier’s roles as expert witnesses who stand to benefit from [service to] plaintiffs. Litigants like Jared Hansen have warmly received the Geiers’ article because it supports their legal strategy of demonstrating a decrease in autism prevalence following removal of thimerosal from routine childhood vaccinations.
However, the Geiers’ interpretation strategically disregards studies indicating the deleterious influence of litigation on VAERS data, and the unreliability of DOE statistics for epidemiology. The California DDS has issued caveats that their statistics should not be interpreted as measures of autism prevalence.
Kathleen Seidel

Shortly after the letter’s publication, Paul G. King — an editor of Medical Veritas, a journal devoted to criticism of vaccines — posted a lengthy commentary to the Evidence of Harm discussion list. Mr. King’s commentary was, in turn, analyzed in depth by the blogger Interverbal. Mr. King specifically took umbrage at my reference to the suspension of Mark and David Geier’s approval to conduct a vaccine safety study, using data contained in the Vaccine Safety Datalink (VSD).

The VSD contains private medical information on millions of U.S. citizens, provided by four large health maintenance organizations under legal obligation to safeguard patient privacy. It also serves as a data source for large epidemiological studies, such as the 2003 study, Safety of Thimerosal-Containing Vaccines. After submitting a clearly-delineated research protocol for review, the Geiers — legal consultants specializing in service to plaintiffs in personal-injury litigation — received approval to conduct an independent study of adverse reactions to DTaP vaccine. After their January 2004 work session at the CDC Research Data Center in Hyattsville, Maryland, Jeanne Santoli, M.D., Acting Associate Director for Science of the National Immunization Program, sent a letter to the Kaiser Permanente Foundation Research Institute, outlining serious procedural violations reported by security personnel.

[M]y office has received reports from the technical monitors[...] describ[ing] potential breaches in confidentiality and execution of analyses that were not approved in advance[...] during the first visit the researchers conducted unapproved analysis on their datasets and on the second visit attempted to carry out unapproved analyses but did not complete this attempt. This analysis, had it been completed, could have increased the risk of a confidentiality breach. Before leaving, the researchers renamed files for removal which were not allowed to be removed. Had it gone undetected, this would have constituted a breach of the rules about confidentiality.

Kaiser Permanente’s Institutional Review Board responded to these allegations with a suspension of the Geiers’ approval to conduct investigations at the CDC’s Research Data Center. They explained that:

On February 19, 2004, the Kaiser Permanente Northern California Institutional Review Board suspended your research project pending the following: Submission of a response from you to the attached letter[...] The IRB views with great concern the reported attempt to breach confidentiality and your attempts to merge data and conduct analyses which were not in accord with CDC procedures.

In his commentary on my letter to the Metro West Daily News, Mr. King stated that:

After investigating the charges, Kaiser Permanente’s IRB and the other IRBs found the CDC’s charges to be baseless, and the IRB’s reinstated the Geiers’ access to the VSD database.

In fact, after sending my letter to the editor, while researching on my article, Strange Bedfellows, I discovered Dr. Geier and Mr. Geier’s March 1, 2004 response to their IRB suspension, as well as a presentation to the Institute of Medicine in which they chronicled their tale of woe.

In their response, they deny the CDC’s supposedly “baseless” allegations that they:

1) executed analyses outside of the IRB approved protocol; and
2) purposefully acted to breach patient confidentiality by merging datasets across studies to create a composite data file.

They describe the two hypotheses contained in their IRB approved protocol:

The first hypothesis focused on whether or not there was an increased risk for an acute adverse event (list of 15) within thirty (30) days after vaccination with acellular DtaP.
The second hypothesis focused on whether or not there was an increased risk for a chronic adverse event (same list of 15) within one year after vaccination with acellular DtaP.

They describe various direct identifiers that were not contained in the VSD datasets (i.e., names, addresses, zip code, state of residence, phone number, HMO membership information or clinic location), and the random patient identification numbers assigned to each entry. They describe the indirect identifiers that were contained in the VSD datasets (i.e., specific vaccine and brand name, diagnostic code and date of diagnosis assigned, maternal age, APGAR score at birth, birthweight, gestation and race), then state that:

since different brand name vaccines are used, it is not violative of the protocol to examine whether or not an acute or chronic condition is associated with a specific vaccine and not acellular DtaP vaccines in general[...] For CDC to allege that we have violated the protocol is disingenuous since we have not even been allowed to finish our analysis.

The Geiers here claim to have followed the design of their research protocol, yet simultaneously acknowledge that they were attempting to conduct analyses of information not encompassed by it — that is, analyses of adverse reactions to DTaP by specific brand, rather than DTaP in general. They assert that they did not violate their protocol because they were unable to finish the analysis that they had started; however, a researcher’s simple initiation of unapproved analyses would be widely regarded as a violation.

An exhaustive description follows of various procedural requirements and security safeguards imposed upon researchers who seek access to confidential data. The reader learns that:

The monitors ensure at the end of each session that no actual VSD raw data is exported from the VSD in digital, printed, or written form.

The Geiers assert that,

It is impossible for the datasets given to us by CDC to be merged,

then segue to a complaint about restrictions placed on their work. The CDC’s allegations are detailed:

Dr. Santoli’s letter alleges during a visit to the data center on January 29-30, 2004 we “ran a program which attempted to merge datasets and the visit ended with cancellation of a SAS program that had been running for more than 45 minutes and was intended to have more than 8 million records in it.”

The Geiers acknowledge that,

What we were attempting to accomplish was to merge the datasets given to us by CDC to build a record containing the following information on a patient: race, sex, date of vaccination, name brand of vaccine used, date of ICD-9 code assignment if given, birthweight, APGAR, maternal age and gestation. The computer available for us at the research data center is obsolete and is completely inadequate to even analyze the information contained in a single vaccine dataset…

To justify their attempt to merge datasets, they refer to the absence of direct identifiers in patient records, apparently unaware or dismissive of the well-documented fact that aggregation of indirect identifiers (such as race, sex, birthweight, APGAR, maternal age, gestation, and date of vaccination) would compromise the confidentiality of private health information. Modern data mining software heightens the risk that patient confidentiality might be compromised by statistical researchers, hence the proliferation of guidelines for the conduct of such research.

The end of the work session is then described.

In addition, Dr. Santoli’s letter further alleges that “the external researchers attempted renaming the data files with the ‘.sas’ extension reserved for program files. The violation was detected and only the correct files were ultimately released.” We acknowledge that this file was made in error and in fact, it was our computer programmer who pointed out this error to the CDC.

Having previously noted the inadequacy of the CDC’s computers to perform the data merge they desired, the Geiers now admit that security inspectors found them in possession of data files created without authorization, bearing erroneous file extensions that might have facilitated their removal from the Research Data Center.

The reader is assured, however, that there is no cause for suspicion or alarm — it was all a big mistake.

The Geiers’ reply closes with reference to the political forces that originally opened the doors of the Research Data Center to them:

One final note, we were asked by members of Congress to investigate the VSD, especially with regards to the thimerosal and neurodevelopmental disorder issue[...] We have always and will continue to guard patient confidentiality with the greatest care. We would appreciate a timely restoration of our access to the VSD in order to continue our scientific work.

The same sort of political pressure that enabled this legal consulting team to initially gain access to millions of private patient records was brought to bear in the spring and summer of 2004. Vaccine litigant groups and their political allies trivialized concerns about the privacy of patient records, characterizing these concerns as a “false pretext” for the denial of the Geiers’ access to VSD data. To my knowledge, no determination was ever made that the technical monitors’ allegations of misconduct were “baseless.” However, Mark Geier and David Geier’s IRB approval was reinstated that August. This reinstatement occurred in spite of their own admissions that they:

• initiated analyses not authorized in their research protocol;
• attempted unauthorized merging of datasets; and
• acquired unauthorized data files, which were named in a manner that, if undetected, could have enabled the removal from the Research Data Center of private information about millions of U.S. citizens.

Is it any wonder that responsible scientists, health care administrators and private citizens are concerned about the security of information provided to the Vaccine Safety Datalink?

Comments


  1. “the Geiers now admit that security inspectors found them in possession of data files created without authorization, bearing erroneous file extensions that might have facilitated their removal from the Research Data Center.”

    What other possible reason is there to alter file extensions if it wasn’t an attempt to make off with sensitive data?

    notmercury    Mar 25, 01:44 PM    #

  2. Gee, how could anyone question the integrity of people who would inject 5 year olds with big pharma’s Lupron Depot™ to cure the child of autism… because of the sheets of testosterone, you know.

    — Autism Diva    Mar 25, 05:23 PM    #

  3. There’s no other reason to alter file extensions than to attempt to disguise them.

    A files extension is a direct reference to the type of software application needed to run it. By altering it, one cannot even claim it was an accidental event. I have no idea what OS the CDC uses but Windows OS’s do not show file extensions by default. One is required to actively turn them on if one wants to edit them.

    Kev    Mar 25, 07:03 PM    #

  4. I’ve only been able to find one other copy of the letter online, linked from a 2004 press release about the IRB suspension. The press release refers to an explanation for the “accidental” file renaming that wasn’t included in the letter: “The CDC allegation that investigators attempted to rename files was a potential error in the system…”

    I bet you the reason you don’t find more anti-thimerosal activists linking to the letter is that the Geiers admitted that the technical monitors' allegations had a basis in fact; they simply offered justifications and excuses for it all, in between whining and complaining about all the oh-so-burdensome restrictions placed on them. It’s galling that Dan Burton and Dave Weldon (a doctor, no less!) would continue to push for "researchers" who have demonstrated such disregard for patient privacy, to be granted access to all that private medical information.

    Kathleen Seidel    Mar 26, 02:18 PM    #