Agreed. I work on pharmacy data, which is additionally subject to HIPAA compliance. While the the pharmacy data does technically not contain anything identifiable, it is frightening how easily someone can match their own company's records up to a data set that is supposedly anonymous.