How feasible would it be to identify someone based from electrocardiogram (EKG, ECG) data? (Apparently the abbreviation “EKG” is more common in America and “ECG” is more common in the UK.
) Electrocardiograms are unique, but unique doesn’t necessarily mean identifiable.
Unique data isn’t identifiable without some way to map it to identities.
If you shuffle a deck of cards, you will probably produce an arrangement that has never occurred before.
But without some sort of registry mapping card deck orders to their shufflers, there’s no chance of identification.
(For identification, you’re better off dusting the cards for fingerprints, because there are registries of fingerprints.
) According to one survey , researchers have tried a wide variety of methods for identifying people from electrocardiograms.
They’ve used time-domain features such as peak amplitudes, slopes, variances, etc.
, as well as a variety of frequency-domain (DFT) features.
It seems that all these methods work moderately well, but none are great, and there’s no consensus regarding which approach is best.
If you have two EKGs on someone, how readily can you tell that they belong to the same person? The answer depends on the size of the set of EKGs you’re comparing it to.
The studies surveyed in  do some sort of similarity search, comparing a single EKG to tens of candidates.
The methods surveyed had an overall success rate of around 95%.
But these studies were based on small populations; at least at the time of publication no one had looked at matching an single EKG against thousands of possible matches.
In short, an electrocardiogram can identify someone with high probability once you know that they belong to a relatively small set of people for which you you have electrocardiograms.
More identification posts Inferring personal information from fitness data Computed IDs and privacy HIPAA deidentification  Antonio Fratini et al.
Individual identification via electrocardiogram analysis.
Biomed Eng Online.
2015; 14: 78.