The IT Law Wiki


32,068pages on
this wiki
Add New Page
Add New Page Talk0

Definitions Edit

Data protection Edit

De-identification is a "general term for any process of removing the association between a set of identifying data and the data subject."[1]

Health information Edit


involves the removal of protected health information (PHI) (e.g., name, date of birth, and Social Security number) that can be used to identify an individual.[2]
[t]o ensure that individuals' records have all data elements removed before the data is shared for statistical, research, public health, or other reasons that do not benefit the data subject directly, and for which no authorization has been provided, such that there is no reasonable basis to believe that the information can be used to identify an individual. De-identification can be accomplished by removing the data permanently (anonymization); permanently replacing each data element removed with a placeholder, sometimes called a "token" (pseudonymization); or replacing each datum with a unique token and maintaining a record (usually through a third party) such that it is possible to re-identify the individual through appropriate channels, such as having a third party contact the individual's care provider (reversible pseudonymization, or re-identification).[3]

HIPAA Privacy Rule Edit

The requirements for de-identification under the HIPAA Privacy Rule are explicitly laid out in Section 45 C.F.R. 164.514, Other requirements relating to uses and disclosures of health information, subsections (a) (Standard: de-identification of health information), (b) (Implementation specifications: requirements for de-identification of health information), and (c) (Implementation specifications: re-identification).

References Edit

  1. ISO/TS 25237-2008.
  2. Prescription Drug Data: HHS Has Issued Health Privacy and Security Regulations but Needs to Improve Guidance and Oversight, at 7.
  3. NISTIR 7497, Glossary, at C-2.

See also Edit

External sources Edit

  • Ann Cavoukian & Khaled El Emam, "Dispelling the Myths Surrounding De-identification: Anonymization Remains a Strong Tool for Protecting Privacy" (June 2011) (full-text).
  • Ann Cavoukian, "Looking Forward: De-identification Developments–New Tools, New Challenges" (May 2013) (full-text).

Also on Fandom

Random Wiki