A Primer on Protecting Health Information
Everything you need to know about PHI and de-identification (but were too afraid to ask)
With the growing use of electronic medical records, prevalence of electronic insurance claims processing and other hospital software systems, the amount of health data being collected is burgeoning. Some of the best standards for safeguarding privacy of personal information exist in the healthcare sector, with many jurisdictions – including the United States, Canada and the European Union – already having legislation in place.
Beyond the provision of patient care, this information can be invaluable in driving innovative research and providing new insights to address challenging healthcare problems. Unlocking PHI for secondary purposes means that health data can be used for research, analytics, certification, commercialization, and more. While the potential for great benefits is high, so are the risks.
Organizations need to focus on protecting their data holdings now more than ever. Ponemon called 2014 ‘a Year of Mega Breaches’, and so far, 2015 is not shaping up any better. Risks to data privacy can come not only from external threats, like hackers and criminals, but also from inadvertent data leaks and security vulnerabilities. In addition to the legal ramifications, data beaches can also impact an organization’s finances and reputation. De-identification allows for the sharing of personal health information by protecting individual privacy. By de-identifying a dataset, the chance that a person can be identified from their data is drastically reduced. In the event of a data breach, de-identification can significantly minimize the impact.
When implementing a de-identification solution, organizations can opt for a homegrown approach, engage a de-identification expert to act as a consultant, or they can purchase commercially available software that can automate the process. The white paper, De-Identification 101, acts as a primer on protecting health information. To understand more about this challenge, download your copy today.
- Turn Data Assets into Business Opportunity Under CCPADecember 19, 2019
- How does risk-based anonymization work?December 18, 2019
- Why should I use Expert Determination over Safe Harbor?December 18, 2019
- What do I need to know about GDPR, HIPAA and CCPA to meet our regulatory and privacy obligations?December 18, 2019
- Should we invest in building our own de-identification capability?December 17, 2019
- GDPR and The Future of Clinical Trials Data SharingMarch 18, 2019
- Advancing Principled Data Practices in Support of Emerging TechnologiesMarch 15, 2019
- “Zero Risk Does Not Exist”February 7, 2019
- Is Anonymization Possible with Current Technologies?January 9, 2019
- Comparing the benefits of pseudonymisation and anonymisation under the GDPRDecember 20, 2018