Making the Case for De-identification
When sharing sensitive data for secondary purposes, there is no question that the data must be de-identified. As proponents of risk-based de-identification, we advocate for risk-measurement to be a major component to any de-identification initiative. Using risk measurement as part of a data sharing strategy has a two-fold benefit:
- It ensures that the appropriate level of de-identification can and will be applied to the dataset, thereby allowing different techniques to be used.
- It ensures that there is minimal residual risk contained in the dataset after it has been de-identified. This means your organization is protected in the event of a HIPAA audit or, heaven-forbid, a data breach.
Why do we make the case for de-identification
Having a good case for de-identification helps convince data users of the need for having a systematic and repeatable process for “anonymizing” data – de-identifying the data to the point that the individuals in it are rendered anonymous.
This also addresses any resistance if there is a history of getting data with little or no de-identification – risks are high when sharing protected health information. De-identification in inherently an exercise in risk-management.
When is de-identification necessary
De-identification is required to share data when prior consent to release the data was not obtained. Often it’s not practical to obtain consent (for instance, when a new mother is about to deliver her first child). Regardless of consent, it is permissible to share health data, but it must be de-identified under HIPAA’s guidelines first.
Considerations when de-identifying data
Most data custodians are generally reluctant to disclose personal health information even if permitted. However, demand for health data is growing. This is where the case for de-identification practices come in. By applying rigorous de-identification practices into your organization’s workflow, you balance the need for data while maintaining public trust. There is also serious cost avoidance from data breaches – because properly de-identified data is anonymous. “Regardless of the method by which de-identification is achieved, the Privacy Rule does not restrict the use or disclosure of de-identified health information, as it is no longer considered protected health information.”
- One Year In: How the Opening of Health Canada’s Portal Affects YouMay 4, 2020
- Turn Data Assets into Business Opportunity Under CCPADecember 19, 2019
- How does risk-based anonymization work?December 18, 2019
- Why should I use Expert Determination over Safe Harbor?December 18, 2019
- What do I need to know about GDPR, HIPAA and CCPA to meet our regulatory and privacy obligations?December 18, 2019
- Putting our passion into action against COVID-19April 15, 2020
- GDPR and The Future of Clinical Trials Data SharingMarch 18, 2019
- Advancing Principled Data Practices in Support of Emerging TechnologiesMarch 15, 2019
- “Zero Risk Does Not Exist”February 7, 2019
- Is Anonymization Possible with Current Technologies?January 9, 2019