Perspectives on De-Identification
Has your organization been considering de-identification? It’s not a simple undertaking to use Protected Health Information (PHI) for secondary purposes. There is a lot of risk when dealing with PHI. There are legal considerations, financial considerations, and reputational considerations. The costs of a breach are staggering, but there are valid reasons to utilize health data for secondary purposes. Understanding the risks is important but also understanding the reasons and methods to safely and responsibly releasing PHI.
Exploring this topic is not strange to us – in fact, we created the white paper, Perspectives on Heath Data De-Identification with the intention of delving deeper into reoccurring topics. In true salon fashion, we gathered three pervasive themes into one place. The pieces feature the voice of Dr. Khaled El Emam, a leading expert in the space of HIPAA’s Expert Determination and strong advocate for a risk-based approach.
In the first article, On the Limits of the Safe Harbor De-Identification, Dr. El Emam takes a critical view at the Safe Harbor standard so many organizations are using. He looks specifically at how it lacks a risk measurement, key to stopping adversaries from reversing Safe Harbor techniques and re-identifying individuals in datasets.
In Benefiting from Big Data while Protecting Individual Privacy, he enforces the fact we do live in the age of Big Data – but also big privacy. Both can co-exist, but only when the right protections are placed on PHI.
His last article, De-Identification and Data Masking, explains the key differentiators in these two methods. He reviews the right – and wrong – techniques for effective masking and steers his audience into a discussion of why masking is just not enough for most organizations. He wraps it up with key takeaways to remember when applying a defensible strategy.
Discussion around de-identification has been limited to small circles. Come on in and learn more from the experts.
- Turn Data Assets into Business Opportunity Under CCPADecember 19, 2019
- How does risk-based anonymization work?December 18, 2019
- Why should I use Expert Determination over Safe Harbor?December 18, 2019
- What do I need to know about GDPR, HIPAA and CCPA to meet our regulatory and privacy obligations?December 18, 2019
- Should we invest in building our own de-identification capability?December 17, 2019
- GDPR and The Future of Clinical Trials Data SharingMarch 18, 2019
- Advancing Principled Data Practices in Support of Emerging TechnologiesMarch 15, 2019
- “Zero Risk Does Not Exist”February 7, 2019
- Is Anonymization Possible with Current Technologies?January 9, 2019
- Comparing the benefits of pseudonymisation and anonymisation under the GDPRDecember 20, 2018