With the growing use of electronic medical records, prevalence of electronic insurance claims processing and other hospital software systems, the amount of health data being collected is burgeoning. Some of the best standards for safeguarding privacy of personal information exist in the healthcare sector, with many jurisdictions – including the United States, Canada and the European Union – already having legislation in place.
Beyond the provision of patient care, this information can be invaluable in driving innovative research and providing new insights to address challenging healthcare problems. Unlocking PHI for secondary purposes means that health data can be used for research, analytics, certification, commercialization, and more. While the potential for great benefits is high, so are the risks.
Organizations need to focus on protecting their data holdings now more than ever. Ponemon called 2014 ‘a Year of Mega Breaches’, and so far, 2015 is not shaping up any better. Risks to data privacy can come not only from external threats, like hackers and criminals, but also from inadvertent data leaks and security vulnerabilities. In addition to the legal ramifications, data beaches can also impact an organization’s finances and reputation. De-identification allows for the sharing of personal health information by protecting individual privacy. By de-identifying a dataset, the chance that a person can be identified from their data is drastically reduced. In the event of a data breach, de-identification can significantly minimize the impact.
When implementing a de-identification solution, organizations can opt for a homegrown approach, engage a de-identification expert to act as a consultant, or they can purchase commercially available software that can automate the process. The white paper, De-Identification 101, acts as a primer on protecting health information. To understand more about this challenge, download your copy today.