As a distributor of a medical device produced by a partner company, this large company creates a report each time the device is used for a medical procedure. The report includes patient-level data that the company shares with its partner to be used for product improvements, R&D, and evidence (including metrics) of product differentiation.
The company needs data that is of high-enough utility to be valuable to its partner, yet compliant with the regulatory requirements that the individuals represented by the data are not identifiable.
To measure the identifiability of the data, we statistically measured how distinguishable individuals represented in the data were in the population. We also considered contextual factors influencing the likelihood of re-identification, including the:
Based on the context and identifiability in the data itself, we developed a tailored anonymization strategy to maximize data utility in consultation with our customer.
Privacy Analytics recommended a data anonymization (de-identification) strategy that maximized the value of the data based on how our customer’s partner intended to use it.
Following our recommendations, our customer can confidently share rich reports with its partner company for their product improvements, R&D, and competitive product differentiation. They can be fully confident that patient privacy is protected, with demonstrated compliance under the GDPR and HIPAA.
Learn more about Privacy Analytics’ anonymization services for DICOM.