Privacy Analytics > Resources > White Papers > A Privacy Governance Framework to Support De-identification
A Privacy Governance Framework to Support De-identification
While technology is an important enabler of data de-identification, technology is not the end of the story. Effective de-identification at an enterprise level is as much about governance as it is about technology. Accounting for risk in a de-identification solution is critical to achieving the right level of de-identification and resulting data utility, which influences the analytic outcomes. Accordingly, to maximize outcomes, an organization must have efficient methods of measuring, monitoring and assuring the controls associated with each disclosure context. Organizations should establish a framework to manage re-identification risks holistically while enabling a wide range of data uses.
If you only apply technology to anonymize data, you miss out on a vital area of the overall strategy – the people and decisions behind the solution and the processes and procedures that instill consistency. Without these elements, you miss the tenets of governance – accountability, transparency, and applicability.
This paper provides an outline of a governance framework specifically supporting the implementation of de-identification within an enterprise. Key to this is understanding and managing the processes, the people, and the technology required for data governance strategy.
Situation: California’s Consumer Privacy Act inspired Comcast to evolve the way in which they protect the privacy of customers who consent to share personal information with them.
Situation: Integrate.ai’s AI-powered tech helps clients improve their online experience by sharing signals about website visitor intent. They wanted to ensure privacy remained fully protected within the machine learning / AI context that produces these signals.
Situation: Novartis’ digital transformation in drug R&D drives their need to maximize value from vast stores of clinical study data for critical internal research enabled by their data42 platform.
Situation: CancerLinQ™, a subsidiary of American Society of Clinical Oncology, is a rapid learning healthcare system that helps oncologists aggregate and analyze data on cancer patients to improve care. To achieve this goal, they must de-identify patient data provided by subscribing practices across the U.S.
Situation: Needed to ensure the primary market research process was fully compliant with internal policies and regulations such as GDPR.
Situation: Needed to enable AI-driven product innovation with a defensible governance program for the safe and responsible use
of voice-to-text data under Shrems II.
This course runs on the 2nd Wednesday of every month, at 11 a.m. ET (45 mins). Click the button to register and select the date that works best for you.