Perspectives on Health Data De-identification

Perspectives on Health Data De-identification

Has your organization been considering de-identification? It’s not a simple undertaking to use Protected Health Information (PHI) for secondary purposes. There is a lot of risk when dealing with PHI. There are legal considerations, financial considerations, and reputational considerations. The costs of a breach are staggering, but there are valid reasons to utilize health data for secondary purposes. Understanding the risks is important but also understanding the reasons and methods to safely and responsibly releasing PHI.

Exploring this topic is not strange to us – in fact, we created the white paper, Perspectives on Heath Data De-Identification with the intention of delving deeper into reoccurring topics. In true salon fashion, we gathered three pervasive themes into one place. The pieces feature the voice of Dr. Khaled El Emam, a leading expert in the space of HIPAA’s Expert Determination and strong advocate for a risk-based approach.

In the first article, On the Limits of the Safe Harbor De-Identification, Dr. El Emam takes a critical view at the Safe Harbor standard so many organizations are using. He looks specifically at how it lacks a risk measurement, key to stopping adversaries from reversing Safe Harbor techniques and re-identifying individuals in datasets.

In Benefiting from Big Data while Protecting Individual Privacy, he enforces the fact we do live in the age of Big Data – but also big privacy. Both can co-exist, but only when the right protections are placed on PHI.

His last article, De-Identification and Data Masking, explains the key differentiators in these two methods. He reviews the right – and wrong – techniques for effective masking and steers his audience into a discussion of why masking is just not enough for most organizations. He wraps it up with key takeaways to remember when applying a defensible strategy.

Discussion around de-identification has been limited to small circles. Come on in and learn more from the experts.

More White Papers

For companies wanting to do business in Europe, being GDPR-compliant is essential. Learn more about the rights of access and erasure the legislation covers…

Join the next 5 Safes Data Privacy webinar

This course runs on the 2nd Wednesday of every month, at 11 a.m. ET (45 mins). Click the button to register and select the date that works best for you.