The Road to De-Identification: How to Maintain Privacy with Publicly Released Data
How does data become de-identified and accessible to the public?
Our health histories, whether documented in claims or medical records, contain some of our most personal information. States and regional collaboratives think hard about patient privacy as they develop policies around public data sharing.
Most states utilize the “De-Identification Standard” set forth by the HIPAA Privacy Rule, which suggests the use of one of two tests to ensure publicly-released data does not jeopardize patient privacy.
One method, called Expert Determination, relies on statistics to de-identify data.
Here’s the criteria:
• Data set is certified as de-identified by a person with appropriate knowledge of and experience with generally accepted statistical and scientific principles and methods for rendering information not individually identifiable;
• Applying such principles and methods determines that the risk is very small that the information could be used, alone or in combination with other reasonably available information, by an anticipated recipient to identify an individual who is a subject of the information; and
• Documents the methods and results of the analysis that justify such determination.
Another method, known as Safe Harbor, requires 18 identifiers to be removed from the data. They are listed below.
2. Geographic subdivisions smaller than a state. One exception to this rule is the initial three digits of a ZIP Code if, Census data shows the geographic unit formed by combining all ZIP Codes with the same three initial digits contains more than 20,000 people and the initial three digits of smaller geographic units are changed to 000.
3. All elements of dates, except year, related to an individual.
4. Telephone numbers.
5. Facsimile numbers.
6. Electronic mail addresses.
7. Social security numbers.
8. Medical record numbers.
9. Health plan beneficiary numbers.
10. Account numbers.
11. Certificate/license numbers.
12. Vehicle identifiers and serial numbers, including license plate numbers.
13. Device identifiers and serial numbers.
14. Web universal resource locators (URLs).
15. Internet protocol (IP) address numbers.
16. Biometric identifiers, including fingerprints and voiceprints.
17. Full-face photographic images and any comparable images.
18. Any other unique identifying number, characteristic, or code, unless otherwise permitted by the Privacy Rule for re-identification.
Learn how various states are balancing important privacy information with the need for information at Freedman HealthCare’s White Paper Releasing APCD Data: How States Balance Privacy and Utility