De-Identification: Its value to businesses and how to do it right – HITRUST 2019

De-Identification: Its Value to Businesses and How to do it Right - HITRUST 2019

As part of the HITRUST 2019 conference today, I attended a panel on De-Identification.

Here’s the panel:

De-Identification: Its Value to Businesses and How to do it Right – My Takeaways

De-Identification: Its Value to Businesses and How to do it Right - HITRUST 2019
Here are my takeaways from the panel:

  • De-Identification is a process of removing personally identifiable information from data
  • De-ID is useful for health research
  • when done properly, De-Identified data falls outside the scope of regulations (e.g. GDPR, CA Consumer Privacy Act, Brazil Data Protection Act)
  • Direct Identifiers: Name, address, telephone number, fax #, MR, SSN, email address, photograph., clinical trial record number
  • Quasi-identifiers: sex, age, DOB, zip code, marital status, # of children
  • Direct Identifiers vs Quasi-identifiers are important distinction
  • Risks of re-identification: 1) data risk 2) context
  • What constitutes an expert?: Education, experience, and HITRUST program for de-identification
  • HITRUST De-Identification certifications: Certified De-Identification Associate (CDA) and Certified De-Identification Professional (CDP)
  • There is no universally accepted scoring system
  • There is a HITRUST framework for de-identification
  • “The same data set can be de-identified in different ways.” (Sarah Lyons)
  • Expert Determination Method: A person with appropriate knowledge and experience with generally accepted principles of De-Identification. Also involves a determination that the risk of identification is very small.
  • HITRUST De-ID Framework: Governance, Documentation, Explicit ID of Data Custodian, External or Independent Scrutiny

HITRUST 2019

HITRUST 2019 Conference

HITRUST 2019 positions itself is the most comprehensive and definitive information risk management conference for privacy, security, and compliance professionals.

The conference is held at the Gaylord Texan Resort in Grapevine, Texas.

Try Paubox Email Suite for FREE today.

About the author

Hoala Greevy

Founder CEO Paubox. Kayak fishing when I can.

Read more by Hoala Greevy

Get started with
end-to-end protection

Bolster your organization's security with state-of-the-art email encryption and inbound email security.

Highest rated HIPAA compliant messaging solution on G2

EmailEncryption BestMeetsRequirements MeetsRequirements
SecureEmailGateway MostImplementable Total
SecureEmailGateway Leader Leader
SecureEmailGateway EasiestToUse EaseOfUse
SecureEmailGateway EasiestAdmin EaseOfAdmin
SecureEmailGateway BestUsability Total
SecureEmailGateway BestResults Total
SecureEmailGateway BestRelationship Total
EmailEncryption UsersMostLikelyToRecommend Nps
EmailEncryption MomentumLeader Leader
SecureEmailGateway BestSupport Mid Market QualityOfSupport
EmailEncryption BestMeetsRequirements MeetsRequirements
SecureEmailGateway MostImplementable Total
SecureEmailGateway Leader Leader
SecureEmailGateway EasiestToUse EaseOfUse
SecureEmailGateway EasiestAdmin EaseOfAdmin
SecureEmailGateway BestUsability Total
SecureEmailGateway BestResults Total
SecureEmailGateway BestRelationship Total
EmailEncryption UsersMostLikelyToRecommend Nps
EmailEncryption MomentumLeader Leader
SecureEmailGateway BestSupport Mid Market QualityOfSupport