HIPAA Strategies for De-Identifying Patient Data for Research

Venue

American Association of Medical Colleges (AAMC), National Conference, Group on Information Resources, Philadelphia, PA. April 12, 2005.

Slides from talk

Abstract

Society is amidst widespread proliferation of patient data for many new and important research questions.  The Privacy Rule of HIPAA allows such data to be shared under different scenarios -- all of which relate to providing a "minimal risk of re-identification."  While HIPAA provides this operational privacy standard in words, the technical details are often misunderstood.  In this talk, I will present ways to measure risks of re-identification in datasets, and then, explore methods for sharing data which provably adheres to the HIPAA standard while remaining practically useful. Real-world examples will be provided. 

References and Related Links

• Information explosion
• Trails Learning
• Re-identification, DNA
• Genomic Privacy
• Genomic System Evaluation

• Selective Revelation
• Bioterrorism Surveillance
• De-identification, Datafly
• k-anonymity
• k-anonymity, Generalization

• Projects at the Data Privacy Lab
• Data Privacy Laboratory