|
|
Line 1: |
Line 1: |
− | '''De-identified patient data''' is [[Protected Health Information (PHI)|patient data]] that has been removed of important identifiers such as birth date, gender, address, and age.
| + | #REDIRECT [[Identifiable Health Data]] |
− | | + | |
− | == Introduction ==
| + | |
− | | + | |
− | There are 19 identifiers that are protected by the [[Health_Insurance_Portability_and_Accountability_Act_(HIPAA)#The_Privacy_Rule|Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule]].
| + | |
− | # name
| + | |
− | # address
| + | |
− | # dates directly related to the individual
| + | |
− | # all ages over 8#
| + | |
− | # telephone number
| + | |
− | # fax number
| + | |
− | # email address
| + | |
− | # Social Security number
| + | |
− | # Medical Record number
| + | |
− | # Health Plan number
| + | |
− | # Account numbers
| + | |
− | # Certificate or License numbers
| + | |
− | # Vehicle Identification numbers
| + | |
− | # Device Identification numbers
| + | |
− | # Universal Resource Locators
| + | |
− | # Internet protocol Address
| + | |
− | # Biometric identifiers
| + | |
− | # full face photographs and images
| + | |
− | # any other unique identifying number, characteristic or code
| + | |
− | | + | |
− | HIPAA allows the use of such de-identified data without requiring special authorization, and its use or disclosure without restrictions
| + | |
− | | + | |
− | De-identified patient data is often used for research.
| + | |
− | | + | |
− | Information is de-identified when it is not possible to 'reasonable ascertain' the identity of a person from that data.
| + | |
− | The definition of Irreversible de-identification of data is context driven. The capacity of re-identify de-identified data may depend critically on particular resources( Intellectual, Information Technology, Access to multiple data sets).(1)
| + | |
− | Efforts are being made to automate the anonymization of health information by developing de-identifications models that can successfully remove personal health information. (2)
| + | |
− | | + | |
− | | + | |
− | == Personally identifiable Health Data ==
| + | |
− | refers to any information that can be used, either alone or in combination with other information, to uniquely identify, contact, or locate a single person.
| + | |
− | | + | |
− | Data are considered “individually identifiable” if they include any of the 18 types of identifiers, listed below:
| + | |
− | *Name
| + | |
− | *Address (all geographic subdivisions smaller than state, including street address, city, county, ZIP code)
| + | |
− | *All elements (except years) of dates related to an individual (including birth date, admission date, discharge date, date of death and exact age if over 89)
| + | |
− | *Telephone numbers
| + | |
− | *FAX number
| + | |
− | *E-mail address
| + | |
− | *Social Security number
| + | |
− | *Medical record number
| + | |
− | *Health plan beneficiary number
| + | |
− | *Account number
| + | |
− | *Certificate/license number
| + | |
− | *Any vehicle or other device serial number
| + | |
− | *Device identifiers or serial numbers
| + | |
− | *Web URL
| + | |
− | *Internet Protocol (IP) address numbers
| + | |
− | *Finger or voice prints
| + | |
− | *Photographic images
| + | |
− | *Any other characteristic that could uniquely identify the individual
| + | |
− | | + | |
− | Source:
| + | |
− | http://hipaa.yale.edu/guidance/index.html#phi
| + | |
− | | + | |
− | | + | |
− | # Australian Government. Office of the Privacy Commissioner.
| + | |
− | # State-of-the-art Anonymization of Medical Records Using an Iterative Machine Learning Framework; György Szarvas, Richárd Farkas, Róbert Busa-Fekete b J Am Med Inform Assoc. 2007 Sep–Oct; 14(5): 574–580.
| + | |
− | | + | |
− | | + | |
− | == Reference ==
| + | |
− | | + | |
− | Friedlin, F. J., McDonald, C. J. A Software Tool for Removing Patient Identifying Information from Clinical Documents. (2008) JAMIA, 15 (5); 601 – 610. PMCID: PMC2528047
| + | |