Identifiable Health Data
Identifiable Health Data (or Personally identifiable Health Data) refers to any information that can be used, either alone or in combination with other information, to uniquely identify, contact, or locate a single person.
Data are considered “individually identifiable” if they include any of the 18 types of identifiers specified by the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule:
- Address (all geographic subdivisions smaller than state, including street address, city, county, ZIP code)
- All elements (except years) of dates related to an individual (including birth date, admission date, discharge date, date of death and exact age if over 89)
- Telephone numbers
- FAX number
- E-mail address
- Social Security number
- Medical record number
- Health plan beneficiary number
- Account number
- Certificate/license number
- Any vehicle or other device serial number
- Device identifiers or serial numbers
- Web URL
- Internet Protocol (IP) address numbers
- Finger or voice prints
- Photographic images
- Any other characteristic that could uniquely identify the individual
De-identified patient data
De-identified patient data is patient data that has been removed of important identifiers such as birth date, gender, address, and age.
De-identified patient data is often used for research. The Health Insurance Portability and Accountability Act (HIPAA) allows the use of such de-identified data without requiring special authorization, and its use or disclosure without restrictions
Information is de-identified when it is not possible to 'reasonable ascertain' the identity of a person from that data.
The definition of Irreversible de-identification of data is context driven. The capacity of re-identify de-identified data may depend critically on particular resources( Intellectual, Information Technology, Access to multiple data sets).(1) Efforts are being made to automate the anonymization of health information by developing de-identifications models that can successfully remove personal health information. (2)
- Australian Government. Office of the Privacy Commissioner.
- State-of-the-art Anonymization of Medical Records Using an Iterative Machine Learning Framework; György Szarvas, Richárd Farkas, Róbert Busa-Fekete b J Am Med Inform Assoc. 2007 Sep–Oct; 14(5): 574–580.
Friedlin, F. J., McDonald, C. J. A Software Tool for Removing Patient Identifying Information from Clinical Documents. (2008) JAMIA, 15 (5); 601 – 610. PMCID: PMC2528047