de identification 101
play

De-identification 101 Khaled El Emam, CHEO RI & uOttawa Trends - PDF document

Feb 04, 2023 •37 likes •257 views

De-identification 101 Khaled El Emam, CHEO RI & uOttawa Trends Increasing demands for health data for I i d d f h lth d t f secondary purposes Stronger enforcement of regulations with severe penalties One consequence

  1. De-identification 101 Khaled El Emam, CHEO RI & uOttawa Trends • Increasing demands for health data for I i d d f h lth d t f secondary purposes • Stronger enforcement of regulations with severe penalties • One consequence is the need for more defensible methods for the de-identification of the data Electronic Health Information Laboratory, CHEO Research Institute, 401 Smyth Road, Ottawa K1H 8L1, Ontario; www.ehealthinformation.ca 1

  2. Most Common Secondary ‘Uses’ Source: Pricewaterhouse Coopers Survey. 2009 Transforming healthcare through secondary use of health data. Electronic Health Information Laboratory, CHEO Research Institute, 401 Smyth Road, Ottawa K1H 8L1, Ontario; www.ehealthinformation.ca Variable Distinctions • Directly identifying Di tl id tif i – Can uniquely identify an individual by itself or in conjunction with other readily available information • Quasi-identifiers – Can identify an individual by itself or in – Can identify an individual by itself or in conjunction with other information • Sensitive variables Electronic Health Information Laboratory, CHEO Research Institute, 401 Smyth Road, Ottawa K1H 8L1, Ontario; www.ehealthinformation.ca 2

  3. Examples of Direct I dentifiers • Name, address, telephone number, fax N dd t l h b f number, MRN, health card number, health plan beneficiary number, license plate number, email address, photograph, biometrics, SSN, SIN, implanted device number implanted device number Electronic Health Information Laboratory, CHEO Research Institute, 401 Smyth Road, Ottawa K1H 8L1, Ontario; www.ehealthinformation.ca Examples of Quasi-I dentifiers • sex, date of birth or age, geographic locations (such d t f bi th hi l ti ( h as postal codes, census geography, information about proximity to known or unique landmarks), language spoken at home, ethnic origin, aboriginal identity, total years of schooling, marital status, criminal history, total income, visible minority status, activity difficulties/reductions profession event activity difficulties/reductions, profession, event dates (such as admission, discharge, procedure, death, specimen collection, visit/encounter), codes (such as diagnosis codes, procedure codes, and adverse event codes), country of birth, birth weight, and birth plurality Electronic Health Information Laboratory, CHEO Research Institute, 401 Smyth Road, Ottawa K1H 8L1, Ontario; www.ehealthinformation.ca 3

  4. Attribute vs I dentity Disclosure • Attribute disclosure: discover something • Attribute disclosure: discover something new about an individual in the database without knowing which record belongs to that individual • Identity disclosure: determine which record in the database belongs to a particular in the database belongs to a particular individual (for example, determine that record number 7 belongs to Bob Smith – that is identity disclosure) Electronic Health Information Laboratory, CHEO Research Institute, 401 Smyth Road, Ottawa K1H 8L1, Ontario; www.ehealthinformation.ca Attribute Disclosure - I • For example: • For example: NOT HPV Vaccinated HPV Vaccinated Religion A 5 40 Not 40 40 5 5 Religion A  Statistically significant relationship (chi-square, p<0.05)  High risk of attribute disclosure Electronic Health Information Laboratory, CHEO Research Institute, 401 Smyth Road, Ottawa K1H 8L1, Ontario; www.ehealthinformation.ca 4

  5. Attribute Disclosure - I • For example: • For example: NOT HPV Vaccinated HPV Vaccinated Religion A 5 40 Not 40 40 5 5 Religion A  Statistically significant relationship (chi-square, p<0.05)  High risk of attribute disclosure Electronic Health Information Laboratory, CHEO Research Institute, 401 Smyth Road, Ottawa K1H 8L1, Ontario; www.ehealthinformation.ca Attribute Disclosure - I I • Use suppression to eliminate risk: • Use suppression to eliminate risk: NOT HPV Vaccinated HPV Vaccinated Religion A 5 6 Not 6 6 5 5 Religion A  Not statistically significant relationship (chi-square)  Low risk of attribute disclosure Electronic Health Information Laboratory, CHEO Research Institute, 401 Smyth Road, Ottawa K1H 8L1, Ontario; www.ehealthinformation.ca 5

  6. Attribute Disclosure - I I I • Attribute disclosure is an important outcome • Attribute disclosure is an important outcome of analytics – it is arguably more of an ethics question whether it is acceptable to ask certain questions or discover certain things about individuals with certain characteristics • The HIPAA regulations do not require one to • The HIPAA regulations do not require one to address risks from attribute disclosure – only identity disclosure risks need to be address • All known re-identification attacks were identity disclosure Electronic Health Information Laboratory, CHEO Research Institute, 401 Smyth Road, Ottawa K1H 8L1, Ontario; www.ehealthinformation.ca Tables vs Records • Often disclosure control guidelines are stated in • Often disclosure control guidelines are stated in terms of tables or ‘aggregate’ tables • Tables of counts are exactly the same thing as individual-level data and can be converted from one to the other • When data is released in tabular format, however, additional issues can be raised: dditi l i b i d – Often small cells are suppressed. Using iterative algorithms it is easy to recover suppressed cells if the totals for (some of) the marginals are known – Tables with overlapping dimensions can leak information that is useful for recovering small cells Electronic Health Information Laboratory, CHEO Research Institute, 401 Smyth Road, Ottawa K1H 8L1, Ontario; www.ehealthinformation.ca 6

  7. Does De-identification Work ? • Existing evidence shows that data sets that have • Existing evidence shows that data sets that have been properly de-identified have a low probability of being re-identified • All publicly known examples of serious re- identification attacks were done on data sets that were not properly de-identified (i.e., it is possible to show that their risk of re identification was quite high show that their risk of re-identification was quite high and did not meet HIPAA de-identification standards) • As far as we know, proper de-identification works effectively in managing risk Electronic Health Information Laboratory, CHEO Research Institute, 401 Smyth Road, Ottawa K1H 8L1, Ontario; www.ehealthinformation.ca http://www.plosone.org/article/info%3Adoi%2F10.1371%2Fjournal.pone.0028071 Electronic Health Information Laboratory, CHEO Research Institute, 401 Smyth Road, Ottawa K1H 8L1, Ontario; www.ehealthinformation.ca 7

  8. De-identification Standards • The HIPAA Privacy Rule specified two de • The HIPAA Privacy Rule specified two de- identification standards: – Safe Harbor – Statistical method Electronic Health Information Laboratory, CHEO Research Institute, 401 Smyth Road, Ottawa K1H 8L1, Ontario; www.ehealthinformation.ca HI PAA Safe Harbor Safe Harbor Direct Identifiers and Quasi identifiers Safe Harbor Direct Identifiers and Quasi-identifiers 1. Names 12.Vehicle identifiers 18. Any other unique 2. ZIP Codes (except and serial numbers, identifying number, first three) including license characteristic, or 3. All elements of dates plate numbers code (except year) 13.Device identifiers 4. Telephone numbers and serial numbers 5. Fax numbers 14.Web Universal 6. Electronic mail Resource Locators addresses (URLs) 7. Social security 15.Internet Protocol (IP) numbers numbers address numbers address numbers 8. Medical record 16.Biometric identifiers, numbers including finger and 9. Health plan voice prints beneficiary numbers 17.Full face 10.Account numbers photographic images 11.Certificate/license and any comparable numbers images; Electronic Health Information Laboratory, CHEO Research Institute, 401 Smyth Road, Ottawa K1H 8L1, Ontario; www.ehealthinformation.ca 8

  9. Names (Element 1) • Covers only the names of the individuals or • Covers only the names of the individuals or of relatives, employers, or household members of the individual • Names of providers would not be considered as part of the Safe Harbor list and therefore, strictly speaking, it would not be necessary strictly speaking it would not be necessary to remove them from the data set Electronic Health Information Laboratory, CHEO Research Institute, 401 Smyth Road, Ottawa K1H 8L1, Ontario; www.ehealthinformation.ca Element 18 • Any other unique identifying number • Any other unique identifying number, characteristic, or code: – Number: clinical record number – Characteristic: rare and visible diagnosis – Code: hashed SSN (derived from a direct identifier without a salt) de t e t out a sa t) Electronic Health Information Laboratory, CHEO Research Institute, 401 Smyth Road, Ottawa K1H 8L1, Ontario; www.ehealthinformation.ca 9

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

RISK IDENTIFICATION Everything your competitor knows about Risk Identification on Software

RISK IDENTIFICATION Everything your competitor knows about Risk Identification on Software

RISK IDENTIFICATION Everything your competitor knows about Risk Identification on Software projects David OBrien | PMI Ireland Chapter 23 03 2020 Let Risk identification is your super-power Risk Identification 30 MARCH 2020 2 RISK

375 views • 22 slides
Hour #1: Passwords Identification, Authentication, and Authorization Identification: You

Hour #1: Passwords Identification, Authentication, and Authorization Identification: You

CSCI E-170 Computer Security, Usability &amp; Privacy Hour #1: Passwords Identification, Authentication, and Authorization Identification: You give your name Authentication: Youve proven that its really you.

486 views • 31 slides
Gem Identification Gem Identification There are approx. 4000 minerals Approx. 100 are

Gem Identification Gem Identification There are approx. 4000 minerals Approx. 100 are

Gem Identification Gem Identification There are approx. 4000 minerals Approx. 100 are classified as gem species. They are found in gem quality. The gem quality has the attributes of a gemstone beauty, durability, rarity, and

613 views • 42 slides
EASM 2014 Individuals characterized with high team identification would be more involved with a

EASM 2014 Individuals characterized with high team identification would be more involved with a

Examination on the Relationship Among School Identification, Team Identification, and Sport Consumption of College Students Submitting author: Dr Li-Shiue Gau Asia University, Taiwan, Taichung, 41354 Taiwan All authors: Jong-Chae Kim,

525 views • 3 slides
Hazard Identification &amp; Control Contents Hazard Identification &amp; Control Hazard Alert

Hazard Identification &amp; Control Contents Hazard Identification &amp; Control Hazard Alert

Hazard Identification &amp; Control Contents Hazard Identification &amp; Control Hazard Alert Form Hazard Tracking Log Quiz Employer / Instructor Notes: 1. Review Hazard Identification and Control and the Quiz (prior to conducting

192 views • 8 slides
Religious Profile: Jewish Identification 2 Jewish Identification (Jewish Households)

Religious Profile: Jewish Identification 2 Jewish Identification (Jewish Households)

1 1 Religious Profile: Jewish Identification 2 Jewish Identification (Jewish Households) Reconstructionist Conservative 2% 20% Orthodox 9% Reform 35% Humanist 4% Just Jewish 31% 3 Jewish Identification (Jewish Persons) Conservative

1.59k views • 119 slides
Agenda Unique Identification (UID); Item Unique Identification; Unique Item Identifier (UII)

Agenda Unique Identification (UID); Item Unique Identification; Unique Item Identifier (UII)

Unique Identification of Items U NIQUE ID ENTIFICATION (UID) September, 2005 (UID) Agenda Unique Identification (UID); Item Unique Identification; Unique Item Identifier (UII) UID/IUID Policy Contracting for IUID Marking Items

1.09k views • 88 slides
Identification and Specification of Identification and Specification of NGN Service and Control

Identification and Specification of Identification and Specification of NGN Service and Control

I nternational Telecom m unication Union ITU-T Identification and Specification of Identification and Specification of NGN Service and Control NGN Service and Control Requirements Requirements Tobey Trygar Telcordia Technologies I TU-T W

703 views • 21 slides
Key Issues and Questions Identification of reimbursable meal Identification of reimbursable

Key Issues and Questions Identification of reimbursable meal Identification of reimbursable

5/3/2012 USDAs National School Lunch and School Breakfast USDA N ti l S h l L h d S h l B kf t Programs Key Issues and Questions Identification of reimbursable meal Identification of reimbursable meal Identify content of reimbursable

558 views • 12 slides
Camera identification on YouTube Y A N N I C K S C H E E L E N J O P V A N D E R L E L I E

Camera identification on YouTube Y A N N I C K S C H E E L E N J O P V A N D E R L E L I E

Camera identification on YouTube Y A N N I C K S C H E E L E N J O P V A N D E R L E L I E Introduction Why camera identification? Agenda Pattern noise Video encoding Experiment Results Analysis Conclusion Noise

437 views • 30 slides
Learning Visual Distance Function L i Vi l Di t F ti for Identification from one Example for

Learning Visual Distance Function L i Vi l Di t F ti for Identification from one Example for

Learning Visual Distance Function L i Vi l Di t F ti for Identification from one Example for Identification from one Example. Eric Nowak and Frederic Jurie E i N k d F d i J i Bertin Technologies / CNRS LEAR Group INRIA - France

490 views • 19 slides
Forensic Body Fluid Identification o Body fluid identification can provide information linking

Forensic Body Fluid Identification o Body fluid identification can provide information linking

Genome-wide methylation profiling and a multiplex construction for the identification of body fluids using epigenetic markers Hwan Young Lee, Ja Hyun An, Sang-Eun Jung, Yu Na Oh, Eun Young Lee, Ajin Choi, Woo Ick Yang, Kyoung-Jin Shin

232 views • 10 slides
In System Identification, System Identification: . . . Interval (and Fuzzy) Estimates Algorithm

In System Identification, System Identification: . . . Interval (and Fuzzy) Estimates Algorithm

System Identification: . . . Need to Take . . . How Can We Describe . . . Two Approximations, . . . In System Identification, System Identification: . . . Interval (and Fuzzy) Estimates Algorithm for the . . . Can Lead to Much Better

400 views • 25 slides
Quantitation and Identification Quantitation and Identification of Urine Mucopolysaccharides of

Quantitation and Identification Quantitation and Identification of Urine Mucopolysaccharides of

Quantitation and Identification Quantitation and Identification of Urine Mucopolysaccharides of Urine Mucopolysaccharides George Gray MetBioNet Workshop 2008 The Big Questions What are we measuring? What are we measuring? Where does

670 views • 34 slides
POLYNOMIAL CONSTRAINED FACTORING IN P-NARX IDENTIFICATION KIA N A KA R A M I, D A V ID W ES

POLYNOMIAL CONSTRAINED FACTORING IN P-NARX IDENTIFICATION KIA N A KA R A M I, D A V ID W ES

Nonlinear System Identification Benchmarks POLYNOMIAL CONSTRAINED FACTORING IN P-NARX IDENTIFICATION KIA N A KA R A M I, D A V ID W ES TW IC K April, 2019 NARX MODEL T he No nline ar Auto re g re ssive e Xo g e no us I nput Mo de l

253 views • 23 slides
W3C Speaker Identification W3C Speaker Identification and Verification Workshop and Verification

W3C Speaker Identification W3C Speaker Identification and Verification Workshop and Verification

W3C Speaker Identification W3C Speaker Identification and Verification Workshop and Verification Workshop Speaker Verification in a Multi-Vendor Environment Mr Ross Summerfield (with support from Dr Ted Dunstone and Dr Clive Summerfield)

440 views • 15 slides
HIV Clinical Update: Treatment in 2017 and Beyond Shobha Swaminathan, MD Associate Professor of

HIV Clinical Update: Treatment in 2017 and Beyond Shobha Swaminathan, MD Associate Professor of

5/25/17 HIV Clinical Update: Treatment in 2017 and Beyond Shobha Swaminathan, MD Associate Professor of Medicine Rutgers New Jersey Medical School Overview Whats new in the guidelines Starting antiretroviral therapy Switching

163 views • 14 slides
the New Hypertension and Discuss the current hypertension guidelines Discuss the current

the New Hypertension and Discuss the current hypertension guidelines Discuss the current

Applying the Intricacies of OBJECTIVES the New Hypertension and Discuss the current hypertension guidelines Discuss the current lipid guidelines Lipid Guidelines to Your Given a clinical scenario, utilize the new Patients guidelines

236 views • 9 slides
Integrated Predictive Modelling to Improve Pathology Laboratory Quality Alice Richardson, NCEPH

Integrated Predictive Modelling to Improve Pathology Laboratory Quality Alice Richardson, NCEPH

Integrated Predictive Modelling to Improve Pathology Laboratory Quality Alice Richardson, NCEPH ViCBiostat, 18 October 2017 Overview NATA and QAP Our study Data Results Conclusions The future NATA Audit

380 views • 19 slides
Efficacy and safety of colchicine for treatment of multiple recurrences of pericarditis (CORP-2):

Efficacy and safety of colchicine for treatment of multiple recurrences of pericarditis (CORP-2):

Efficacy and safety of colchicine for treatment of multiple recurrences of pericarditis (CORP-2): a multicentre, double-blind, placebo- controlled, randomised trial Massimo Imazio, MD, FESC on behalf of the CORP-2 Investigators Cardiology

470 views • 20 slides
ABL001 and combination Massimo Breccia Az. Policlinico Umberto I Sapienza University Rome

ABL001 and combination Massimo Breccia Az. Policlinico Umberto I Sapienza University Rome

ABL001 and combination Massimo Breccia Az. Policlinico Umberto I Sapienza University Rome Disclosures of NAME SURNAME Company Research Speakers Advisory Employee Consultant Stockholder Other name support bureau board Novartis x x

511 views • 36 slides
Oxidative Stress Induced Mitochondrial Dysfunction in Children with Autism Spectrum Disorder

Oxidative Stress Induced Mitochondrial Dysfunction in Children with Autism Spectrum Disorder

Oxidative Stress Induced Mitochondrial Dysfunction in Children with Autism Spectrum Disorder Richard E. Frye, M.D., Ph.D. Director of Autism Research Director of Autism Multispecialty Clinic Arkansas Childrens Hospital Associate Professor

1.14k views • 72 slides
Quality of Care NL Blood Urea Six Month Update Faculty of Medicine Update Six months ago

Quality of Care NL Blood Urea Six Month Update Faculty of Medicine Update Six months ago

Quality of Care NL Blood Urea Six Month Update Faculty of Medicine Update Six months ago Quality of Care NL launched a campaign to lower the number of Blood Urea tests across Eastern Health. We now have our numbers back and are happy to say

417 views • 10 slides
An Anticoagul ulation i n in Patients w with h Sev evere e Renal I Impair irmen ent

An Anticoagul ulation i n in Patients w with h Sev evere e Renal I Impair irmen ent

An Anticoagul ulation i n in Patients w with h Sev evere e Renal I Impair irmen ent Tony Wan, MD, FRCPC Clinical Instructor, Division of General Internal Medicine Department of Medicine, University of British Columbia Objectives

402 views • 28 slides

More recommend