The Case for De-Identifying Personal Health Information
Posted: 23 Jan 2011
Date Written: January 18, 2011
Abstract
The demand on data custodians to disclose health information for secondary purposes is increasing dramatically. These demands come from researchers, public health professionals, commercial actors, and governments. In many jurisdictions, de-identification is one set of methods that can be used to allow the use and disclosure of health information without consent. This report describes the reasons why it is desirable or necessary to de-identify health data before disclosing or using it for secondary purposes. The scenarios we consider reflect the most common conditions under which a custodian would want to de-identify the data. These include an assessment of alternatives, such as consent, on-site access, and remote access to data, the impacts of data breaches and breach notification, unplanned and unexpected uses of data by the public and private sectors, and public perception and trust.
Keywords: de-identification, privacy, consent, re-identification, anonymization, data sharing
Suggested Citation: Suggested Citation