E-Book, Englisch, 413 Seiten
El Emam Guide to the De-Identification of Personal Health Information
Erscheinungsjahr 2013
ISBN: 978-1-4665-7908-8
Verlag: Taylor & Francis
Format: PDF
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
E-Book, Englisch, 413 Seiten
ISBN: 978-1-4665-7908-8
Verlag: Taylor & Francis
Format: PDF
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
Offering compelling practical and legal reasons why de-identification should be one of the main approaches to protecting patients’ privacy, the Guide to the De-Identification of Personal Health Information outlines a proven, risk-based methodology for the de-identification of sensitive health information. It situates and contextualizes this risk-based methodology and provides a general overview of its steps.
The book supplies a detailed case for why de-identification is important as well as best practices to help you pin point when it is necessary to apply de-identification in the disclosure of personal health information. It also:
- Outlines practical methods for de-identification
- Describes how to measure re-identification risk
- Explains how to reduce the risk of re-identification
- Includes proofs and supporting reference material
- Focuses only on transformations proven to work on health information—rather than covering all possible approaches, whether they work in practice or not
Rated the top systems and software engineering scholar worldwide by The Journal of Systems and Software, Dr. El Emam is one of only a handful of individuals worldwide qualified to de-identify personal health information for secondary use under the HIPAA Privacy Rule Statistical Standard. In this book Dr. El Emam explains how we can make health data more accessible—while protecting patients’ privacy and complying with current regulations.
Autoren/Hrsg.
Fachgebiete
Weitere Infos & Material
Introduction
Primary and Secondary Purposes
The Spectrum of Risk for Data Access
Managing Risk
What Is De-identification?
Learning Something New
The Status Quo
Safe Harbor-Compliant Data Can Have a High Risk of Re-identification
The Adversary Knows Who Is in the Data
The Data Set Is Not a Random Sample from the U.S. Population
Other Fields Can Be Used for Re-identification
Moving Forward beyond Safe Harbor
Why We Wrote This Book
References
THE CASE FOR DE-IDENTIFYING PERSONAL HEALTH INFORMATION
Permitted Disclosures, Consent, and De-identification of PHI
Common Data Flows
The Need for De-identification
Permitted Uses and Disclosures of Health Information
Uses of Health Information by an Agent
Disclosing Identifiable Data When Permitted
References
The Impact of Consent
Differences between Consenters and Non-Consenters in Clinical Trials
The Impact of Consent on Observational Studies
Impact on Recruitment
Impact on Bias
Impact on Cost
Impact on Time
References
Data Breach Notifications
Benefits and Costs of Breach Notification
Cost of Data Breach Notifications to Custodian
Data Breach Trends
The Value of Health Data
Financial Information in the Health Records
Financial Value of Health Records
Medical Identity Theft
Monetizing Health Records through Extortion
References
Peeping and Snooping
Examples of Peeping
Information and Privacy Commissioners Orders
Ontario
HO-002
HO-010
HR06-53
HI-050013-1
Alberta
Investigation Report H2011-IR-004
IPC Investigation (Report Not Available)
Saskatchewan
H-2010-001
References
Unplanned but Legitimate Uses and Disclosures
Unplanned Uses by Governments
Data Sharing for Research Purposes
Open Government
Open Data for Research
Unplanned Uses and Disclosures by Commercial Players
Competitions
References
Public Perception and Privacy Protective Behaviors
References
Alternative Methods for Data Access
Remote Access
On-Site Access
Remote Execution
Remote Queries
Secure Computation
Summary
References
UNDERSTANDING DISCLOSURE RISKS
Scope, Terminology, and Definitions
Perspective on De-identification
Original Data and DFs
Unit of Analysis
Types of Data
Relational Data
Transactional Data
Sequential Data
Trajectory Data
Graph Data
The Notion of an Adversary
Types of Variables
Directly Identifying Variables
Indirectly Identifying Variables (Quasi-identifiers)
Sensitive Variables
Other Variables
Equivalence Classes
Aggregate Tables
References
Frequently Asked Questions about De-identification
Can We Have Zero Risk?
Will All DFs Be Re-identified in the Future?
Is a Data Set Identifiable If a Person Can Find His or Her Record?
Can De-identified Data Be Linked to Other Data Sets?
Doesn’t Differential Privacy Already Provide the Answer?
A Methodology for Managing Re-identification Risk
Re-identification Risk versus Re-identification Probability
Re-identification Risk for Public Files
Managing Re-identification Risk
References
Def
