Skip to content
The expert may certify a covered entity to share both data sets after determining that the two data sets could not be merged to individually identify a patient. Experts may be found in the statistical, mathematical, or other scientific domains. OCR convened stakeholders at a workshop consisting of multiple panel sessions held March 8-9, 2010, in Washington, DC. Rather, a combination of technical and policy procedures are often applied to the de-identification task. The Privacy Rule does not limit how a covered entity may disclose information that has been de-identified. Regardless of the process or methods employed, the information must meet the very small risk specification requirement.Data managers and administrators working with an expert to consider the risk of identification of a particular set of health information can look to the principles summarized in Table 1 for assistance.When evaluating identification risk, an expert often considers the degree to which a data set can be “linked” to a data source that reveals the identity of the corresponding individuals. However, experts have recognized that technology, social conditions, and the availability of information changes over time. The lack of a readily available naming data source does not imply that data are sufficiently protected from future identification, but it does indicate that it is harder to re-identify an individual, or group of individuals, given the data sources at hand. As described in the forthcoming sections, covered entities may wish to select de-identification strategies that minimize such loss.The implementation specifications further provide direction with respect to If a covered entity or business associate successfully undertook an effort to identify the subject of de-identified information it maintained, the health information now related to a specific individual would again be protected by the Privacy Rule, as it would meet the definition of PHI. The information is derived from the Decennial Census and was last updated in 2000. Postal Service (USPS) ZIP code service areas. In the past, there has been no correlation between ZIP codes and Census Bureau geography. As summarized in Figure 1, the Privacy Rule provides two methods by which health information can be designated as de-identified. These provisions allow the entity to use and disclose information that neither identifies nor provides a reasonable basis to identify an individual.Both methods, even when properly applied, yield de-identified data that retains some risk of identification. This new methodology also is briefly described below, as it will likely be of interest to all users of data tabulated by ZIP code. Photo Agence QMI, Joël Lemay As a result, an expert will define an acceptable “very small” risk based on the ability of an anticipated recipient to identify an individual. See section 3.10 for a more complete discussion.In the following two sections, we address questions regarding the Expert Determination method (Section 2) and the Safe Harbor method (Section 3).In §164.514(b), the Expert Determination method for de-identification is defined as follows: (1) A person with appropriate knowledge of and experience with generally accepted statistical and scientific principles and methods for rendering information not individually identifiable:Yes. Yet, it may also be stored in a wide range of documents with less structure and written in natural language, such as discharge summaries, progress notes, and laboratory test interpretations. For instance, it is simple to discern when a feature is a name or a Social Security Number, provided that the fields are appropriately labeled. For those areas where it is difficult to determine the prevailing five-digit ZIP code, the higher-level three-digit ZIP code is used for the ZCTA code. Invitati. However, due to the public’s interest in having statistics tabulated by ZIP code, the Census Bureau has created a new statistical area called the Zip Code Tabulation Area (ZCTA) for Census 2000.