De-identification Practices

Under this scenario, a data custodian is providing data to two researchers, A and B. The two data sets have some overlapping variables, for example, they may both have the patients' date of birth and postal codes. Also, the two data sets have no directly…

In this article we will present a recommended way to integrate de-identification into an REB review process. This is based on our experiences after we have tried many alternative processes, and found that this approach works well in practice. The context…

Sampling means drawing a subset of the rows from the data set and disclosing those instead of the complete data set. The reason why sampling is sometimes used is because it thwarts a prosecutor type attack by making it difficult for an intruder to know if…

An issue that has occasionally come up is whether there is a secondary use market for health information? Of course secondary use has been occurring for many years in the context of research, quality improvement, and public health. But does the data have…

These articles describe in detail how technologies incorporated in PARAT have been used to de-identify actual data sets. They demonstrate the risk analysis that is performed and show how de-identification methods can be used in practice. Publication Type…

Our approach to re-identification risk assessment and de-identification is risk-based. The following documents describe this general approach in more detail. Title Place Published Download Link Dispelling the myths surrounding de-identification Office of…

This question pertains to research protocols that require the analysis of existing data for secondary purposes or protocols where new data is being collected in de-identified form. An example of the former is when a protocol requires the analysis of data…

Under current oversight regimes, the REB is the often only institutional gatekeeper providing oversight of research projects. While their primary mandate is to deal with ethics issues, they often have to deal with privacy issues. For example, the primary…

It is sometimes stated that re-identification technology is moving forward all the time, and that new databases useful for linking are being made available all of the time, and therefore that it is futile to de-identify any data sets. There are two counterarguments…

We have just completed two large systematic reviews looking at the difference between consenters and non-consenters. The review considered clinical trials and observational studies with primary data collection and secondary use of existing databases. For…