data anonymization professional certification
DESCRIPTION
How to become a certified de-identification professional.TRANSCRIPT
www.privacyanalytics.ca | 613.369.4313
251 Laurier Avenue, Suite 200
Ottawa, Ontario, Canada K1P 5J6
Data Anonymization Professional Certification
Developing the Knowledge and Experience
© 2014 Privacy Analytics, Inc.
Finding an Expert
© 2014 Privacy Analytics, Inc.
Motivations for Anonymization
Population HealthRegulation
Comparative BenchmarkingReleasing Data
Detecting Fraud
Monetizing Data Compliance
Accelerating Research
Data Complexity
Re-identification Risk
Post-marketing surveillance
Data Breach
Marketing
Reputation
Ethics
Software Testing
© 2014 Privacy Analytics, Inc.
Safeguard and Enable Data for Secondary Purposes
•PARAT automates the masking and de-identification of data
•Anonymize structured and unstructured data
•Peer-reviewed methodologies and value-added services that certify data as de-identified
© 2014 Privacy Analytics, Inc.
While the HIPAA Privacy Rule only applies to the anonymization of U.S. regulated health data, it is a useful and relevant standard for the anonymization of all data.
HIPAA Privacy Rule
© 2014 Privacy Analytics, Inc.
• A person with appropriate knowledge of and experience with generally accepted statistical and scientific principles and methods for rendering information not individually identifiable:I. Applying such principles and methods; determines that the risk is “very
small” that the information could be used, alone or in combination with other reasonably available information by an anticipated recipient to identify an individual who is a subject of the information; and
II. Documents the methods and results of the analysis that justify such determination
Expert Determination (Statistical) Method
© 2014 Privacy Analytics, Inc.
Shortage of Anonymization Professionals
• Ad-hoc methods will be used, and data will have lower analytic utility
• Analytics will not occur, impeding research and data monetization
• Non-experts may perform the anonymization, risking disclosure
© 2014 Privacy Analytics, Inc.
Defining Expertise Required to Anonymize Data
© 2014 Privacy Analytics, Inc.
Resources to Get You Started
© 2014 Privacy Analytics, Inc.
Enterprise Re-Identification Risk Management Framework
• Develop the skills needed to manage the risk of re-identification when data is shared for secondary purposes.
• Ensure that responsible privacy and security protocols are in place to allow the ethical use of these large data stores of sensitive personal or protected health information.
• Standards and guidelines for protecting this information need to be implemented.
© 2014 Privacy Analytics, Inc.
Appropriate Knowledge to Anonymize Data
• The Case for Anonymizing Data• Concepts and Definitions• Selecting Identifiers• Risk Measurement for Public Data Releases• Setting Thresholds for Public Data Releases• Risk Measurement for Non-Public Data Releases• Risk Management• Implementing Anonymization Methods
© 2014 Privacy Analytics, Inc.
Appropriate Experience to Anonymize Data
Anonymize two real data sets under the coaching and guidance of someone who is already a seasoned expert (someone involved in the anonymization of a minimum of ten data sets).
© 2014 Privacy Analytics, Inc. 14
Automating Anonymization
© 2014 Privacy Analytics, Inc. 15
Certification Exam
The ability to define very small risk in a defensible way; the ability to select appropriate metrics and to measure the risk of re-identification; and the ability to transform the data to ensure that the measured risk is indeed very small.
© 2014 Privacy Analytics, Inc.
Who is the Anonymization Professional?
• The background of the candidate can be data analysis, database management, health data management, statistician, or software programming.
• Automation means that it’s possible for individuals who are not statisticians or data analysts to anonymize data sets.
© 2014 Privacy Analytics, Inc.
Data Quality1 Analytic Granularity2 Depth of
Insight3
Ensuring de-identified data has analytic usefulness by minimizing the amount of distortion but still ensure that re-identification risk is very small
Allowing users to configure the extent of de-identification to match the characteristics of the analysis that is anticipated
Enabling analysis of the total patient health experience, to compile a complete picture of this experience from multiple data sources and types
Balancing Privacy with Data Utility