De-Identification and Privacy Standards (CLE Day

TAHSN Standard

Jurisdictional/Industry Difference

De-Identification 101

100

This data that has been summarized and tabulated. This process involves statistically combining individual-level information at a group, cohort, institutional, or multi-institutional level.

What is aggregate data?

100

Per TCPS2, direct identifiers are removed from the information and replaced with a code. Depending on access to the code, it may be possible to re-identify specific participants

What is coded-data?

100

Any process that re-establishes the link between identifiable information and an individual

What is re-identification?

200

This must be in place between institutions before data can be shared

What is a Governing Data Sharing Agreement (DSA)?

200

While the GDPR does not include the term de-identified, this is the term to describe when you process personal data to a point where it cannot be attributed to a specific individual without additional information kept separately and securely.

What is pseudonymized?

200

This is the threshold for re-identification risk under Ontario’s privacy standard

What is a very low risk of re-identification?

300

The number of indirect identifiers permitted in a dataset.

What is two?

300

This is the second option available for de-identification per HIPPA and is not Safe Harbour.

What is expert determination?

300

This privacy principle ensures that data sharing is limited to what is necessary

What is data limitation or minimization?

400

The other term used to define indirect identifiers

Quasi-identifier

400

The number of categories of PHI to be removed per Safe Harbour

400

This Decision concludes that the act or process of de-identifying personal health information is a “use” within the meaning of section 2 of the Act, and that the use of personal health information for the purpose of de-identification is permitted without the consent of the individual, where the conditions set out under subsection 37(1)(f) of the Act are met.

IPC Decision 175

500

Besides sharing any Direct Identifiers and/or more than two Indirect Identifiers, the following is out scope of the TASHN standard

Sharing of Genetic Information

500

Under this regulation, even data that has been pseudonymized is still considered personal data.

GDPR

500

Applying cryptographic functions to mix‑up the original data into an unrecognizable value.

Hashing