[ Monday, November 26, 2012 ]
De-identification guidance: OCR has
published guidance on how to know that data has been de-identified. The original Privacy Regs allowed for 2 ways to de-identify: have an expert tell you that enough information has been removed that you can be confident nobody would know who is referred to by the PHI, or remove a specified list of data elements. I haven't had time to closely review what OCR did, but it looks like they kept closely to the text. If I pick up on anything on a closer read, I'll let you know.
Jeff [9:19 PM]
http://www.blogger.com/template-edit.g?blogID=3380636
Blogger: HIPAA Blog - Edit your Template