HIPAA Blog

[ Monday, November 26, 2012 ]

De-identification guidance: OCR has published guidance on how to know that data has been de-identified. The original Privacy Regs allowed for 2 ways to de-identify: have an expert tell you that enough information has been removed that you can be confident nobody would know who is referred to by the PHI, or remove a specified list of data elements. I haven't had time to closely review what OCR did, but it looks like they kept closely to the text. If I pick up on anything on a closer read, I'll let you know.

Jeff [9:19 PM]

Comments: Post a Comment

http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template