[ Monday, November 26, 2012 ]


De-identification guidance: OCR has published guidance on how to know that data has been de-identified.  The original Privacy Regs allowed for 2 ways to de-identify: have an expert tell you that enough information has been removed that you can be confident nobody would know who is referred to by the PHI, or remove a specified list of data elements.  I haven't had time to closely review what OCR did, but it looks like they kept closely to the text.  If I pick up on anything on a closer read, I'll let you know.

Jeff [9:19 PM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template