Main Anonymization Techniques for Personal Health Data

Abstract: 
Any open-licensed or otherwise health informatics and personal health data, any open linked data for health education that consider personal health data as well as any data used in open education in the life sciences need to be anonymized before any use of them either for commercial or non-commercial purpose. In the light of Directive 95/46/EC and other relevant EU legal instruments, anonymization results from processing personal data such as personal health data in order to irreversibly prevent identification of personal health data subjects. In doing so, several elements should be taken into account by personal health data controllers, having regard to all the means “likely reasonably” to be used for identification (either by the controller or by any third party). Anonymization constitutes a further processing of personal health data; as such, it must satisfy the requirement of compatibility by having regard to the legal grounds and circumstances of the further processing. Additionally, anonymized personal health data do fall out of the scope of data protection legislation, but data subjects may still be entitled to protection under other provisions (such as those protecting confidentiality of communications). In this short speech and presentation the author aims at presenting the main anonymization techniques, namely randomization and generalization. The author presents main anonymization techniques for personal health data, their principles, their strengths and weaknesses, as well as the common mistakes and failures related to the use of each technique.

Session

Friday, 19 June, 2015 - 11:30 to 13:00