Practical de-identification under the HIPAA Privacy Rule
Joseph Regensburger leads the Research Group at Immuta, where he focuses on model risk management and privacy-preserving machine learning. Previously, he was chief scientist at Illumination Works, LLC and principal research scientist at the Battelle Memorial Institute. Joseph has led research efforts characterizing airport security screening devices, engineering image analysis software, and developing machine learning algorithms for biological detection. He received both Battelle’s Technical Achievement Award and Illumination Works’s Innovation Award. He holds a PhD in physics from the Ohio State University, where his research focused on experimental high-energy physics—specifically the detection of rare decays of D0 mesons.
No video of the event yet, sorry!
Under the HIPAA Privacy Rule, Protected Health Information (or PHI) is, roughly, any individually identifiable information regarding health care, health care payment, or health status. While the HIPAA Privacy Rule strictly regulates the use and disclosure of PHI by covered entities, it also provides provisions which establish when data may be deemed "de-identified" and therefore no longer bound by its restrictions.
This talk discusses nuances and pitfalls of de-identification under the HIPAA Privacy Rule in general and, in detail, on a prescriptive approach known as "Safe Harbor" which calls for the removal of certain categories of identifying information.
Attendees will walk away with an understanding of how to determine what is and is not PHI, knowledge of de-identification requirements of the HIPAA Privacy Rule, and how to effectively implement de-identification in accordance under its "Safe Harbor" provisions.
- 20 min
- Postgres Conference 2020
- Regulated Industry