In the world of data-driven era, big data and advancement in technology makes analysing a large quantity of data happens at a glance.
The extent to which data is identifiable depends on the number of subjects with those identifiers. In health data, we have HIPAA act which mainly focused on privacy issues. Let’s have a look at this for an obvious example!
Imagine that we are talking about elderly with an age of 90. How many of people nowadays who live that long, a thousand around the world? Maybe. But if we specify the location, such as male, age 90, who lived in Amphor Mae Sa Riang Chiang Mai, you may have just one or two person.
Another example, a guy from Chiang Mai, graduated from Faculty of Medicine. Age 26. Currently study MSc at Mahidol University. Without the name of a faculty — if you asked one of my friends, they will instantly know that that was me 😂
FYI, for those who interested in HIPAA, you can look up about it more here
What are the 18 HIPAA Identifiers?
The 18 HIPAA identifiers are the identifiers that must be removed from a record set before any remaining health information is considered to be de-identified (see §164.514). However, due to the age of this list, Covered Entities should ensure that no further identifiers remain in a record set before disclosing any health information to a third party (i.e., for research). The 18 HIPAA identifiers are:
Dates, except year
Social Security numbers
Medical record numbers
Health plan beneficiary numbers
Vehicle identifiers and serial numbers including license plates
Device identifiers and serial numbers
Internet protocol addresses
Full face photos and comparable images
Biometric identifiers (i.e., retinal scan, fingerprints)
Any unique identifying number or code