De-Identification, Anonymization, Redaction Toolkit Services
0.1.0 - STU1 Release 1 - Standard for Trial-Use United States of America flag

De-Identification, Anonymization, Redaction Toolkit Services, published by HL7 International / Cross Group Projects. This guide is not an authorized publication; it is the continuous build for version 0.1.0 built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/fhir-darts/ and changes regularly. See the Directory of published versions

Background

Page standards status: Trial-use

This section provides an overview of the Implementation Guide (IG).

IG Purpose

Currently many Federal Reporting use cases use aggregate data reporting because they are not authorized to receive PHI/PII data as part of the reports. However there is a desire to use deidentified or anonymized information to generate more insights for the population at large. This requires data submitters to effectively remove PHI/PII data and submit non PHI/PII data to the agencies. This need for more granular information without PHI/PII exists across agencies. The following are some example programs that require these capabilities

  • HRSA's UDS+ Reporting
  • Other programs to be idenitified

Read the Use Cases section to get an idea of the various systems, actors and the data flow requirements.

Guiding Principles for the IG

The following are the guiding principles for the DAPL IG.

  • Reduce EHR burden in generating the deidentified/anonymized profiles by providing a consistent representation of the data
  • Align with existing standards (e.g., Health Level 7 (HL7) Fast Healthcare Interoperability Resources (FHIR), and regulations (e.g., ONC 2015 Edition, 2015 Edition Cures Update, Trusted Exchange Framework and Common Agreement (TEFCA), etc.), United States Core Data for Interoperability (USCDI) while improving the timeliness and completeness of data

IG In-Scope Requirements

The following requirements are in-scope for the DAPL IG based on the use cases.

  • Define the set of profiles that can be used to represent deidentified data
  • Define the set of profiles that can be used to represent anonymized data

IG Out-of-Scope

The following aspects are out-of-scope for the DAPL IG based on the use cases.

  • Changes to the Data Submitters (e.g., EHR) data capture screens and/or changes to clinical workflows. Providers may use their choice of apps/screens/systems to enter the data independent of the IG.
  • Policies and processes followed by Data Submitters which allow data sharing, collecting of consent, or compliance with regulatory requirements.
  • Mechanisms to identify the patients for whom the data needs to be deidentified or anonymized

Underlying Specifications

This guide is based on the HL7 FHIR R4 standard, and is aligned with US Core IG terminology, Data Exchange for Quality Measures - DEQM and QI Core IG.

Implementers of the DAPL IG must understand some basic information about the underlying specifications listed above.