De-Identification Profile
0.0.1-current - ci-build International flag

De-Identification Profile, published by IHE IT Infrastructure Technical Committee. This guide is not an authorized publication; it is the continuous build for version 0.0.1-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/IHE/ITI.DeIdHandbook/ and changes regularly. See the Directory of published versions

References

  1. ISO 25237. (2017). Health informatics — Pseudonymization (ISO 25237:2017; Number ISO 25237:2017). International Organization for Standardization. https://www.iso.org/standard/63553.html
  2. ISO/IEC 20889. (2018). Privacy enhancing data de-identification terminology and classification of techniques (Standard ISO/IEC 20889:2018(E); Number ISO/IEC 20889:2018(E)). International Organization for Standardization. https://www.iso.org/standard/69373.html
  3. GDPR. (2016). Regulation (EU) 2016/679 of the European Parliament and of the Council. European Parliament and Council of the European Union. https://data.europa.eu/eli/reg/2016/679/oj
  4. PIPL. (2021). Personal Information Protection Law of the People’s Republic of China. National People’s Congress of the People’s Republic of China (NPC). http://en.npc.gov.cn.cdurl.cn/2021-12/29/c_694559.htm
  5. NIST 800-188. (2023). De-identifying Government Datasets (Special Publication No. 800-188; Numbers 800-188). National Institute of Standards and Technology. https://doi.org/10.6028/nist.sp.800-188
  6. European Data Protection Board. (2025). Guidelines 01/2025 on Pseudonymisation. https://www.edpb.europa.eu/system/files/2025-01/edpb_guidelines_202501_pseudonymisation_en.pdf
  7. Information Commissioner’s Office. (2025). Pseudonymisation. Information Commissioner’s Office. https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/data-sharing/anonymisation/pseudonymisation/#pseudonymiseddatastillpersonal
  8. Office for Civil Rights. (2025). Methods for De-identification of PHI. HHS.gov. https://www.hhs.gov/hipaa/for-professionals/special-topics/de-identification/index.html#rationale
  9. Hintze, M. (2017). Viewing the GDPR through a de-identification lens: a tool for compliance, clarification, and consistency. International Data Privacy Law, 8(1), 86–101. https://doi.org/10.1093/IDPL/IPX020
  10. U.S. Congress. (1996). Health Insurance Portability and Accountability Act of 1996. Public Law 104-191. https://www.govinfo.gov/content/pkg/PLAW-104publ191/pdf/PLAW-104publ191.pdf
  11. GB/T 42460. (2023). Information security technology - Guide for evaluating the effectiveness of personal information de-identification (Standard GB/T 42460—2023; Number GB/T 42460—2023). State Administration for Market Regulation Standardization Administration of China. https://www.iso.org/standard/69373.html
  12. University of Manchester. (2024). Anonymisation decision-making framework: European practitioners’ guide (2nd ed.). University of Manchester. https://ukanon.net/wp-content/uploads/2024/01/adf-2nd-edition-european-practitioners-guide-final-version-cover-2024-version-2.pdf
  13. National Electrical Manufacturers Association. (2025). DICOM Part 15, Annex E: Security and System Management Profiles — Attribute Confidentiality Profiles (PS3.15 Annex E; Number PS3.15 Annex E). National Electrical Manufacturers Association. https://dicom.nema.org/medical/dicom/current/output/chtml/part15/chapter_E.html
  14. ISO/IEC 27559. (2022). Information security, cybersecurity and privacy protection — Privacy enhancing data de-identification framework (ISO/IEC 27559:2022; Number ISO/IEC 27559:2022). International Organization for Standardization. https://www.iso.org/standard/71677.html
  15. Article 29 Data Protection Working Party. (2014, April 10). Opinion 05/2014 on anonymisation techniques (WP216). European Commission. https://ec.europa.eu/justice/article-29/documentation/opinion-recommendation/files/2014/wp216_en.pdf
  16. HP. Efficient signature schemes supporting redaction, pseudonymization, and data deidentification. HP. HPL-2007-191
  17. Schneier, Bruce. Commentary on the Importance of a Systemic Approach to Security. Bruce Schneier. Essay-028
  18. UK Redaction Toolkit. A United Kingdom government document describing a toolkit for removing content prior publication for various legal reasons. REDACTION GUIDELINES FOR THE EDITING OF EXEMPT INFORMATION FROM PAPER AND ELECTRONIC DOCUMENTS PRIOR TO RELEASE
  19. DICOM. DICOM current publication
  20. DICOM Part 15 Annex E. Discusses clinical trials, double-blinding, traceability (relinking) to original content, preserving data needed for the trial. DICOM Part 15, Annex E current publication
  21. Moehrke. De-Identification is Highly Contextual. (2009) De-Identification is highly contextual
  22. HITSP. HITSP Biosurveillance Use Case Presentation. Lists summary of units of data exchange and values that should be pseudonymized. HITSP Biosurveillance Use Case presentation
  23. NIH Biosurveillance Test Case Scenarios. Presentation by David Dobbs on the Biosurveillance Use Case and Minimum Data Elements
  24. NHN Biosurveillance Test Scenarios. NHN Testing Work Group document *Biosurveillance Test Case Scenarios. 2008-10-03.xls* file, draft.
  25. Dresden Anonymity. A proposed vocabulary for pseudonymization and related concepts. Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management – A onsolidated Proposal for Terminology* (Version v0.31 Feb. 15, 2008)
  26. MIT Reidentification. Shows that a large percentage of people can be re-identified with Date-of-Birth, Current ZIP Code, and Sex. Reidentification of Individuals in Chicago's Homicide Database A Technical and Legal Study
  27. European Medicines Agency. (2025, May 14). External guidance on the implementation of the European Medicines Agency Policy 0070 on the publication of clinical data for medicinal products for human use (Version 1.5). https://www.ema.europa.eu/en/documents/regulatory-procedural-guideline/external-guidance-implementation-european-medicines-agency-policy-publication-clinical-data-medicinal-products-human-use-version-15_en.pdf
  28. Information and Privacy Commissioner of Ontario. (2016, June). De-identification Guidelines for Structured Data. https://www.ipc.on.ca/sites/default/files/legacy/2016/08/Deidentification-Guidelines-for-Structured-Data.pdf
  29. Branson, J., Good, N., Chen, JW. et al. (2020). Evaluating the re-identification risk of a clinical study report anonymized under EMA Policy 0070 and Health Canada Regulations. Trials 21, 200. https://doi.org/10.1186/s13063-020-4120-y
  30. Sweeney, L. (2002). k-anonymity: A model for protecting privacy. International Journal on Uncertainty, Fuzziness and Knowledge-Based Systems, 10(05), 557-570. https://doi.org/10.1142/s0218488502001648
  31. Dwork, C., & Roth, A. (2014). The algorithmic foundations of differential privacy. Foundations and Trends® in Theoretical Computer Science, 9(3-4), 211-407. https://doi.org/10.1561/0400000042
  32. El Emam, K. (2013). Guide to the de-identification of personal health information. Auerbach Publications. https://doi.org/10.1201/b14754
  33. Shahid, A., Bazargani, M. H., Banahan, P., Mac Namee, B., Kechadi, T., Treacy, C., Regan, G., & MacMahon, P. (2022). A Two-Stage De-Identification Process for Privacy-Preserving Medical Image Analysis. Healthcare (Basel, Switzerland), 10(5), 755. https://doi.org/10.3390/healthcare10050755