PIEDMONT ACCESS TO HEALTH 5ERVICEs, INC,
Number:
SUBJECT:
Policy
EFFECTIVE
DATE:
01-01-005
De-ldentification of Protected Health lnformation and Limited Data Sets
O4{OL|2OO4
REVIEWED/REVISED: o&lt6l2OO6, O2lt5l2oo9,04l0t/20L0, 09lt6lzotL,02l7Ll20L3, LOlt4l2OL4,
os/t3120].6
POUCY: PATHS is permitted to use and disclose patient health information that has been de-identified
without regard to the requirements of HIPM. PATHs is permitted to use and disclose limited
data sets for the purposes of research, public health, or health care operations.
PROCEDURE:
1.
"de-identified" health information and such information
not subject to the requirements of HIPAA.
PATHS may create
is
thereafter
2.
All de-identification shall be performed at the direction and under the supervision of
PATHS' Privacy Officer.
3.
The reason for the de-identification will be documented and maintained by the privacy
Officer.
4.
de-ldentify patient health information in either of the following manners:
Remove all of the following identifiers from the patient's health information:
PATHS may
a.
i.
Name;
ii.
All geographic subdivisions smaller than a state, including street
address, city, county, precinct, zip code and their equivalent geo-codes,
except for the initial three digits of a zip code if, according to the current
publicly available data from the Bureau of the Census;
iii.
The geographic unit formed by combining all zip codes with the same
three initial digits contains more than
iv.
v.
20,OOO
people;
The initial three digits of a zip code for all such geographic units
containing 20,000 or fewer people is changed to OOO;
All elements of dates (except year) for dates directly related to an
individual including birth date, admission date, discharge date, date of
death, and all ages over 89 and all elements of dates (including year)
indicative of such age, except that such ages and elements may be
aggregated into a single category of age gO or older.
(a)
Telephone numbers;
01 01-005: De-ldentification of protected Health lnformation and Limited Data Sets
Page 1 of 5
vii
(b)
Fax Numbers;
(c)
Electronic Mail Addresses;
(d)
Social Security Numbers;
(e)
Medical Record Numbers;
(f)
Health plan beneficiary numbers;
(e)
Account numbers;
(h)
Certificate/License Numbers;
(i)
Vehicle identifiers and serial numbers, including license plate
numbers;
(])
lnternet Protocol (lP) address numbers;
(k)
Biometric identifiers, including finger and voice prints;
(t)
Full face photographic identifying number, characteristic, or
code, except as permitted for re-identification.
lf any of the above 1.8 identifiers are not removed, PATHS may utilize a
qualified person to determine that the risk is very small that the
information could be used, either by itself or in combination with other
available information, by anticipated recipients to identify a subject of
the information. A "qualified person" means a person:
(a)
With appropriate knowledge and experience applying generally
accepted statistical and scientific principles and methods for
rendering information not individually identifiable;
(b)
Who applies such methods and principles to determine the risk
is very smallthat the information could be used, alone or in
combination with other reasonably available information, by an
anticipated recipient to identify an individual who is a subject of
the information; and
(c)
b.
Who documents the methods and results of the analysis that
justify such determination.
All de-ide ntification shall be performed under the supervision of the privacy
Officer.
01-01-005: De-ldentification of Protected Health lnformation and Limited Data Sets
page 2 of 5
No de-identified information shall be disclosed if PATHS has knowledge that the
information could be used alone or in combination to identify a subject of the
information.
d.
PATHS may assign a code or other means of record identification to allow
information that has been de-identified to be re-identified by PATHS, as long
i.
The code or other means of record identification is not derived from or
related to information about the individual and is not otherwise capable
of being translated so as to identify the individual; or
ii.
e.
5.
as:
PATHS does not use or disclose the code or other means
of record
identification for any other purpose, and does not disclose the
mechanism for re-identification.
Any violations of this policy shall be reported to the Privacy Officer.
Limited Data Sets:
a.
PATHS may create limited data sets and may use and disclose limited data sets
only for the purposes of research, public health, or health care operations.
b.
PATHS may use protected health information to create a limited data set or
disclose protected health information to a business associate for such purpose.
All limited data sets shall be created at the discretion and under the supervision
of the Privacy Officer.
d.
To create a limited data set, PATHS must exclude the following direct identifiers
of the individua l, or of relatives, employers, or household members, of the
ind ivid ua l:
L
Names;
ii.
Postal address information, other than town or city, State, and zip code;
Telephone num bers;
iv.
Fax num bers;
Electronic mail addresses;
Social security numbers;
Medical record numbers;
vl
.
Health plan beneficiary numbers;
01-01-005: De-tdentification of proteded Health tnformation
and Limited Data Sets
page 3 of s
Account numbers;
tx.
Certificate/license num bers;
xl.
Vehicle identifiers and serial numbers, including license plate numbers;
xI.
Device identifiers and serial numbers;
x
Web Universal Resource Locators (URL's);
t.
xtv.
lnternet Protocol (lP) address numbers;
Biometric identifiers, including finger and voice prints; and
Full face photographic images and any comparable images.
Prior to disclosing a limited data set, PATHS will obtain satisfactory assurance in
the form of a data use agreement, that the limited data set recipient will only
use or disclose the protected health information for limited purposes.
6.
A data use agreement must:
Establish the permitted uses and disclosures of such information by the limited
data set recipient. The data use agreement may not authorize the limited data
set recipient to use or further disclose the information in a manner that would
violate the requirements of HIPAA, if done by the provider;
b.
Establish who is permitted to use or receive the limited data set;
Provide that the limited data set recipient will:
d.
i.
Not use or further disclose the information other than as permitted by
the data use agreement or as otherwise required by law;
[.
to prevent use or disclosure of the
information other than as provided for by the data use agreement; or
iii.
Report to the provider any use or disclosure of information not
provided for by its data use agreement of which it becomes aware.
Use appropriate safeguards
Ensure that any agents, including a subcontractor, to whom it provides the
limited data set agrees to the same restrictions and conditions that apply to the
limited data set recipient with respect to such information; and
e.
7.
Not identify the information or contact the individuals.
lf PATHS discovers or otherwise knows of a pattern of activity or practice of the limited
data set recipient that constitutes a materiar breach or vioration of the data use
01-01-005: De-ldentification of protected Health tnformation and Limited
Data Sets
page 4 of 5
agreement, PATHS shalltake reasonable steps to cure a breach or end a violation, as
applicable. lf PATHS takes reasonable steps and such steps are unsuccessful, PATHS
must then discontinue disclosure of protected health information to the recipient and
report the problem to the secretary of DHHS.
Any violations of this policy will be reported to PATHS' Security Officer.
SIGNATURES:
Jh/4 0. A,uu
Lh",t
t*.{/t^^ Otl"*
5 r/L:JL_
1r,,Jsr-r+
01-01-005: De-rdentification of protected Hearth rnformation and Limited
Data sets
Page 5
of 5