Nancy Perkins, Daniel Barth-Jones, Kate Godfrey

Data privacy legislation is increasingly including standards for de-identifying personal data as well as requirements to prevent re-identification. What is required to meet those standards and requirements (e.g., under HIPAA, the GDPR, and the CCPA)? How can businesses manage the different standards across jurisdictions? Are the restrictions on re-identification and use of de-identified information furthering or frustrating important social policy goals? This panel will explore those questions in an interactive discussion.

 

Nancy Perkins, Counsel, Partner, Arnold & Porter

Daniel Barth-Jones, Professor, Mailman School of Public Health, Columbia University

Kate Godfrey, Vice President and Chief Compliance and Privacy Officer, Adaptive Biotechnologies

Readings:

HHS-OCR-Guidance-on-De-Identification-of-PHI-2012

ENISA-paper-on-pseudonymisation-techniques-under-GDPR

2018-article-on-pseudonomized-date-and-the-GDPR

M-Hintze-GDPR-Through-the-De-Identification-Lens-31-Oct-2016-002

Daniel Barth Jones
Daniel Barth-Jones

Assist. Professor, Mailman School of Public Health
Columbia University

Kate Godfrey
Kate Godfrey

VP, Chief Compliance & Privacy Officer
Adaptive Biotechnologies

Perkins Nancy
Nancy Perkins

Counsel
Arnold & Porter