Daniel Barth-Jones, James Janisse, Patrick Baier
Unraveling the Gordian Knots of De-identification, Pseudonymization, Anonymization and Cryptographic Tokenization: What Data Privacy Lawyers and Compliance Mangers Really Need to Know
A solid understanding of data de-identification and associated data privacy methods that are used to support compliance with HIPAA and GDPR requirements is an increasingly important part of the requisite knowledge base for professionals in privacy and security law and compliance. The workshop will provide a readily accessible primer for lawyers and corporate compliance mangers without intensive technical backgrounds on the statistical disclosure risk analyses/control methods that are utilized to meet HIPAA de-identification/GDPR pseudonymization and anonymization requirements. Essential concepts in cryptographic tokenization and linkage methods which are used for combining data sets without exposing PHI/PII will also be addressed. Guidance will also be offered for engaging and working with de-identification experts to efficiently manage data de-identification projects.
Daniel Barth-Jones , Assistant Professor, Mailman School of Public Health, Columbia University
James Janisse, Associate Professor, Family Medicine and Public Health Sciences, Wayne State University
Patrick Baier, Cryptographer, Pirmin, a Bethesda Maryland LLC
Readings:
