Restricted accessOtherFirst published online 2015-4
Is Sharing De-Identified Data Legal? The State of Public Health Confidentiality Laws and Their Interplay with Statistical Disclosure Limitation Techniques
See, e.g., OhmP., “Broken Promises of Privacy: Responding to the Surprising Failure of Anonymization,”University California Los Angeles Law Review57, no. 6 (2010): 1701–1777.
CirianiV., “Microdata Protection,” in YuTingJajodiaSushil, eds., Secure Data Management in Decentralized Systems (Springer, 2007): At 291–321, available at <http://spdp.di.unimi.it/papers/microdata.pdf> (last visited February 5, 2015).
5.
Guidance Regarding Methods for De-identificaiton of Protected Health Information in Accordance with the Health Insurance Portability and Accountability (HIPAA) Privacy Rule, Department of Health and Human Services: Understanding HIPAA, available at <http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/De-identification/guidance.html> (last visited February 5, 2015) [hereinafter cited as De-identification in Accordance with HIPAA].
6.
Center for Disease Control and Prevention, “HIPAA Privacy Rule and Public Health: Guidance from CDC and the U.S. Department of Health and Human Services,” April 11, 2003, at <http://www.cdc.gov/mmwr/preview/mmwrhtml/m2e411a1.htm> (last visited February 5, 2015).
7.
CavoukianA.EmamK. E., Dispelling the Myths Surrounding De-identification: Anonymization Remains a Strong Tool for Protecting Privacy (June 16, 2011), Discussion Papers, Information and Privacy Commissioner of Ontario, available at <http://www.ipc.on.ca/images/Resources/anonymization.pdf> (last visited February 5, 2015).
8.
De-identification in Accordance with HIPAA, supra note 5; Ciriani, supra note 4.
9.
Id. (De-identification in Accordance with HIPAA).
10.
See Ohm, supra note 2.
11.
SweeneyL., Simple Demographics Often Identify People Uniquely, Data Privacy, Carnegie Mellon University, Working Paper 3, Pittsburgh (2000), available at <http://dataprivacylab.org/projects/identifiability/paper1.pdf> (last visited February 5, 2015).
12.
GolleP., Revisiting the Uniqueness of Simple Demographics in the US Population, paper presentation at the 5th ACM Workshop on Privacy in Electronic Society, ACM, New York, New York, United States, 2006, available at <http://crypto.stanford.edu/∼pgolle/papers/census.pdf> (last visited February 5, 2015).
13.
See Cavoukian, supra note 7.
14.
See Sweeney, supra note 11.
15.
National Committee on Vital and Health Statistics, Enhanced Protections for Uses of Health Data: A Stewardship Framework for ‘Secondary Uses’ of Electronically Collected and Transmitted Health Data, Report to the Secretary of the U.S. Department of Health and Human Services (December, 19, 2007), available at <http://www.ncvhs.hhs.gov/071221lt.pdf> (last visited February 5, 2015).
16.
See CavoukianEmam, supra note 7.
17.
Southern Illinoisan v. Illinois Dep't of Public Health, 844 N.E.2d 1 (Ill. 2006).
18.
Marine Shale Processors, Inc. v. State of Louisiana Dep't of Health, 572 So. 2d 280 (La. App. 1 Cir. 1990).
19.
Williams Law Firm v. Board of Supervisors, 878 So. 2d 557 (La. App. 1 Cir. 2004).
