HIPAA De-identification and Data Anonymization

Question 1

Under HIPAA, what is the primary significance of de-identifying health information?

Accepted Answer

De-identified information is no longer PHI and is not subject to HIPAA's privacy protections

Answer

Once properly de-identified under HIPAA standards, health information is no longer considered PHI and falls outside the scope of HIPAA's privacy and security requirements.

Question 2

HIPAA's Safe Harbor de-identification method requires removal of how many specific identifiers?

Accepted Answer

18 identifiers

Answer

HIPAA's Safe Harbor method requires removal of 18 specific categories of identifiers to de-identify health information.

Question 3

Under HIPAA's Expert Determination method of de-identification, who must make the determination?

Accepted Answer

A person with appropriate knowledge and experience applying statistical and scientific principles to health data

Answer

Expert Determination requires a qualified statistician or data scientist with appropriate experience in applying scientific principles to determine that re-identification risk is very small.

Question 4

Which of the following items must be removed under HIPAA's Safe Harbor de-identification method?

Accepted Answer

ZIP codes with populations less than 20,000

Answer

Geographic data below the state level must be removed, including ZIP codes that could identify small populations. The first three digits of ZIP codes may be retained if the geographic area contains more than 20,000 people.

Question 5

Under HIPAA Safe Harbor de-identification, how must ages over 89 be handled?

Accepted Answer

They may be aggregated into a single category of '90 or older'

Answer

HIPAA allows ages over 89 to be aggregated into a category of '90 or older' rather than being completely removed, preserving some demographic information.

HIPAA - Health Insurance Portability and Accountability Act Practice Test

HIPAA - Health Insurance Portability and Accountability Act Practice Test

HIPAA De-identification and Data Anonymization