Anne L. Kim writes:
The rise of health apps has expanded the opportunities for individuals’ data to be used for research purposes, policy analysis, and so on. But what are the complexities involved with making sure people are “de-identified” from their own data, so their privacy can be protected? At an FTC workshop today on consumer-generated health data, panelists spent some time talking about whether there should be a uniform standard.
There isn’t a single definition of de-identification or one “rule that governs everybody,” according to Joy Pitts, chief privacy officer at HHS’ Office of the National Coordinator for Health Information Technology. (There is a Department of Health and Human Services document that offers guidance on where de-identification fits into the Health Insurance Portability and Accountability Act, or HIPPA, but there’s no set of industry best practices.)
Read more on Roll Call.