Stream: research
Topic: TTP operations
Michael van der Zel (Mar 20 2019 at 12:04):
We need TTP operations like add-pseudonym, re-identify, etc. Is there work done on this already? Thanks.
John Moehrke (Mar 21 2019 at 14:07):
There is no way to define a service that will de-identify without knowing what the intended use of the data is, and what level of risk is acceptable. This activity is done by a team of people working on risk management relative to these factors. This activity often needs to prototype various algorithms to determine that the resulting data-set would meet the target risk level. This activity will result in a customized algorithm for that project and that data. I have proposed a service that could be given this algorithm definition, but the practical reality is that technology has not advanced to that point yet. see https://healthcaresecprivacy.blogspot.com/2017/09/fhir-and-bulk-de-identification.html
Michael van der Zel (May 23 2019 at 13:05):
We choose to define a $pseudo operation with parameters researchStudy and subject. The result is a parameter with the pseudoSubject. We wanted a FHIR way to access the pseudo service.
Bram Wesselo (Jun 19 2019 at 09:37):
@Michael van der Zel How do you deal with (technical) id's of FHIR instances? These id's are pseudonyms themselves.
Michael van der Zel (Jun 23 2019 at 13:32):
@Bram Wesselo I've been thinking about what you mean with your question and am still not sure. My first response would be that I don't want to use the (technical) id's. It would be better to explicitly assign id's in a pseudonym namespace. And besides that we also use non-FHIR systems in the chain.
Last updated: Apr 12 2022 at 19:14 UTC
