C-A1-01: Using Data Transformations, Derived Values, and Cryptographic Functions to Protect PHI in the VDW

Abstract

Background and Aims HIPAA policies define values derived from PHI as also being PHI. Consequently, applying algorithmic functions to PHI has been viewed as having little benefit to research data. However, short of full de-identification, the use of transformed PHI may reduce compliance risk and increase security of routine data handling. Our aim is to: present a general framework for evaluating methods of de-identifying/protecting PHI, and evaluate how well selected mathematical functions, including common cryptographic functions, can enhance protection of PHI in the HMORN Virtual Data Warehouse (VDW). Methods The methods used include a review of technical literature/material, from both within and outside traditional research disciplines, followed by analysis and application of findings to the issues addressed here, including: reviewing both the regulatory and practical context for protecting PHI in research data; developing a set of criteria to evaluate the benefits and costs of methods for PHI protection/de-identification; reviewing the basic uses of general cryptography; comparing/contrasting the needs of general cryptography with those of PHI protection in research data; evaluating selected methods of protecting PHI against the proposed criteria. Results The proposed framework for evaluating PHI protection methods includes five criteria: effect on usefulness of data; effect on ease of use or analytical efficiency; net impact on data security; system implementation costs; negative effect on data quality. There are several methods for protecting PHI that can be easily implemented in the VDW, including: the creation of linking variables that eliminate the need to routinely query PHI variables, such as service dates; the MD5 cryptographic hash function, which can be used to obscure any PHI data and is relatively easy to implement in SAS, the standard analysis software platform used in the HMORN. Conclusions Stewards of research data, like the VDW, should adopt the use mathematical functions, including cryptographic hash functions, to transform PHI into derived values. Such methods do not replace the need for full de-identification, but can enhance security and reduce compliance risk during routine data handling.