Systems and methods for encryption-based de-identification of protected health information
First Claim
Patent Images
1. A method for processing data, comprising the steps of:
- obtaining a patient data record of a patient which includes patient identifying information;
removing the patient identifying information from the patient data record to generate a de-identified data record comprising unencrypted patient data in the patient data record which does not identify the patient;
generating an encrypted ID for the patient, wherein the encrypted ID comprises an encrypted representation of one or more items of patient identifying information; and
storing the encrypted ID with or in the de-identified data record,wherein the step of removing the patient identifying information in the patient data record includes automatically removing patient identifying information from an unstructured data record by locating a text string in the unstructured data records that includes patient identifying information, and removing the text string from the unstructured data record, wherein the text string to be removed from the unstructured data record is determined based on a matching text string that is included in a database element of a structured data record associated with the unstructured data record.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are provided for protecting individual privacy (e.g., patient privacy) when individual data records (e.g., patient data records) are shared between various entities (e.g., healthcare entities). In one aspect, systems and methods are provided which implement secured key encryption for de-identifying patient data to ensure patient privacy, while allowing only the owners of the patient data and/or legally empowered entities to re-identify subject patients associated with de-identified patient data records, when needed.
121 Citations
33 Claims
-
1. A method for processing data, comprising the steps of:
-
obtaining a patient data record of a patient which includes patient identifying information; removing the patient identifying information from the patient data record to generate a de-identified data record comprising unencrypted patient data in the patient data record which does not identify the patient; generating an encrypted ID for the patient, wherein the encrypted ID comprises an encrypted representation of one or more items of patient identifying information; and storing the encrypted ID with or in the de-identified data record, wherein the step of removing the patient identifying information in the patient data record includes automatically removing patient identifying information from an unstructured data record by locating a text string in the unstructured data records that includes patient identifying information, and removing the text string from the unstructured data record, wherein the text string to be removed from the unstructured data record is determined based on a matching text string that is included in a database element of a structured data record associated with the unstructured data record. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A program storage device readable by a machine, tangibly embodying a program of instructions executable on the machine to perform method steps for processing medical information, the method steps comprising:
-
obtaining a patient data record of a patient which includes patient identifying information; removing the patient identifying information from the patient data record to generate a de-identified data record comprising unencrypted patient data in the patient data record which does not identify the patient; generating an encrypted ID for the patient, wherein the encrypted ID comprises an encrypted representation of one or more items of patient identifying information; and storing the encrypted ID with or in the de-identified data record, wherein the instructions for removing the patient identifying information in the patient data record comprise instructions for automatically removing patient identifying information from an unstructured data record by locating a text string in the unstructured data records that includes patient identifying information and removing the text string from the unstructured data record, wherein the text string to be removed from the unstructured data record is determined based on a matching text string that is included in a database element of a structured data record associated with the unstructured data record. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
-
-
30. A method for processing data, comprising the steps of:
-
obtaining a data record of an individual which includes individual identifying information; removing the individual identifying information from the data record to generate a de-identified data record comprising unencrypted data in the data record which does not identify the individual; generating an encrypted ID for the individual, wherein the encrypted ID comprises an encrypted representation of one or more items of individual identifying information; and storing the encrypted ID with or in the de-identified data record, wherein the step of removing the individual identifying information from the data record includes automatically removing the individual identifying information from an unstructured data record by locating a text string in the unstructured data records that includes the individual identifying information, and removing the text string from the unstructured data record, wherein the text string to be removed from the unstructured data record is determined based on a matching text string that is included in a database element of a structured data record associated with the unstructured data record. - View Dependent Claims (31, 32, 33)
-
Specification