System and method for cascading token generation and data de-identification
First Claim
1. A computer-implemented method for de-identifying a plurality of records for a plurality of individuals, the plurality of records including identifying data for the plurality of individuals, comprising:
- receiving a record for an individual, the record comprising a plurality of data elements identifying the individual;
generating, with at least one processor, a token based at least partially on the plurality of data elements identifying the individual;
encrypting, with at least one processor, the token based at least partially on a first encryption key, resulting in an encrypted token;
encrypting, with at least one processor, the encrypted token based at least partially on a second encryption key, resulting in encrypted output data; and
transmitting the encrypted output data to a data processing system;
decrypting, with at least one processor at the data processing system, the encrypted output data and the encrypted token; and
encrypting, with at least one processor at the data processing system, the token with a third encryption key to produce a new token, wherein the third encryption key is unique to a client and/or data supplier.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer-implemented method for de-identifying data by creating tokens through a cascading algorithm includes the steps of processing at least one record comprising a plurality of data elements to identify a subset of data elements comprising data identifying at least one individual; generating, with at least one processor, a first hash by hashing at least one first data element with at least one second data element of the subset of data elements; generating, with at least one processor, a second hash by hashing the first hash with at least one third data element of the subset of data elements; creating at least one token based at least partially on the second hash or a subsequent hash derived from the second hash, wherein the token identifies the at least one individual; and associating at least a portion of a remainder of the data elements with the at least one token.
19 Citations
18 Claims
-
1. A computer-implemented method for de-identifying a plurality of records for a plurality of individuals, the plurality of records including identifying data for the plurality of individuals, comprising:
-
receiving a record for an individual, the record comprising a plurality of data elements identifying the individual; generating, with at least one processor, a token based at least partially on the plurality of data elements identifying the individual; encrypting, with at least one processor, the token based at least partially on a first encryption key, resulting in an encrypted token; encrypting, with at least one processor, the encrypted token based at least partially on a second encryption key, resulting in encrypted output data; and transmitting the encrypted output data to a data processing system; decrypting, with at least one processor at the data processing system, the encrypted output data and the encrypted token; and encrypting, with at least one processor at the data processing system, the token with a third encryption key to produce a new token, wherein the third encryption key is unique to a client and/or data supplier. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer program product for de-identifying a plurality of records for a plurality of individuals, the plurality of records including identifying data for the plurality of individuals, comprising at least one non-transitory computer-readable medium comprising program instructions that, when executed by at least one processor, cause the at least one processor to:
-
receive a record for an individual, the record comprising a plurality of data elements identifying the individual; generate a token based at least partially on the plurality of data elements identifying the individual; encrypt the token based at least partially on a first encryption key, resulting in an encrypted token; encrypt the encrypted token based at least partially on a second encryption key, resulting in encrypted output data; transmit the encrypted output data to a data processing system; decrypt, at the data processing system, the encrypted output data and the encrypted token; and encrypt, at the data processing system, the token with a third encryption key to produce a new token, wherein the third encryption key is unique to a client and/or data supplier. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system for de-identifying data, comprising:
-
(a) a de-identification subsystem comprising at least one hardware processor configured to; (i) process a data record comprising a plurality of data elements, wherein a subset of data elements of the plurality of data elements comprises personally identifying information for an individual; (ii) generate a token based at least partially on the subset of data elements; (iii) encrypt at least the token to generate an encrypted token; and (iv) generate encrypted data by encrypting the encrypted token with a second key; and (b) a token processing subsystem comprising at least one hardware processor configured to; (i) receive the encrypted data; (ii) decrypt the encrypted data, resulting in the encrypted token; (iii) decrypt the encrypted token; (iv) encrypt the token with a key unique to a client and/or data supplier, resulting in a new token; and (v) link the new token and unencrypted data elements with at least one other record for the individual. - View Dependent Claims (16)
-
-
17. A de-identification system, comprising:
-
(a) a de-identification subsystem comprising at least one non-transitory computer-readable medium containing program instructions which, when executed by at least one processor, causes the at least one processor to; (i) create a token from at least one record comprising at least one data element including personally-identifying information; (ii) encrypt the token with a randomly-generated encryption key, forming an encrypted token; and (iii) encrypt the encrypted token with a second key, forming encrypted data; and (b) a record processing subsystem comprising at least one non-transitory computer-readable medium containing program instructions which, when executed by at least one processor, causes the at least one processor to; (i) receive the encrypted data; (ii) decrypt the encrypted data with the second key or a key corresponding to the second key, resulting in the encrypted token; (iii) decrypt the encrypted token with the randomly-generated encryption key; (iv) generate a new token based at least partially on the token and a key unique to a client and/or data supplier; and (v) generate a de-identified record based at least partially on the new token. - View Dependent Claims (18)
-
Specification