The expert determination method, defined by 45 CFR § 164.514(b)(1), is one of two approaches for de-identifying protected health information. This method relies on statistical and scientific principles to transform PHI into data that cannot reasonably be used to identify an individual.
According to The Network for Public Health Law document titled HIPAA Expert Determination De-Identification Method: "The Expert Determination method provides for an individual to be determined an expert in de-identification through professional experience, academic or other training, and actual experience, using health information de-identification methodologies."
Read also: How to choose the right method for deidentification
The role of the expert
The Department of Health and Human Services states that, “There is no specific professional degree or certification program for designating who is an expert at rendering health information de-identified. Relevant expertise may be gained through various routes of education and experience. Experts may be found in the statistical, mathematical, or other scientific domains. From an enforcement perspective, OCR would review the relevant professional experience and academic or other training of the expert used by the covered entity, as well as actual experience of the expert using health information de-identification methodologies.”
Therefore an expert, must:
- Possess appropriate knowledge of and experience with statistical and scientific principles
- Apply these principles to render information not individually identifiable
- Document the methods and results of the analysis that justify the determination
- Conclude that the risk of identification is "very small"
Implementation process
1. Risk assessment
"A qualified expert evaluates the risk that an individual could be identified from the dataset, either alone or when combined with other reasonably available information. This risk is typically assessed using sophisticated statistical models that account for factors like population size, data uniqueness, and the availability of external datasets." As stated in the article Understanding Safe Harbor and Expert Determination in Healthcare Data Security by SynapseHealthTech, published on LinkedIn.
The expert would evaluate:
- The type and amount of protected health information
- Potential recipients of the de-identified data
- Existing technical capabilities for re-identification
- Cost and likelihood of identification attempts
2. De-identification techniques
The Institute for Families in Society Guidelines and Methods for De-identifying Protected Health Information outlines the following de-identification techniques:
- Aggregation – Merging smaller data groups into larger ones, such as combining age groups or geographic areas, to meet minimum size thresholds.
- Suppression – Concealing small numbers in data tables, along with related figures that could reveal the hidden values.
- Blurring – Reducing data precision by converting exact values into ranges or categories (e.g., changing "17" to "15-20").
- Perturbation – Intentionally making small modifications to the data, such as slightly altering locations or swapping certain values.
- Spatial Integration – Merging nearby geographic points into a single location point based on a defined search radius.
3. Documentation requirements
The Network for Public Health Law document titled HIPAA Expert Determination De-Identification Method provides that an expert must document:
- Methods and analysis used
- Results of the analysis
- Justification for the determination
- Risk level assessment
- Recommended controls for data release
Advantages and limitations
In correspondence to the Secretary of the Department of Health and Human Services, the National Committee on Vital and Health Statistics points out that, “In comparing the two methods of de-identification established in the de-identification standard of the privacy Rule, Safe Harbor is largely ‘one size fits all,’ regardless of the characteristics of the dataset. By contrast, the Expert Determination method has the advantage of fitting the de- identification method to the risks associated with the specific dataset. Despite this increasingly important advantage, Expert Determination is used less frequently than Safe Harbor. One reason is that Expert Determination, while more consultative, is also more expensive, and there are too few experts available for hire.”
The expert determination has a flexible approach that can be adapted to specific use cases. It allows for the retention of more detailed data, providing scientific validity to de-identification efforts and supporting ongoing research and analytics needs. However, there are limitations, it requires the use of qualified experts, which can make it more resource-intensive. Additionally, it may need periodic reassessment as technology evolves, and there is no absolute guarantee against re-identification.
FAQs
What is de-identification?
De-identification is the process of removing or altering personal information from data so that individuals cannot be readily identified.
Why is de-identification important in healthcare?
De-identification helps protect patient privacy while allowing healthcare data to be used for research and analysis.
What is re-identification?
Re-identification is the process of matching de-identified data with publicly available or private information to determine the identity of individuals, potentially compromising their privacy.
