Center for Bioethics

De-Identified Data: Ethics and Regulation

De-identified data refers to data obtained that has sensitive and personal information removed. Theoretically, someone who has access to de-identified data cannot be able to trace back this information to an individual. Practically, there are nuances to consider about de-identified data. It is possible for sensitive information to be removed and still be able to identify a person. Due to these nuances, guidelines have been established about how to properly handle sensitive data.

Related Resources

Office for Human Research Protections: Common Rule: Coded Private Information or Specimens Use in Research, Guidance (2008)

Health Insurance Portability and Accountability Act (HIPAA), Privacy Rule

De Montjoye, Y. A., Radaelli, L., & Singh, V. K. (2015). Unique in the shopping mall: On the re-identifiability of credit card metadata. Science, 347(6221), 536-539.