Scheduled Speakers

Donald Stuss

Matthew Norton

Shiva Amiri

Igor Jurisica

Brendan Johns

Khaled El Emam

Peter Snelling

Khaled El Emam

Khaled El EmamDr. Khaled El Emam is an Associate Professor at the University of Ottawa, Faculty of Medicine, a senior investigator at the Children's Hospital of Eastern Ontario Research Institute, a Canada Research Chair in Electronic Health Information at the University of Ottawa and CEO of Privacy Analytics. His main area of research is developing techniques for health data de-identification or anonymization and secure disease surveillance for public health purposes. He has made many contributions to the health privacy area. Additionally, he has considerable experience de-identifying personal health information under the HIPAA Privacy Rule Statistical Standard.

Title:

“Big Data Meets Privacy: An Overview of a De-Identification Maturity Model for Benchmarking and Improving De-identification Practices”

Abstract:

Vast amounts of data are being generated, collected and linked from multiple sources. The “Big Data” age has presented opportunities to organizations to use this data for secondary purposes such as the implementation of cutting edge research programs. However, much debate among citizens and privacy advocates has and continues to take place around the subject of Big Data. Do organizations have more information than they need? How can the data be used? Is there any business value to the data? What risks exist with the data? Does the data need to be protected and how should it be protected?

Data custodians and privacy professionals are now faced with the challenge of ensuring that responsible privacy and security protocols are in place to allow the ethical use of an unprecedented amount of sensitive, private data. A practical approach to protecting this information is the use of anonymization or data de-identification. As they implement de-identification practices, guidance on best practices and knowing what other organizations are doing can be valuable. In this session we will present the de-identification maturity model, which describes the five levels of de-identification practices that organizations typically go through.

We will present a real-world example in the form of a case study where the De-Identification Maturity Model was applied to benchmark the de-identification practices of this organization and to and identify a roadmap to improve de-identification practices.The De-Identification Maturity Model is a viable, formal framework to evaluate the maturity of de-identification services within an organization. It is used as a measurement tool and it enables the enterprise to implement a fact-based improvement strategy.