NIST is seeking comment on De-Identification. The good news is that they have used the Healthcare ISO 25237 specification. The bad news is that they didn't reference the IHE De-Identification Handbook-. Guess I have my first comment ready. De-Identification is a Process used to lower 'risk' of re-identification.
NIST IR 8053
DRAFT De-Identification of Personally Identifiable Information
NIST requests comments on an initial public draft report on NISTIR 8053, De-identification of personally Identifiable Information. This document describes terminology, process and procedures for the removal of personally identifiable information (PII) from a variety of electronic document types.Draft NISTIR 8053
This draft results from a NIST-initiated review of techniques that have been developed for the removal of personally identifiable information from digital documents. De-identification techniques are widely used to removal of personal information from data sets to protect the privacy of the individual data subjects. In recent years many concerns have been raised that de-identification techniques are themselves not sufficient to protect personal privacy, because information remains in the data set that makes it possible to re-identify data subjects.
We are soliciting public comment for this initial draft to obtain feedback from experts in industry, academia and government that are familiar with de-identification techniques and their limitations.
Comments will be reviewed and posted on the CSRC website. We expect to publish a final report based on this round of feedback. The publication will serve as a basis for future work in de-identification and privacy in general.
Note to Reviewers:
NIST requests comments especially on the following:
• Is the terminology that is provided consistent with current usage?
• Since this document is about de-identification techniques, to what extent should it discuss differential privacy?
• To what extent should this document be broadened to include a discussion of statistical disclosure limitation techniques?
• Should the glossary be expanded? If so, please suggest words, definitions, and appropriate citations?
Please send comments to firstname.lastname@example.org by May 15, 2015.
Comment Template Form for Draft NISTIR 8053
References to articles I have written on De-Identification