De-identify data as needed.
Depending on the data request, the data owner may need to de-identify data in order to protect the privacy and rights of individuals. There are a number of ways to de-identify data, and these are summarized below.
Removing PII and confidential data
One way to de-identify data is to remove all of the fields that could be used to identify a specific individual from the data. Examples include names, phone numbers, and birthdays. (For more information about confidential data, see the section Document critical data elements.)
Data owners can also choose to aggregate data. This is accomplished by providing counts of specific fields for a dataset. For example, sensitive fields like birthday and address can be converted to age range and zip code in order to provide the counts of each age group living in a specific area.
When aggregating data, it's important to ensure that groups aren't split up so much that it's still possible to identify individuals. For example, if you're aggregating data based on any one of school, test scores, grade, or race and ethnicity, the counts can't be small enough for someone to identify individual students.
- Guidance Regarding Methods for De-identification of Protected Health Information in Accordance with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule
- Guidelines for Data De-Identification or Anonymization
- De-Identification of Personal Information
- Guide to Basic Data Anonymization Techniques
Choose the right method for transferring data.
Once the parties have agreed to share data, it's time to consider the logistics of transferring the data. The method will vary based on the sensitivity of the data.
Open and public data
Data that's open to the public doesn't require a secure channel for data transfer. Some options that might be suited for file transfers are:
- Email for small data files
- Commercial cloud storage solutions (Dropbox, Google Drive, Microsoft Office OneDrive, Amazon AWS, etc.) for large data files
- FTP (File Transfer Protocol) for large data files
Zipping on Windows OS
To accelerate data transfers and save disk space, zip the data files before initiating a data transfer. To zip a file:
- Right-click on the file
- Navigate to "Send to" option
- Click on Compressed (zipped) folder
All data that isn't open to the public should be transferred through secure channels. These data include data governed by HIPAA, FERPA, or state laws and data that are confidential, subject to misuse, or simply not authorized for public consumption due to outstanding approval.
Failure to transfer non-public data securely may result in harm to citizens, lawsuits filed against the responsible government office, and severe professional consequences for the offending employee. It's important to pay careful attention when sharing non-public data. Secure channels may include:
- Encrypted email service for small data files
- SFTP (SSH File Transfer Protocol) for large data files
- Approved and encrypted external drives for large data files
Zipping and encryption on Windows OS
To accelerate secure data transfer, zip and encrypt data files before initiating a data transfer.
To zip a file:
- Right-click on file or folder
- Navigate to "Send to" option
- Click on "Compressed (zipped) folder"
To encrypt a file:
- Right-click on the zipped folder and open "Properties"
- Under the "General" tab, click "Advanced"
- Check the "Encrypt contents to secure data" box