HIPAA GENERAL OPERATING POLICY #10
DE-IDENTIFICATION OF INFORMATION
I. In General
Health Information which does not identify an individual and which cannot be used to identify an individual is not individually identifiable health information and, therefore, is not protected health information. A HCC may determine that health information is not individually identifiable health information only if the following identifiers of the individual and of relatives, employers or household members of the individual, are removed:
1) Names;
2) All geographic subdivisions smaller than a State, except for the initial three digits of a zip code in certain circumstances;
3) All elements of dates except year and all ages over 89;
4) Telephone numbers;
5) Fax numbers;
6) Electronic mail addresses;
7) Social security numbers;
8) Medical record numbers;
9) Health plan beneficiary numbers;
10) Account numbers;
11) Vehicle identifiers, serial and license plate numbers;
12) Device identifiers and serial numbers;
13) URL’s;
14) IP address numbers;
15) Biometric identifiers, including finger and voice prints;
16) Full-face photographs and comparable images; and
17) Any other unique identifying number, characteristic, or code, except as permitted by section (II) below.
18) Certificate/license numbers;
In addition, the HCC must not have actual knowledge that the de-identified information could be used alone or with other information to identify an individual.
II. Re-Identification
A HCC may assign a code or other means of record identification to allow de-identified information to be re-identified by the HCC, provided that:
i. The code or other means is not derived from or related to information about the individual and is not otherwise capable of being translated to identify the individual; and
ii. The HCC does not use or disclose the code or other means for any other purpose and does not disclose the mechanism for re-identification.