Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DeID Handbook update - two/multi stage process #218

Open
lukeaduncan opened this issue Dec 17, 2024 · 4 comments
Open

DeID Handbook update - two/multi stage process #218

lukeaduncan opened this issue Dec 17, 2024 · 4 comments

Comments

@lukeaduncan
Copy link
Contributor

lukeaduncan commented Dec 17, 2024
edited
Loading

IHE_Profile_Proposal DeID-handbook-update-process-enhancement-20241212.docx
@lukeaduncan lukeaduncan converted this from a draft issue Dec 17, 2024
@lukeaduncan
Copy link
Contributor Author

Can possibly combine with #216

@alan-zh-sh
Copy link

Some rough ideas of the handbook update (note: the numbers are the chapter numbers of the current de-id handbook):

1. Intended audience:
Issue: Assuming the responsibilities of IHE Profile editors and healthcare information technology implementers are different, it’s unclear how IHE Profile editors and healthcare information technology implementers benefit from the handbook.
Proposed udpate: identify the benefits that can be gained from the handbook for IHE Profile editors and healthcare information technology implementers, respectively..
2. De-Identification, Pseudonymization, and Relinking (including 2.2 Definitions)
issue: " Anonymization and pseudonymization are the two types of de-identification" may not be accurate now.
proposed update: the concept/definition of anonymization, de-identification and pseudonymization need to be updated according to other sources of information, including ISO IEC 20889-2018, NIST SP 800-188, GDPR, PIPL etc.
2.1 GeneralApproach
issue: The approach of starting by allowing no data does not support enabling de-identification services for multiple projects/cases. " This approach starts by allowing no data, which requires that the project team justify that each attribute is required to fulfill the use case objectives."
proposed update: two/mulitple stages of de-identification. The first stage (preliminary de-identification) is the starting point of the process and can be leveraged by multiple data collection projects/cases.
2.3 De-identificationBackground
issue: the examples in 2.3.1 is not relavent to IHE profiles.
proposed update: include IHE profiles that requires de-identificaiton services as examples, like, RAD:TCE, ITI:MPQ, XDR, etc.
5. Process
Issue: The process consists six steps without specifying the actors which makes the adoption of the process a bit challenging (responsibility assignment of de-identification is unclear).
proposed update: Identify essential actors and assign the steps to actors considering two/multiple stages of de-identification service.
6 De-Identification and Pseudonymization for IHE Profile Editors
Issue: single-layered of de-identification profile can lead to inconsistencies in applying common practices of de-identification due to the duplication between different data collection cases.
Proposed update: Multi-layered de-identification profiles can separate de-identification concerns and standardize how common de-identification practices are applied.
B.3 DICOM De-identification
Issue: the referenced file is out of dated.
Proposed update: update the referenced files.

@alan-zh-sh
Copy link

Updated the work item proposal.

  1. included the details presented on the 09-JAN t-con. A few diagrams are included, adjusted the descriptions of sections of problems and key use cases.
  2. expanded the section of discussion to cover the high level proposal of multi-stage de-identification, ideas of updating the de-identification handbook.

IHE_Profile_Proposal DeID-handbook-update-process-enhancement-20250122.docx

@alan-zh-sh
Copy link

Found an interesting paper talking about the same idea as we proposed, A Two-Stage De-Identification Process for Privacy-Preserving Medical Image Analysis.

Abstract

Identification and re-identification are two major security and privacy threats to medical imaging data. De-identification in DICOM medical data is essential to preserve the privacy of patients' Personally Identifiable Information (PII) and requires a systematic approach. However, there is a lack of sufficient detail regarding the de-identification process of DICOM attributes, for example, what needs to be considered before removing a DICOM attribute. In this paper, we first highlight and review the key challenges in the medical image data de-identification process. In this paper, we develop a two-stage de-identification process for CT scan images available in DICOM file format. In the first stage of the de-identification process, the patient's PII-including name, date of birth, etc., are removed at the hospital facility using the export process available in their Picture Archiving and Communication System (PACS). The second stage employs the proposed DICOM de-identification tool for an exhaustive attribute-level investigation to further de-identify and ensure that all PII has been removed. Finally, we provide a roadmap for future considerations to build a semi-automated or automated tool for the DICOM datasets de-identification.

Shahid A, Bazargani MH, Banahan P, Mac Namee B, Kechadi T, Treacy C, Regan G, MacMahon P. A Two-Stage De-Identification Process for Privacy-Preserving Medical Image Analysis. Healthcare (Basel). 2022 Apr 19;10(5):755. doi: 10.3390/healthcare10050755. PMID: 35627892; PMCID: PMC9141493.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
ITI Project Planning
Status: Under assessment by planning
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lukeaduncan @alan-zh-sh