SI-19 De-identification
a. Remove the following elements of personally identifiable information from datasets: si-19_odp.01 ; and
b. Evaluate si-19_odp.02 for effectiveness of de-identification.
| Parameter ID | Definition |
|---|---|
| si-19_odp.01 | elements |
| si-19_odp.02 | frequency |
Baselines
- L
- M
- H
- P
Guidance
De-identification is the general term for the process of removing the association between a set of identifying data and the data subject. Many datasets contain information about individuals that can be used to distinguish or trace an individual’s identity, such as name, social security number, date and place of birth, mother’s maiden name, or biometric records. Datasets may also contain other information that is linked or linkable to an individual, such as medical, educational, financial, and employment information. Personally identifiable information is removed from datasets by trained individuals when such information is not (or no longer) necessary to satisfy the requirements envisioned for the data. For example, if the dataset is only used to produce aggregate statistics, the identifiers that are not needed for producing those statistics are removed. Removing identifiers improves privacy protection since information that is removed cannot be inadvertently disclosed or improperly used. Organizations may be subject to specific de-identification definitions or methods under applicable laws, regulations, or policies. Re-identification is a residual risk with de-identified data. Re-identification attacks can vary, including combining new datasets or other improvements in data analytics. Maintaining awareness of potential attacks and evaluating for the effectiveness of the de-identification over time support the management of this residual risk.
References 2
- OMB A-130 Office of Management and Budget Memorandum Circular A-130, *Managing Information as a Strategic Resource* , July 2016.
- SP 800-188 Garfinkel S (2016) De-Identifying Government Datasets. (National Institute of Standards and Technology, Gaithersburg, MD), Second Draft NIST Special Publication (SP) 800-188.
Control Enhancements 8
- SI-19(01) Collection L M H P
- SI-19(02) Archiving L M H P
- SI-19(03) Release L M H P
- SI-19(04) Removal, Masking, Encryption, Hashing, or Replacement of Direct Identifiers L M H P
- SI-19(05) Statistical Disclosure Control L M H P
- SI-19(06) Differential Privacy L M H P
- SI-19(07) Validated Algorithms and Software L M H P
- SI-19(08) Motivated Intruder L M H P
Related controls 6
- MP-06 Media Sanitization L M H P
- PM-22 Personally Identifiable Information Quality Management L M H P
- PM-23 Data Governance Body L M H P
- PM-24 Data Integrity Board L M H P
- RA-02 Security Categorization L M H P
- SI-12 Information Management and Retention L M H P