|
Identifiers that must be removed to deidentify medical data per HIPAA. |
| Identifier Type |
|
|
| Names |
| Geographic subdivisions smaller than a State * |
| All elements of dates (except year) |
| All ages over 89 * |
| Telephone numbers |
| Fax numbers |
| Electronic mail addresses |
| Social security numbers |
| Medical record numbers |
| Health plan beneficiary numbers |
| Account numbers |
| Certificate/license numbers |
| Vehicle identifiers and serial numbers, including license plate numbers |
| Device identifiers and serial numbers |
| Web Universal Resource Locators (URLs) |
| Internet Protocol (IP) address numbers |
| Biometric identifiers, including finger and voice prints |
| Full face photographic images and any comparable images |
| Any other unique identifying number, characteristic, or code |
|
* Additional details are given in the regulation text. Note that these categories refer only to identifiers that concern an individual, their relatives, employers or household members |
Beckwith et al. BMC Medical Informatics and Decision Making 2006 6:12 doi:10.1186/1472-6947-6-12 |