A recent ISO standard described the principles for a risk-based de-identification process. The process follows established practices, metrics, and benchmarks for evaluating data risk and the risk from the additional controls that are in place. This standard is an important milestone in that it provides a consistent process that can be applied globally to operationalize regulatory requirements for de-identification (or anonymization).
In this webinar Khaled El Emam will provide an overview of this standard, and an operationalization of the principles of the de-identification process. The session will also provide an assessment of the strengths and weaknesses of that standard, and the necessary customizations that are required to implement the standard in practice.