HIPAA 18 De-identifying Elements
for Health Care Policy & Management Students

18 Elements Necessary for De-identification of
Patient Data Before Presenting the Case in Class

The following data must be removed for de-identification:

• Name
• Location; all geographic subdivisions smaller than a state, including street address, city, county, precinct, zip code, and their equivalent geocodes.
• Dates (all dates related to the subject of the information, e.g. birth dates, admission dates, discharge dates, encounter dates, surgery dates, etc.)
• Telephone numbers
• Fax numbers
• Electronic mail addresses
• Social security numbers
• Medical record numbers
• Health plan beneficiary numbers
• Account numbers
• Certificate / license numbers
• Vehicle identifiers and serial numbers, including license plate numbers
• Device identifiers and serial numbers
• Web Universal Resource Locators (URLs)
• Internet Protocol (IP) address numbers
• Biometric identifiers, including finger and voice prints
• Full face photographic images and any comparable images
• Any other unique identifying number, characteristic, or code

The following data may be used:

• Age (age 90 and over must be aggregated to prevent the identification of older individuals)
• Race
• Ethnicity
• Marital status
• Codes (a random or fictional code may be used to link cases or re-identify the health information at a later time; codes may not be a derivative of the individual’s social security number or other identifiable numerical codes, e.g. birth date, fax number, etc.)