|Public project title||FHIR De-Identification and Pseudonymization Tool|
|A one-line project description||De-Identification and Pseudonymization of FHIR data made easy|
|Project description||The FHIR-DIET project proposes a de-identification, pseudonymization pseudonymization framework for FHIR.|
The system design is rule based, implementing a selection-action principle. The selection is based on identification rules, implemented with FHIRPath which is an expression language defined by FHIR. Actions implements a wide set of transformations such as redaction, perturbation, hashing and substitution for the de-identification. For pseudonymization the tool will support state of the art encryption system with perfectly hiding properties and gPAS pseudonym management platform and advanced cryptography with perfectly hiding properties.
FHIR-DIET proposes a set of default rules and on top of that, the ability to add custom rules. Default rules implement the Safe Harbor de-identification rules specified in the HIPAA Privacy Rule. This is an important starting point to remove Protected Health Information from FHIR data. When such rules are not enough, custom rules allow simple personalization according to the specific privacy-utility tradeoff needs, and to cope with EU regulation (GDPR). The service will be accessed through three simple APIs documented with OpenAPI: de- identification, pseudonymization and de-pseudonymization. The tool will be provided as a Docker container ready to be integrated in microservice architectures and in HosmartAI pilots. FHIR-DIET offers an added-value for secondary use of data, and provides a valuable tool to satisfy current legislation requirements in terms of Personal Health Records.
The implementation is cloud provider independent and the code will be released as open source, with a license that allows commercial use of the code.
|Description||New generation of Medical Practice Management Software|