Many limited and statistically de-ID datasets limit what data can it be combined with, for fear of increasing re-identificaiton risk.
|Who would benefit from this IDEA?||As a project lead, I want to make sure I honor data use rules when adding dataset to my project. As a data governance personnel, I want to generate audit report to flag projects with datasets that shouldn't be combined in the same COS.|
How should it work?
1) Enable a data combination alert (in WKC) which requires user to review the specific requirements before (1) adding the restricted data to the project; and (2) adding new data to a project with restricted data in place. Another thing that can help is to provide ability to audit data content within projects
2) This is a very common data use requirements as it ties to data use control and managing re-identification risks
3) Today we rely on administrative control, by training and processes. However, some level of technical control would be prudent. In fact, our external HIPAA statistical expert advise strict technical control.
|Priority Justification||Many of WH data assets have this restriction (e.g., external MarketScan, Explorys), but also ones from our clients and from government (e.g., CMS SAF)|
|Customer Name||Watson Health|
NOTICE TO EU RESIDENTS: per EU Data Protection Policy, if you wish to remove your personal information from the IBM ideas portal, please login to the ideas portal using your previously registered information then change your email to "firstname.lastname@example.org" and first name to "anonymous" and last name to "anonymous". This will ensure that IBM will not send any emails to you about all idea submissions