Term | Definition | Resource | ||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Adversary | A data user who intentionally or inadvertently learns or discloses information about a data subject through re-identification or attribution. This user may be motivated by a wish to discredit or otherwise harm the organisation disseminating the data, to gain notoriety or publicity, or to gain profitable knowledge about particular data subjects. Data adversaries are sometimes referred to as intruders, snoopers or attackers | Definition adapted from Elliot, M., Mackey, E., O’Hara, K. et al. The Anonymisation Decision-Making Framework (2016). UK Anonymisation Network. Accessed at: https://eprints. soton.ac.uk/399692/1/The-Anonymisation-Decision-makingFramework.pdf (last accessed 24 March 2021). | ||||||||||||||||||||||||
Anonymisation | The overall process of protecting the privacy of data subjects, including clinical study participants, and reducing the risk of re-identification by 1) modifying (e.g. suppressing, obscuring, aggregating, altering) identifiable information in structured data and documents, 2) assessing and controlling the residual risk of re-identification and 3) considering the context of the data release. | Definition adapted from PHUSE: Data Anonymisation and Risk Assessment Automation, Version 1.0, . (9 June 2020, available from ). Accessed at: https://phuse.s3.eu-central-1. amazonaws.com/Deliverables/Data+Transparency/ Data+Anonymisation+and+Risk+Assessment+Automation.pdf (last accessed 18 March 2021). | ||||||||||||||||||||||||
Anonymised data and documents | Data and documents that have been produced as the output of an anonymisation process. | Definition adapted from theInternational Organization for Standardization: ISO 25237:2017(en) Health informatics – Pseudonymization ,. (January 2017 , available from). Accessed at: https://www.iso.org/obp/ui/#iso:std:iso:25237:ed-1:v1:en (last accessed 23 March 2021) ; theInternational Organization for Standardization: ISO/IEC 29100:2011(en) Information technology — Security techniques — Privacy framework ,(December 2011 , available from). Accessed at: https://www.iso.org/standard/45123.html (last accessed 24 March 2021). | ||||||||||||||||||||||||
Confidential business information (CBI) | In respect of a person (individual or organisation) to whose business or affairs the information relates, means | – subject to the regulations –business information | :that is not publicly available, in respect of which the person has taken measures that are reasonable in the circumstances to ensure that it remains not publicly available, and that has actual or potential economic value to the person or their competitors because it is not publicly available and its disclosure would result in a material financial loss to the person or a material financial gain to their competitors. (In reference to clinical reports submitted to Health Canada, as defined in Canada’s Section 2 of the Food and Drugs Act.) | Definition directly adapted from Health Canada: Guidance Document on Public Release of Clinical Information, Version 1.0, . (12 March 2019, available from ). Accessed at: https://www.canada.ca/en/health-canada/services/ drug-health-product-review-approval/profile-public-release-clinicalreleaseclinical-information-guidance.html (last accessed 18 March 2021). | ||||||||||||||||||||||
Commercially confidential information (CCI) | Any information contained in the clinical reports submitted to the European Medicines Agency (EMA) by the applicant/MAH which is not in the public domain or publicly available and where disclosure may undermine the legitimate economic interest of the applicant/MAH. | Definition directly from the European Medicines Agency: External guidance on the implementation of the European Medicines Agency policy on the publication of clinical data for medicinal products for human use (Policy 0070), Version 1.4, . (9 November 2018, available from ). Accessed at: https://www.ema.europa.eu/en/human-regulatoryhumanregulatory/marketing-authorisation/clinical-data-publication/ support-industry/external-guidance-implementation-european-medicineseuropeanmedicines-agency-policy-publication-clinical-data (last accessed 18 March 2021). | ||||||||||||||||||||||||
Data subject | An identified or identifiable natural person to whom a particular piece of data relates. | Definition adapted from PHUSE: Protection of Personal Data in Clinical Documents – A Model Approach, Version 1.0 ,(10 June 2019 , available from). Accessed at: https://phuse.s3.eu-central-1.amazonaws. com/Deliverables/Data+Transparency/Protection+of+Personal +Data+in+Clinical+Documents+A+Model+Approach.pdf (last accessed 18 March 2021) ; Garfinkel SL. De. Garfinkel, S. L. (October 2015). ‘De-Identification of Personal Information,Information’. Internal Report 8053. National Institute of Standards and Technology Internal Report 8053, October 2015, available from. Accessed at: http://dx.doi. org/10.6028/NIST.IR.8053 (last accessed 18 March 2021) ; the UK Anonymisation Network: Elliot M. Elliot, M., Mackey, E., O’Hara, K. et al. (2016). The Anonymisation Decision-Making Framework , 2016, available from. UK Anonymisation Network. Accessed at: https://eprints.soton. ac.uk/399692/1/The-Anonymisation-Decision-making-Framework.pdf (last accessed 24 March 2021) ; the. International Association of Privacy Professionals: Glossary of Privacy Terms , available from. Accessed at: https://iapp.org/resources/glossary (last accessed 22 March 2021). | De-identification | Definition adapted from PHUSE: Data Anonymisation and Risk Assessment Automation, Version 1.0, 9 June 2020, available from https://phuse.s3.eu-central-1.amazonaws.com/Deliverables/Data+Transparency/Data+Anonymisation+and+Risk+Assessment+Automation.pdf (last accessed 18 March 2021). | Protected personal data (PPD) | Definition adapted from the European Union: Directive 95/46/EC (Data Protection Directive), 24 October 1995, available from https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex:31995L0046 (last accessed 23 March 2021). | Pseudonymisation | Definition adapted from the International Organization for Standardization: ISO 25237:2017(en) Health informatics – Pseudonymization, January 2017, available from https://www.iso.org/obp/ui/#iso:std:iso:25237:ed-1:v1:en (last accessed 23 March 2021); Clinical Data Interchange Standards Consortium: Glossary, V15.0, 18 December 2020, available from https://www.cdisc.org/standards/glossary (last accessed 24 March 2021); Garfinkel SL. De-Identification of Personal Information, National Institute of Standards and Technology Internal Report 8053, October 2015, available from http://dx.doi.org/10.6028/NIST.IR.8053 (last accessed 18 March 2021); the National Institute of Standards and Technology: Computer Security Resource Center Glossary, available from https://csrc.nist.gov/Glossary (last accessed 22 March 2021). | Pseudonymised data and documents | Data and documents that have been produced as the output of a pseudonymisation process. | Quasi identifier | Definition adapted from PHUSE: Protection of Personal Data in Clinical Documents – A Model Approach, Version 1.0, 10 June 2019, available from https://phuse.s3.eu-central-1.amazonaws.com/Deliverables/Data+Transparency/Protection+of+Personal+Data+in+Clinical+Documents+A+Model+Approach.pdf (last accessed 18 March 2021); PHUSE: A Global View of the Clinical Transparency Landscape – Best Practices Guide, Version 1.0, 22 May 2020, available from https://phuse.s3.eu-central-1.amazonaws.com/Deliverables/Data+Transparency/Clinical+Trials+Data+Transparency+Toolkit+Best+Practices+Guide.pdf (last accessed 18 March 2021); PHUSE: De-Identification Standard for CDISC SDTM 3.2, Version 1.01, 20 May 2015, available from https://phuse.s3.eu-central-1.amazonaws.com/Deliverables/Data+Transparency/De-identification+Standard+for+SDTM+3.2+Version+1.0.xls (last accessed 22 March 2021); El Emam K. Guide to the De-Identification of Personal Health Information, Auerbach Publications 2013; PHUSE: Data Anonymisation and Risk Assessment Automation, Version 1.0, 9 June 2020, available from https://phuse.s3.eu-central-1.amazonaws.com/Deliverables/Data+Transparency/Data+Anonymisation+and+Risk+Assessment+Automation.pdf (last accessed 18 March 2021). | Re-identification | Definition adapted from Garfinkel SL. De-Identification of Personal Information, National Institute of Standards and Technology Internal Report 8053, October 2015, available from http://dx.doi.org/10.6028/NIST.IR.8053 (last accessed 18 March 2021);the Information and Privacy Commissioner of Ontario: De-identification Guidelines for Structured Data, June 2016, available from https://www.ipc.on.ca/wp-content/uploads/2016/08/Deidentification-Guidelines-for-Structured-Data.pdf (last accessed 18 March 2021); the National Institute of Standards and Technology: Computer Security Resource Center Glossary, available from https://csrc.nist.gov/Glossary (last accessed 22 March 2021). | Re-identification risk | The probability that re-identification could occur. | Residual risk | A general term for any process of removing the association between a set of identifying data and a data subject present in data/documents. The association between data and subject is removed by modifying (e.g. removing, obscuring, aggregating, altering) identifiable information in structured data and documents. Definition adapted from PHUSE: Protection of Personal Data in Clinical Documents – A Model Approach, Version 1.0, 10 June 2019, available from https://phuse.s3.eu-central-1.amazonaws.com/Deliverables/Data+Transparency/Protection+of+Personal+Data+in+Clinical+Documents+A+Model+Approach.pdf (last accessed 18 March 2021); Garfinkel SL. De-Identification of Personal Information, National Institute of Standards and Technology Internal Report 8053, October 2015, available from http://dx.doi.org/10.6028/NIST.IR.8053 (last accessed 18March 2021) ; Clinical Data Interchange Standards Consortium: Glossary, V15.0, 18 December 2020, available from https://www.cdisc.org/standards/glossary (last accessed 24 March 2021). | De-identified data and documents | Data and documents that have been produced as the output of a de-identification process. | Direct identifier | Definition directly from PHUSE: Protection of Personal Data in Clinical Documents – A Model Approach, Version 1.0, 10 June 2019, available from https://phuse.s3.eu-central-1.amazonaws.com/Deliverables/Data+Transparency/Protection+of+Personal+Data+in+Clinical+Documents+A+Model+Approach.pdf (last accessed 18 March 2021). | Individual patient or participant data (IPD) | Definition directly from PHUSE: Protection of Personal Data in Clinical Documents – A Model Approach, Version 1.0, 10 June 2019, available from https://phuse.s3.eu-central-1.amazonaws.com/Deliverables/Data+Transparency/Protection+of+Personal+Data+in+Clinical+Documents+A+Model+Approach.pdf (last accessed 18 March 2021). | Personal information (PI) | The risk of re-identification that remains on data or documents that have been produced as the output of an anonymisation process. |
Page History
Overview
Content Tools