Privacert provides written declarations of compliance that datasets
are sufficiently de-identified for sharing in accordance
to the provisions allowed by the Privacy Rule of the Health Insurance Portability and Accountability Act (HIPAA) as warranted by scientific analyses of the datasets.
The first step towards HIPAA certification is to have Privacert perform a
Privacert Risk Assessment on your dataset.
This provides a scientific report on the identifiability of your dataset
-- i.e., a risk assessment identifies how many people may be at risk to re-identification
if the dataset is shared. If the outcome of the risk assessment warrants,
Privacert will provide you with a written declaration of HIPAA compliance,
or may alternatively make recommendations as to simple, manual changes that can
be made to achieve HIPAA compliance.
Below is a sample analysis.
Quantitative assessment for achieving HIPAA certification
a Privacert Risk Assessment, with simple changes (if needed).
All Privacert certifications are based on
the Privacert Compliance Model for HIPAA and are limited by geographic
scope. Certifications are valid for a specific amount of time (typically
one year). If you need a HIPAA certification, contact
a Privacert representative
who will walk you through the process.
[For more technical information about our approach, see