The Data De-Identification Methodology course includes in-depth instruction on the HITRUST De-Identification Framework and generally accepted de-identification methods and tools. The course helps provide the knowledge and skills needed by security, privacy, legal, compliance, IT, and other professionals to provide oversight for, or otherwise evaluate/assess, an organization’s data de-identification program to help manage risks associated with the use and disclosure of de-identified data sets for secondary purposes. This applies whether data is being shared internally within the organization or externally to third parties.
The course also provides data science, statistical, mathematical and other scientific professionals with the knowledge and skills necessary to perform data de-identification. Various methods and tools used in the de-identification of data are covered, with emphasis on the Expert Determination method described in the HIPAA Privacy Rule. The curriculum is supported by case studies, interactive workshops, and real-world application of the knowledge learned in the course.
The course is delivered in two parts. Introductory material is delivered online at the participant’s convenience via the HITRUST Academy learning management system, and the remaining material is delivered over a full, two-day period by an instructor in a classroom setting.
The course is based on the HITRUST De-Identification Framework and provides additional instruction on generally accepted methods of data de-identification. Major topical areas of the course include, but are not limited to:
- Background & scope of data de-identification
- De-identification concepts and related definitions
- Re-identification risk measurement and related concepts
- Analysis of contextual risk for de-identified datasets
- Data masking & de-identification
- Risk management & reporting
The course is recommended for professionals in the security, privacy, legal, compliance, IT and related domains, as well as professionals in data science, statistical, mathematical, and other scientific domains who want to have a better understanding of the HITRUST De-Identification Framework and the practical methods and tools used to render a data set de-identified under the HIPAA “Expert Determination method.”
The course may also be used by professionals in the security, privacy, legal, compliance, IT and related domains seeking the HITRUST Certified De-Identification Associate (CDA) credential, or by professionals in the data science, statistical, mathematical or other scientific domains seeking the HITRUST Certified De-Identification Professional (CDP) credential.
Registered students are given access to the online material approximately 30 days prior to their course start date (estimated time to complete 2-3 hours). Students are expected to have read, if not studied, the materials prior to arriving at the HITRUST Academy training center in Frisco, TX for live instruction.
In addition to the online course material, students will receive the following three books that contain information covered on the exam when they attend the class. Some students choose to purchase these texts in advance at their own expense.
- Risky Business: Sharing Health Data while Protecting Privacy, edited by Dr. Khaled El Emam
- Guide to the De-Identification of Personal Health Information, by Dr. Khaled El Emam
- Anonymizing Health Data: Case Studies and Methods to Get You Started, by Dr. Khaled El Emam and Luk Arbuckle
To properly access and utilize the course materials and tools used in this course, attendees must bring a personal computer (Windows Operating System or Mac) to class.
This HITRUST course is not required to take the Data De-Identification Methodology Exam and submit the application for the data de-identification credential. Candidates for the CDA or CDP must pass the exam and complete a self-explanatory application form (Application for CDA/CDP Certification) to be considered for award of the credential.
As with all professional certifications, relying parties should consider a combination of education, certification and experience when evaluating whether an individual is qualified to perform a particular service. The CDP credential is intended only for those professionals with the education and experience necessary for performing the actual de-identification of data using the “Expert Determination method” described in the HIPAA Privacy Rule.
The cost for the HITRUST Data De-Identification Methodology training and CDA/CDP prep course is $2,000. Qualified professionals who attend the course may take the examination at no additional cost. Course attendees have 90 days after the course completion to take the exam. After 90 days, individuals must register separately for the exam with HITRUST and pay an exam fee ($650).
CDA/CDP candidates may also take the exam without attending the course by registering with HITRUST for the exam and paying the $650 exam fee.
Payment and Change Policies
More detailed information regarding payment, cancellations, refunds, transfer and substitutions is available here.
To help you prepare for HITRUST Academy, additional travel information is available here.
For more information on the Data De-Identification Methodology credential program, please email email@example.com. For questions about the training course, please call 855.HITRUST or email Education@hitrustalliance.net.