|
Work item:
|
X.suppl.39 (ex X.rdda)
|
|
Subject/title:
|
ITU-T X.1148 - Supplement on requirements for data de-identification assurance
|
|
Status:
|
Agreed on 2023-09-08 [Issued from previous study period]
|
|
Approval process:
|
Agreement
|
|
Type of work item:
|
Supplement
|
|
Version:
|
New
|
|
Equivalent number:
|
-
|
|
Timing:
|
-
|
|
Liaison:
|
ISO/IEC JTC 1/SC 27/WG5, ISO/IEC JTC 1/WG9
|
|
Supporting members:
|
-
|
|
Summary:
|
De-identified data incurs the risk of re-identifying individuals. So, it is important to assess the threat that de-identified data is used to identify individuals through re-identification methods. De-identification methods, which can be used for re-identification risk assessment, may be selected accordingly based on the following considerations:
Data risk assessment: Data composition, data distribution, possession of other data,
Data use environment risk assessment: Confidence level of data recipient, impact during re-identification, inadvertent re-identification,
Using and managing de-identification data: Security measures for de-identification data, monitoring of re-identification possibilities, compliance with de-identification data provision or consignment contracts.
This Supplement defines data de-identification assurance. It also provides a set of requirements for managing data de-identification assurance, including data risk assessment, risk assessment of the data use environment, and using and managing de-identified data.
|
|
Comment:
|
-
|
|
Reference(s):
|
|
|
Historic references:
|
|
Contact(s):
|
|
| ITU-T A.5 justification(s): |
|
|
|
|
First registration in the WP:
2019-02-01 11:33:20
|
|
Last update:
2023-10-17 12:18:44
|
