Hi Kyle there is an overview of the issues in relation to health data at https://privacy.org.au/campaigns/myhr/secondaryuse/ It is the context of Australian electronic health records but has a general discussion of a number of points and links to other sources. Michael On Sat, May 12, 2018 at 9:17 AM, Kyle Banerjee <[log in to unmask]> wrote: > Howdy all, > > We need to share large datasets containing medical imagery without > revealing PHI. The images themselves don't present a problem due to their > nature but the embedded metadata does. > > What approaches might work ? > > Our first reaction was to encrypt problematic fields, embed a public key > for each item in the metadata, and have that dataset owner hold a separate > private key for each image that allows authorized users to decrypt fields. > Keys would be transmitted via the same secure channels that would normally > be used for for authorized PHI. > > There's an obvious key management problem (any ideas for this -- central > store would counteract the benefits the keys offer), but I'm not sure if we > really have to worry about that. Significant key loss would be expected but > since that data disseminated is only a copy, a new dataset with new keys > could be created from the original if keys were lost or known to be > compromised. > > This approach has a number of flaws, but we're thinking it may be a > practical way to achieve the effect needed without compromising private > data. > > Any ideas would be appreciated. Thanks, > > kyle >