Guide to LA FOIP-Chapter 6

Office of the Saskatchewan Information and Privacy Commissioner. Guide to LA FOIP, Chapter 6, Protection of Privacy. Updated 27 February 2023. 29 The goal is to reduce the risk of re-identification of information once it has been deidentified. The following table shows decreasing probability of re-identification of information:57 State Description 1. Identifiable data The data have directly identifying variables or sufficient quasi-identifiers that can be used to identify the individual. 2. Potentially de-identified data Manipulations have been performed on the identifying variables but attempts to disguise the quasi-identifiers may be insufficient. The data may not be fully deidentified, partially exposed, and may represent a re-identification risk. 3. De-identified data An objective assessment of re-identification risk has been done and it is concluded that all directly identifying variables have been adequately manipulated and quasiidentifiers adequately disguised to ensure an acceptable level of re-identification risk. 4. Aggregate data These are summary data such as tables or counts, where there are no identifying variables or quasi-identifiers. For more on how to de-identify personal information, see the following resources: Dispelling the Myths Surrounding De-identification: Anonymization Remains a Strong Tool for Protecting Privacy (June 2011, ON IPC) De-identification Protocols: Essential for Protecting Privacy (June 25, 2014, ON IPC) 57 Canadian Institute for Health Information (CIHI) resource, Best Practice Guidelines for Managing the Disclosure of De-Identified Health Information at pp. 12, 13 and 17.

RkJQdWJsaXNoZXIy MTgwMjYzOA==