U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

This is an archive
(replace .gov by .rip)

SP 800-188 (Draft)

De-Identifying Government Datasets

Date Published: August 2016
Comments Due: September 26, 2016 (public comment period is CLOSED)
Email Questions to: sp800-188-draft@nist.gov

Author(s)

Simson Garfinkel (NIST)

Announcement

NIST Requests Comments on a Draft Special Publication regarding the De-Identification of Government Datasets

De-identification removes identifying information from a dataset so that the remaining data cannot be linked with specific individuals. Government agencies can use de-identification to reduce the privacy risk associated with collecting, processing, archiving, distributing or publishing government data. Previously NIST published NISTIR 8053, De-Identification of Personal Information, which provided a survey of de-identification and re-identification techniques. This document provides specific guidance to government agencies that wish to use de-identification.

In developing the draft Privacy Risk Management Framework, NIST sought the perspectives and experiences of de-identification experts both inside and outside the US Government.

Future areas of work will focus on developing metrics and tests for de-identification software, as well as working with industry and academia to make algorithms that incorporate formal privacy guarantees usable for government de-identification activities.

Abstract

Keywords

de-identification; re-identification; Disclosure Review Board; data life cycle; the five safes; k-anonymity; differential privacy; pseudonymization; direct identifiers; quasi-identifiers; privacy; synthetic data
Control Families

Program Management; Risk Assessment; System and Communications Protection

Documentation

Publication:
Draft (1st) SP 800-188

Supplemental Material:
None available

Related NIST Publications:
NISTIR 8053

Document History:
08/25/16: SP 800-188 (Draft)
12/15/16: SP 800-188 (Draft)

Topics

Security and Privacy
privacy

Laws and Regulations
E-Government Act