Home Contacts Site Map
Up HIPAA worksheet Data Extraction / Business Associates Identifiers UB Research FAQ Authorizations Waiver of Authorization Review Prep to Research Research on Decedents Transition Provisions Limited Datasets


This page lists the identifiers specifically appearing in the HIPAA privacy regulations representing a "safe harbor" method for de-identifying data.  As long as none of these identifiers is present, HIPAA defines the information as having been rendered non-identifiable.

Using "safe harbor" De-identification requires removal of all such identifiers as specifically defined in the regulations.  It is not equivalent to the more general concept associated with the term 'anonymous'.  Note that tissue samples themselves are not considered identifiers (unless labeled in some manner with one of the identifiers below).

The following identifiers of the individual or of relatives, employers, or household members of the individual (* Indicates permitted in a limited dataset 164.514(e)(2)):

Last revised March 26, 2014

(A) Names
(B)* All geographic subdivisions smaller than a State, including street address, city, county, precinct, zip code, and their equivalent geocodes, except for the initial three digits of a zip code if, according to the current publicly available data from the Bureau of the Census:
(1) The geographic unit formed by combining all zip codes with the same three initial digits contains more than 20,000 people; and
(2) The initial three digits of a zip code for all such geographic units containing 20,000 or fewer people is changed to 000.
[Limited dataset must exclude postal address information other than town or city, state and zip code]
(C)* All elements of dates (except year) for dates directly related to an individual, including birth date, admission date, discharge date, date of death; and all ages over 89 and all elements of dates (including year) indicative of such age, except that such ages and elements may be aggregated into a single category of age 90 or older;
(D) Telephone numbers
(E) Fax numbers
(F) Electronic mail addresses
(G) Social security numbers
(H) Medical record numbers
(I) Health plan beneficiary numbers
(J) Account numbers
(K) Certificate/license numbers
(L) Vehicle identifiers and serial numbers, including license plate numbers
(M) Device identifiers and serial numbers
(N) Web Universal Resource Locators (URLs)
(O) Internet Protocol (IP) address numbers
(P) Biometric identifiers, including finger and voice prints
(Q) Full face photographic images and any comparable images
(R)* Any other unique identifying number, characteristic, or code, except as permitted by paragraph (c) of this section; [creation of a unique code not disclosed to the investigator or investigator creation of such a code with a BA in place]
NB:  If the algorithm for creating a "code" is disclosed to the recipient of the information, then the code is considered a unique identifier.  The code is also considered a unique identifier if it is generated from any of the identifiers, or pieces of the identifiers, listed above.

HIPAA also provides another method for establishing that a set of data is de-identifed.  This method requires:

(1) A person with appropriate knowledge of and experience with generally accepted statistical and scientific principles and methods for rendering information not individually identifiable: (i) Applying such principles and methods, determines that the risk is very small that the information could be used, alone or in combination with other reasonably available information, by an anticipated recipient to identify an individual who is a subject of the information; and (ii) Documents the methods and results of the analysis that justify such determination.

The entity releasing information to a research would be responsible for determining that these requirements had been satisfactorily met before it released the data.

HHS offers additional guidance and a FAQ regarding de-identification available here:


This material is designed for internal University at Buffalo use only and is copyrighted.  Information and documents available on this site may be freely copied and used with appropriate attribution to the University at Buffalo.  None of the information on these pages should be construed as legal advice or expert opinion with respect to how any particular function or entity engages in work to come into compliance with HIPAA.
Last updated: July 28, 2009.  Privacy Policy
Hit Counter