A wide range of Norwegian health registries contain sensitive and personal information. Ideally, data security and privacy protection should be an integrated part of the design of new registries, but it is also possible to introduce new security and privacy protection mechanisms in older systems. For both scenarios, it is important to ensure safe storage and transport of data, and to develop strict regulation of data access.
Before researchers can get access to sensitive data from the health registries, it is important to anonymize the data by removing names and other personal information that can be used to identify individuals. It is difficult to assess how much anonymization is needed to prevent individuals from being identified on the basis of the remaining information, such as age, sex, and place of residence and so on.
An important object of WP 3 is to assist other work packages in the HRR-project to achieve sufficient data security and privacy protection in the health registries. A wide range of security solutions are already developed. The purpose of this work package is not to develop new methods, but to make sure that existing solutions are applied in a useful way. However, it may be necessary to develop new methods for anonymization of data if the needs of the registries are not met by existing solutions.