De-identified Data in Healthcare

What’s wrong with de-identified data in healthcare? Maybe nothing. Maybe everything.

The term de-identification as it relates to healthcare is defined in the HIPAA Privacy Rule. The specific sections of the Privacy Rule that pertain to de-identification of protected health information (PHI) are:

45 CFR § 164.514(a) – Standard: De-identification of protected health information.
45 CFR § 164.514(b) – Implementation specifications: Requirements for de-identification of protected health information.

An easier read is this article, which is part of the U.S. Department of Health and Human Services’ (HHS) guidance and resources on the topic of de-identification of PHI. Basically, de-identification means taking personal information and disguising it so it can’t be linked back to a specific person. It’s like removing the labels from things so you can’t tell one from the other. This is done to protect people’s privacy when using their information for things like research or analysis. By itself, this is not a bad thing.

However, recently, some healthcare apps – including at least one EHR – have had to update their Terms of Service because of new privacy laws issued by some states. In their new Terms, these companies have carved out the right to de-identify healthcare data entered in their product. The problem with this is that once healthcare data has been de-identified, it is no longer considered PHI. That means that, at that point, a company can do whatever they want with it. They don’t have to ask or even inform the subscriber when or how their patients’ data is being used.

Even that might not be TOO bad, except for these things:

Even though the risk is minimal, de-identified data can, at times, be used to identify the individual.
The rules for de-identification are fairly stringent. If they are not applied correctly, the data is not technically de-identified, and it becomes more likely to be linked back to the individual.

Methods of De-Identification

There are two approved methods for de-identifying healthcare data: the Expert Determination method and the Safe Harbor method. The Safe Harbor method is usually considered more objective than the Expert Determination method, because it is quantitative. Safe Harbor involves removing 18 specific identifiers from PHI to make it reasonably de-identified. These 18 identifiers are:

Names: All elements of names (except for the initial of the last name) and full face photos.
Geographic Information: All geographic subdivisions smaller than a state, including street address, city, county, precinct, ZIP code, and their equivalent geocodes.
Dates: All dates, except the year, directly related to an individual, including birthdates, admission dates, discharge dates, death dates, and more.
Telephone Numbers: All telephone numbers.
Fax Numbers: All fax numbers.
Email Addresses: All email addresses.
Social Security Numbers: All Social Security numbers.
Medical Record Numbers: All medical record numbers.
Health Plan Beneficiary Numbers: All health plan beneficiary numbers.
Account Numbers: All account numbers.
Certificate/License Numbers: All certificate or license numbers.
Vehicle Identifiers and Serial Numbers: All vehicle identifiers and serial numbers, including license plate numbers.
Device Identifiers and Serial Numbers: All device identifiers and serial numbers.
Web Universal Resource Locators (URLs): All URLs.
IP Addresses: All IP addresses.
Biometric Identifiers: All biometric identifiers, including fingerprints and voiceprints.
Full Face Photos: All full face photos.
Any Unique Identifying Number or Code: Any other unique identifying number, characteristic, or code, except as permitted by limited data use agreements.

However, even when companies apply the Safe Harbor method correctly, it is not foolproof.¹ Although unlikely, there will be times when someone will be able to recognize an individual from de-identified data. To complicate matters, in some cases data has not been de-identified correctly. For example, some companies have said they use initials in their de-identified data. If they are only using a last initial and have done everything else correctly, that could be considered proper de-identification. However, that is not what they are saying. We are left to wonder whether they don’t fully understand the Safe Harbor method or whether they are choosing to ignore it, creating their own de-identification methods instead. Neither would be a good thing.

Misuse of Business Associate Agreements

The concept of a “Business Associate” (BA) in healthcare originated in 2000 with the publication of HIPAA’s Privacy Rule. The HITECH Act (2009) expanded HIPAA’s privacy and security provisions to Business Associates directly. It mandated that Business Associates must comply with many of the same privacy and security rules that apply to Covered Entities (CEs).

In 2013, the HHS issued the HIPAA Omnibus Rule, which further clarified and expanded the requirements related to Business Associates. This rule specified the obligations of Business Associates regarding security breaches, compliance with HIPAA rules, and the need for Business Associate Agreements (BAAs) between CEs and their Business Associates. According to The Omnibus Rule, Business Associates are directly liable for the security of protected health information (PHI) entrusted to them. Should there be a breach caused by the BA’s product, they are required to take specific actions related to the breach. In other words, the BA is supposed to “make things right” as much as is possible.

Thus, the authors of HIPAA originally intended a BAA to serve as a kind of protection for Covered Entities (in this case, healthcare providers). It was meant to be the company’s pledge that they understood HIPAA and that their software (or other service) was secure. However, some healthcare software companies are weaponizing their BAAs in ways that not only fail to protect CEs, but that may actually harm them.

Specifically, by de-identifying the data in their systems, the BA can legally claim that it is no longer PHI. Since it’s no longer PHI, that gets them off the hook should any leaks occur with that data. If patients are identified from the de-identified data, the BA can truthfully claim that even HIPAA admits that de-identification isn’t foolproof.

Additionally, the rewording of their Terms of Service, which you must sign to use their product, gives them the broadest possible permissions to use the data in any way they deem fit. Should there be any issues at all, the BA will be able to bring out documents signed by their users, which assigned all rights to the company.

Some may be thinking that perhaps the best solution is just to not sign a company’s BAA if you disagree with the terms. However, if you plan to keep using the software, that’s also a Catch-22. Covered Entities are required to sign a Business Associate Agreement from each healthcare software product we use.² Also, in some of the current cases, the company will not allow you – or your clients – to continue to access their product if you refuse to sign their terms.

If you find yourself being appalled by this recent turn of events, you are not alone. As the founder and CEO of PSYBooks, I can assure you that I am, too.

PSYBooks has never de-identified data. Furthermore, we have never sold, bartered or traded any data our subscribers have entrusted us with, or used it for anything other than what is required to run the program.

If you’re looking for more privacy and autonomy over the patient data you enter in your EHR, we’d love to show you around. We offer both Free Demos and Free Trials of our program.

Susan C. Litton, Ph.D.

¹ U.S. Department of Health and Human Services. (n.d.). De-identification of Protected Health Information. HHS.gov. https://www.hhs.gov/hipaa/for-professionals/privacy/special-topics/de-identification/index.html
² Exceptions are products that are only “conduits” for PHI, as opposed to storing it.

By Susan Litton|2023-09-05T11:23:14-04:00September 2nd, 2023|Current, HIPAA/HITECH, How To Choose an EHR|Comments Off

About the Author: Susan Litton

Susan C. Litton, Ph.D. holds degrees in both psychology and IT. In addition to being the developer of the PSYBooks EHR & Portal, she's been a practicing clinical psychologist in Decatur, GA, since 1985.

General Terms for All Users

The following terms are for all Users of our Website, including the public at large and Subscribers.

PSYBooks Grants a Limited License

All content on our Service, except for User Generated Content (“UGC” ) and Protected Health Information (“PHI”) as defined herein, including designs, text, graphics, pictures, video, information, applications, software, music, sound and other files, and their selection and arrangement (the “Information”), are the property of PSYBooks or its licensors with all rights reserved.
If you meet the requirements of Eligibility, and have properly gained access to our Service as provided for in this Agreement, then you are granted a limited license to use our Service and the Information, and to download and print a copy of any portion of the Information for non-commercial use, provided that you keep all copyright or other proprietary notices intact.
As pertaining to all the Information, excluding UGC and a Subscriber’s protected health information (“PHI”), you may not make available, in any form and by any mechanism, said Information on any public or private website or incorporate the Information in any other database or compilation.
Any use of the Information, other than as set forth herein, is strictly prohibited. This limited license allows you to use the Information only for lawful uses in accordance with the foregoing and does not allow you to sell the Information, use the Information for commercial use, or use any type of data mining, robots, or similar data gathering or extraction methods on our Service.
Absent prior written consent from PSYBooks, you may not copy or imitate any elements of our Service, including but not limited to, graphics, digital images, logos, sounds, images, and buttons protected by trade dress and other laws. Absent prior written consent from PSYBooks, you may not use framing, metatags, or hidden text techniques in association with our logo, trademark or other copyrighted or proprietary information.
Unless expressly stated in this Agreement, or in a subsequent agreement entered into by PSYBooks and a Subscriber, nothing herein shall be construed as conferring any license to intellectual property rights, in any form or by any mechanism.
The PSYBooks limited license is revocable at any time without notice and with or without cause, except as provided for in our Subscriber Agreement.

Transmissions

As defined herein, transmissions (“Transmissions”) may take the form of submissions, questions, comments, suggestions, ideas, feedback, notes, messages, emails, postings, letters, or other written materials about, or concerning, our Service, provided by you to PSYBooks, excluding UGC and PHI. You acknowledge that Transmissions by you to and from our Service may be non-confidential, and that others may read and/or intercept such Transmissions.
PSYBooks has the right, but not the obligation, at its sole discretion, to review any Transmissions submitted to our Service and to edit or delete any Transmissions that violate any part of this Agreement. You hereby consent to PSYBooks’ collection and use of such Transmissions in accordance with PSYBooks’ then current Privacy Policy and acknowledge that submitting Transmissions to our Service creates no financial or fiduciary relationship between you and PSYBooks.
By using our Service, you thereby assign all right, title, and interest, including the copyright therein, in all Transmissions, to PSYBooks. Accordingly, PSYBooks shall own all intellectual property rights in the Transmissions and shall be entitled to unrestricted use of the Transmissions for any purpose, commercial or otherwise, without acknowledgment, compensation, or liability to you. By submitting such Transmissions to our Service, you irrevocably waive all “moral rights” in such Transmissions.

Links

Our Service may include hypertext links to other websites over which PSYBooks has no control. PSYBooks makes no representations of any kind regarding the content on such websites or the content on any website linked to such websites or to any changes or modifications made thereto.
You hereby acknowledge that by using any such hypertext links, you irrevocably waive any and all claims against PSYBooks regarding such websites and must adhere to the usage and privacy policies governing such sites. PSYBooks’ usage of links does not imply our endorsement, or sponsorship, of any such websites.

Intellectual Property Rights of Third Parties

PSYBooks respects the intellectual property rights of others and requires Users of our Service to do likewise. PSYBooks prohibits Users from making available, in whatever form and by whatever mechanism, content on our Service that infringes upon any party’s intellectual property rights.
PSYBooks has the right to terminate the Account of any infringing Subscriber and will take steps to do so immediately upon proper notification and in compliance with applicable law. You acknowledge and agree that a violation of the intellectual property rights of others on our Service triggers the Indemnification as provided for herein.

Trademark

All trademarks used on our Service are the property of their respective owners and may not be used without permission therefrom.
Whether or not specifically designated as such, www.psybooks.com and all other colors, graphics, logos, sounds, images, icons and buttons displayed on our Service are, or may be, trademarks of PSYBooks or its affiliates.
Absent prior written consent from PSYBooks, you may not copy, imitate, or use any portion of these marks.

PSYBooks will strictly comply with the requirements of the Digital Millennium Copyright Act, Title 17, United States Code Section 512(c)(2) (“DMCA”). If you believe your copyright has been violated by any content on our Service then you may send a written notification of such infringement to our Designated Agent as set forth below.
PSYBooks has designated an agent to the U.S. Copyright Office to receive notifications of alleged copyright infringement relating to our Service. You must submit all such notifications, in a manner consistent with the DMCA, to PSYBooks’ Designated Agent. Likewise, if you believe that your copyrighted content has been erroneously removed from our Service, you must send a counter notification to PSYBooks’ Designated Agent in a similar DMCA compliant manner.
Send all DMCA compliant notifications to:

DMCA Notification: PSYBooks, LLC

Designated Agent: Susan Litton

2944 Blackwood Rd

Decatur, GA 30033

Email: susan@psybooks.com

Phone: 770-441-6361

User Conduct Restrictions: Impermissible Use and Activities

You agree not to use our Service to transmit data or code which: (1) is unlawful, threatening or abusive; (2) encourages criminal or other activity that would reasonably give rise to civil liability or otherwise violate any local, state, federal, or international law; (3) contains false or misleading information; (4) inhibits another User from use or enjoyment of our Service; (5) is defamatory, libelous or otherwise unlawful; (6) contains a virus or surreptitious code; (7) contains any type of commercial component or advertising; or (8) allows for the harvesting of email addresses or other contact information, or the harvesting of information of any kind.
Furthermore, you agree not to use our Service to engage in the following kinds of activities: (1) transmit, upload, post, store, and share content of any kind, and by any other mechanism, that you are not the lawful owner or licensee of; (2) register for more than one Account or register an Account in the name of another; (3) impersonate a person or entity or make misrepresentations regarding affiliations of any kind; (4) engage in any kind of behavior that can reasonably be construed as SPAMMING; (5) engage in any behavior likely to cause harm to PSYBooks, our Service, its Users, or to the public at large; and (6) upload any UGC that is sexually explicitly or contains pornographic content, a determination that will be made at PSYBooks sole discretion.

Data Collection

Your Transmissions are subject to PSYBooks’ Privacy Policy. By using our Service you agree to review PSYBooks’ Privacy Policy and to be bound by its terms and conditions. From time to time PSYBooks may change its Privacy Policy without notice to you, other than that provided for in the Policy. Your continued use of our Service, after the posting of any changes to said Policy, shall constitute your agreement and acceptance of such changes.
PSYBooks does not knowingly collect personally identifiable information (or information of any other kind) directly from anyone under the age of 18, with or without parental consent, for its own use. If you have a good faith belief that PSYBooks has inadvertently collected such information, please contact PSYBooks at support@psybooks.com. PSYBooks will take immediate steps to remove such information from our Service and from any databases under PSYBooks’ control.

Governing Law

The laws of the State of Georgia, United States of America, shall govern this Agreement, as well as PSYBooks’ Privacy Policy, notwithstanding any principles of conflicts of law.
You agree that any action at law or in equity arising out of or relating to this Agreement, or PSYBooks’ Privacy Policy, other than those disputes or claims subject to Arbitration as enumerated below, shall be filed only in state or federal court located in the State of Georgia, in a venue sitting, or most proximate to, DeKalb County, and you hereby irrevocably and unconditionally consent and submit to the exclusive jurisdiction of such action.

Arbitration

Any claim or controversy arising among or between the parties hereto pertaining to our Service, or any claim or controversy arising out of, or with respect to, any matter contained in this Agreement, or any differences as to the interpretation or performance of this Agreement, other than those wherein either party has infringed or threatened to infringe the other party’s intellectual property rights, or wherein you have violated our User Conduct Restrictions, shall be settled by arbitration in the State of Georgia. Such arbitration shall be before three arbitrators of the American Arbitration Association (the “AAA”) under its then prevailing rules.
Intellectual property rights, as defined herein, include patent, copyright, trademark or trade secrets. You and PSYBooks jointly acknowledge that arbitration is not an adequate remedy at law for actual or threatened infringement of either party’s intellectual property rights. Therefore, it is agreed that injunctive or other appropriate relief may be sought under these circumstances.
In any arbitration involving this Agreement, the arbitrators shall not make any award that will alter, change, cancel or rescind any provision in this Agreement, and their award shall be consistent with the provisions of this Agreement. Any such arbitration must be commenced no later than one (1) year from the date such claim or controversy arose, or the claim is waived.
The award of the arbitrators shall be final and binding and judgment may be entered thereon in any court of competent jurisdiction.

Severability

If any portion of this Agreement or of PSYBooks’ Privacy Policy is determined by a court of competent jurisdiction to be unlawful, void, or unenforceable, that portion will be deemed severable and will not affect the validity and enforceability of any remaining provisions hereof.

Entire Agreement

This Agreement contains all of the terms and condition agreed to by you and PSYBooks with respect your use of our Service. It supersedes all prior agreements, arrangements and communications between the parties dealing with same, whether oral or written.

Definitions and Constructions

Unless otherwise specified, the terms “includes,” “including,” “e.g.,”, “for example, and other similar terms are deemed to include the term “without limitation” immediately thereafter.

General Terms for Subscribers

The following Terms are for Subscribers to our Services. These Terms are in addition to the Terms in the Subscriber Agreement which must be accepted when you register.

Acceptance and Modifications

PSYBooks reserves the right to change or revise this Agreement at any time by posting a notification on our Website. PSYBooks, at its sole discretion, may provide a Subscriber notification via other mechanisms, but is not required to do so.
You are required to affirmatively accept this Agreement when becoming a Subscriber by reading this Agreement and clicking “I Agree.” As a Subscriber, you are also required to affirmatively accept any future revisions to this Agreement in a similar manner. PSYBooks maintains a record of acceptance for each Subscriber, including the version of this Agreement accepted by you whenever you click “I Agree.”
PSYBooks will notify you of revision dates to this Agreement by posting the “last revised date” preceding the first paragraph of this document. The revised Agreement will take effect immediately after it has been posted on our Website.

Eligibility

PSYBooks requires, and enforces, strict compliance with our eligibility (“Eligibility”) requirements, as defined herein. Our Service is not intended for individuals under the age of 18. It is intended solely for members of the consuming public that are of legal age and meet the definition of a qualified Subscriber. Registration on our Service is reserved for qualified Subscribers or their respective agents, and therefore, registration by any other person or entity is strictly prohibited, unauthorized, unlicensed, void, and in violation of this Agreement.
By registering on our Service you assert and warrant that you are doing so for the purpose of using our Service as a qualified Subscriber. Registration for any other purpose violates this Agreement and is strictly prohibited. By registering on our Service you further assert and warrant that you are of legal age and possess the legal capacity to enter into this Agreement on behalf of the entity you represent.

Account Registration

As a Subscriber you are required to provide us accurate, current, reliable and otherwise valid data when completing the registration forms that establish your account (“Account”) on our Service and you agree that such data must be kept current and revised in a timely manner when events occur that may alter its validity.
As a Subscriber you agree that you are solely responsible for the data and activities related to updating and maintaining your Account, notwithstanding the fact the PSYBooks may, for technical or other reasons, assist you in making changes to your Account at your direct request, and after proper authentication.
Registration on our Service requires you to maintain security credentials that allow you access to your Account. These credentials include a user identifier and a corresponding password. You may also be required to establish additional credentials should PSYBooks deem them necessary to protect the integrity of our Service. You agree that you are responsible for maintaining the confidentiality of said credentials.
You acknowledge and agree that PSYBooks is a Business Associate and that Subscriber is a Covered Entity as the terms are defined under 45 CFR §160.103 Definitions of the HIPAA regulations. You further agree that by registering to use our Service you will have to enter into a Business Associate Agreement (i.e. included as part of the Subscriber Agreement) with PSYBooks during the registration process.

User Generated Content

You retain all ownership rights to content of which you are a lawful owner or licensee (“User Generated Content” or “UGC”), including any protected health information as defined in CFR § 160.103 of the HIPAA regulations, and which you make available on our Service via whatever mechanism PSYBooks provides, excluding such items defined as Transmissions herein, and subject to any other rights granted to PSYBooks under this Agreement.
By submitting UGC to our Service, you grant PSYBooks a nonexclusive, worldwide, transferable and fully paid license to copy, crop, reproduce, reformat, translate, publicly display, excerpt (in whole or in part) and distribute your UGC for any purpose, commercial or otherwise (“Limited UGC License”). In addition, the Limited UGC License you grant includes rights that allow PSYBooks to create derivative works, or incorporate your UGC into other works, as PSYBooks sees fit. The license granted PSYBooks herein does not permit PSYBooks to use the Covered Entity’s PHI in a manner that violates the HIPAA Privacy Rule or the Business Associate Agreement entered into between the parties.
PSYBooks acknowledge and agrees that the Limited UGC License granted may only be used by PSYBooks within the context of its Service and consistent with the Business Associate Agreement entered into between the parties.
The Limited UGC License expires when you remove your UGC from our Service. However, PSYBooks requires, and you acknowledge and agree, that PSYBooks may retain archived copies of said UGC in order to meet the requirements of applicable law and for other business reasons that PSYBooks may have to maintain such archives. You acknowledge and agree that this Limited UGC License does not terminate if you have shared your UGC with other Users and said Users have not deleted your UGC.
You represent, warrant, and guarantee that you have the full right, ability, and authority to make available to our Service, by whatever mechanism PSYBooks provides, your UGC. You further represent, warrant, and guarantee that by making available any UGC on our Service, you are not violating any obligation owed by you to any third party, including without limitation, obligations of confidentiality, privacy, attribution or any intellectual property rights including, but not limited to, rights related to patent, trademark, copyright, or trade secrets.

Indemnification

You agree to defend, indemnify, and hold PSYBooks, its parents, subsidiaries, affiliates, officers, agents and employees, its suppliers and their respective affiliates and agents harmless from all claims, liabilities, damages, and expenses (including attorneys’ fees and expenses) arising out of or relating to your use of our Service, including but not limited to: (1) your submission to our Service of any Transmission; (2) your alleged breach of this Agreement; or (3) your infringement of any intellectual property or other right of any person or entity.
PSYBooks acknowledges and agrees that the indemnification sought in 20.1 is limited to acts that are directly or indirectly under your control regarding your use of, or inability to use, our Service, and does not extend beyond that.

Limitations of Liability

IN NO EVENT SHALL PSYBOOKS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES RESULTING FROM YOUR USE OR INABILITY TO USE OUR SERVICE; OR FOR THE LOSS OF PROFITS OR DAMAGES THAT MAY RESULT FROM THEFT, DELAYS, OMISSIONS, INTERRUPTIONS, DELETION OF FILES, ERRORS, DEFECTS, VIRUSES, FAILURE OF PERFORMANCE, DESTRUCTION OR UNAUTHORIZED ACCESS TO OR ALTERATION OF YOUR TRANSMISSIONS, INCLUDING, BUT NOT LIMITED TO, DAMAGES FOR LOSS OF USE, PROFITS, DATA OR OTHER INTANGIBLES WHETHER IN AN ACTION IN CONTRACT, TORT (INCLUDING BUT NOT LIMITED TO NEGLIGENCE); OR OTHERWISE, EVEN IF PSYBOOKS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
APPLICABLE LAW MAY NOT ALLOW THE LIMITATION OR EXCLUSION OF IMPLIED WARRANTIES OR EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES. IN SUCH CASES, THE ABOVE LIMITATION OF LIABILITY MAY NOT APPLY TO YOU. TO THAT EXTENT, PSYBOOKS’ TOTAL LIABILITY TO YOU FOR ALL LOSSES, DAMAGES, AND CAUSES OF ACTION SHALL NOT BE GREATER THAN THE TOTALITY OF PAYMENTS MADE BY YOU TO PSYBOOKS IN EXCHANGE FOR ALLOWING YOU TO USE OUR SERVICE DURING THE PAST THREE MONTHS PRIOR TO THE COMMENCEMENT OF ANY LEGAL ACTION OR PROCEEDING, OR $100.00 USD, WHICHEVER IS LESS.

DISCLAIMER

YOU ACKNOWLEDGE THAT OUR SERVICE AND THE INFORMATION THEREIN ARE PROVIDED ON AN “AS IS” BASIS AND THAT PSYBOOKS MAKES NO REPRESENTATIONS OR WARRANTIES, EITHER EXPRESS OR IMPLIED, REGARDING OUR SERVICE OR THE INFORMATION. PSYBOOKS DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT.
BY USING, OR ATTEMPTING TO USE, OUR SERVICE, YOU EXPRESSLY ACKNOWLEDGE THE FOLLOWING:
1. THE INFORMATION COULD INCLUDE TECHNICAL INACCURACIES AND/OR TYPOGRAPHICAL ERRORS;
2. PSYBOOKS DOES NOT REPRESENT OR WARRANT THE TIMELINESS, RELIABILITY, COMPLETENESS, OR ACCURACY OF THE INFORMATION; AND
3. PSYBOOKS DOES NOT REPRESENT OR WARRANT THAT OUR SERVICE OR ANY RELATED SERVERS ON WHICH IT RESIDES ARE FREE OF ERRORS OR VIRUSES OR OTHER POTENTIALLY DAMAGING CONTENT.
PSYBOOKS MAY PERIODICALLY MAKE CHANGES TO ANY SERVICE CONTENT, INFORMATION, FEATURES OR FUNCTIONS. PSYBOOKS RESERVES THE RIGHT TO IMPLEMENT SUCH CHANGES AT ANY TIME WITHOUT NOTICE TO YOU, OTHER THAN THAT WHICH IS SET FORTH IN THIS AGREEMENT.
UNLESS SPECIFICALLY INDICATED IN WRITING TO THE CONTRARY, NO REFERENCE IN OUR SERVICE TO ANY PRODUCTS, PROCESSES, SERVICES OR OTHER INFORMATION BY TRADE NAME, TRADEMARK, MANUFACTURER, SUPPLIER, OR OTHERWISE, SHALL CONSTITUTE OR IMPLY PSYBOOKS’ ENDORSEMENT OR SPONSORSHIP THEREOF.

Termination

Either you or PSYBooks may terminate this Agreement. You may terminate this Agreement by destroying all materials obtained from our Service, except for UGC and, if you are a Subscriber, by providing a termination notice to PSYBooks at support@psybooks.com. PSYBooks may terminate this Agreement immediately, without notice for any reason, or no reason, other than as provided for in our Subscriber Agreement, and reserves the right to block or prevent your future access to our Service.
Should you or PSYBooks decide to terminate this Agreement then PSYBooks will prevent access to your Account on our Service. PSYBooks agrees to make a good faith effort to resolve an outstanding dispute between PSYBooks and a Subscriber, if any exist, prior to termination. PSYBooks, at its sole discretion, may restore access to your Account if the dispute has been resolved to its satisfaction.
You acknowledge and agree that termination of this Agreement by either party pertains solely to your use of our Service, and has no effect on other contractual obligations that may exist between the parties, which remain in full force and effect.

De-identified Data in Healthcare

Methods of De-Identification

Misuse of Business Associate Agreements

About the Author: Susan Litton

HIPAA Compliance & EHRs: Excellent Solutions to Thorny Problems

The Importance of End-to-End Encryption and Integrated Products

Customizable Mental Health Forms for Group and Private Practices

What Every Therapist Should Know about Email and Texting

Patient Onboarding: Transferring Behavioral Health PHI

De-identified Data in Healthcare