Pass the Salt

Pass the Salt is a simple and secure model for anonymising and sharing individual-level health information.

The party seeking to study health information (‘Quester’) submits an application form to each institution responsible for guarding that health information (‘Guardian’). The Quester elects one Guardian to be the ‘Salt Shaker’. The Salt Shaker picks a secret salt (an encryption key of at least 10 characters, including mixed case and numbers) and passes it to the other Guardians. Each Guardian removes any identifying information from their data and uses the secret salt to encrypt the common patient identifier (NHI in New Zealand). Non-identifiable information is forwarded to the Quester. The Quester can use the encrypted identifier to link the datasets but cannot reverse the encryption.

Download

Documentation: pass-the-salt.pdf

Spreadsheet for identifier encryption: pass-the-salt.xlsm (requires Microsoft Excel 2007)