Skip to main content

Universal De-identification Platform (UDiP)

Healthcare & Life Sciences


The Universal De-identification Platform (UDiP) provides a comprehensive answer for organizations that want to expose or share their information assets, without revealing the identity of the individuals involved. De-identification issues usually arise when internal information needs to be sent outside the enterprise and processed by a third party. For example, in healthcare, de-identification is often mandated when medical information is passed outside the hospital premises, say, to a research center. Medical information is naturally associated with a specific individual. When this data leaves the hospital premises, it must be altered so that it cannot be re-associated with that individual. Even in this case, the process should preserve the ability to correlate the de-identified document with other de-identified documents or records from the same individual.

UDIP can also be used for de-identification tasks in other industries, such as the financial world. For example, let's say a financial services provider wants to develop some new functionality for its system and needs to provide data for testing purposes. At the same time, that financial institution must maintain its customers' confidentiality. Using de-identification technology, identifying details are removed from the data while maintaining the correlation between records that belong to the same individual.

UDIP enables de-identification services for structured and unstructured data. The UDIP platform provides a loosely-coupled, pluggable architecture, so it can easily be adapted for changing environments and new de-identification requirements. This flexibility also means that enterprises can integrate their own de-identification capabilities and services within the UDIP platform, taking advantage of existing assets and legacy systems. UDIP is also known as the IBM De-Identification Framework for Compliance to Privacy Laws.

UDIP is an IBM IGS asset known as the IBM De-identification Framework for Compliance to Privacy Laws. In addition, UDIP is part of IBM products such as the Healthcare Collaborative Network (HCN) and the IBM Clinical Genomics (CG) solutions–CG V2, CG V3 Blue, and CG V3 Express.

The UDIP exposes a rich set of interfaces across a variety of protocols and provides a simple framework for a variety of de-identification algorithms and systems. The UDIP core manages the business flow and enables collaboration between associated business services.

The main business services provided by the UDIP core include the following:

  • XML De-identification Engine - de-identification of XML-based documents
  • DICOM De-identification Engine - de-identification of DICOM objects
  • Tabular De-identification Engine - de-identification of database query results
  • CSV De-identification Engine - de-identification of data in CSV format
  • Spreadsheet De-identification Engine - de-identification of spreadsheets, such as Excel
  • HL7 De-identification Engine - de-identification of HL7 messages
  • Free Text Anonymization
  • AGPI Proxy - connects to AGPI Server to accept AGPI id. This id enables correlation of different de-identified documents belonging to the same person
  • Administration Module - Web-based configuration and monitoring
  • Security Module - authentication and authorization services

Universal De-identification Platform (UDiP)
Universal De-identification Platform (UDiP)

UDIP supports healthcare regulations such as HIPAA and medical standards including HL7, DICOM, CDA, BSML, ODM, and MAGE.