Skip directly to searchSkip directly to the site navigationSkip directly to the page's main content

Confidentiality and Privacy

The Utah Department of Health makes public health data available while protecting the confidentiality of the data and the privacy of individuals. Below are some of the measures taken to ensure privacy and confidentiality.


See the IBIS Data Release Policyfor more information about HIPAA guidelines and specifics on how personal health information protected within the IBIS website.


Limited Data set

    Data records accessible through the IBIS query system have been scrubbed of individually identifying information, such as name, address, social security number, date of service, telephone number, patient ID number, and so forth.

Cell Suppression

  • Before 2009, the IBIS-PH Query System employed a cell suppression algorithm to minimize the risk that an individual might be identified. Data results that fell below an established limit were not made available to the user. For most data sets the rule that was applied was that data results with fewer than five cases in the numerator and fewer than 30 cases in the denominator would be suppressed. In addition, numbers along table margins were also suppressed if they could be used to calculate the number in a suppressed cell. For example, if a table column had the value for female suppressed and displays a value of 15 for male, the total for that column would also be suppressed since subtracting the 15 male records from the total would give the user the number of female records.

  • Since October 2009, all data modules employ rules based upon the relative standard error (coefficient of variation) to suppress a cell. The RSE suppression rules will be implemented in all IBIS query modules later. For detailed information, please see the Data Suppression Guidelines Summary and the Data Suppression Historical Detail.

Data Use Agreement

    In accordance with the requirements of disclosure of a limited data set under the HIPAA Privacy Rule, it is our policy to provide a data use agreement for IBIS data query users. The agreement appears online at the beginning of each query system user session. Users must agree to the stated conditions for use of the data in order to get past that screen. The data use agreement (see below) is compliant with the HIPAA definition of a data use agreement.

Confidentiality and Privacy

(last updated October 2009)
Limited Data Set (Identifiers that must be removed.) Cell Suppression Data Use Agreement
  1. Names
  2. Postal address information, other than town or city, state, and ZIP Code
  3. Telephone numbers
  4. Fax numbers
  5. Electronic mail addresses
  6. Social security numbers
  7. Medical record numbers
  8. Health plan beneficiary numbers
  9. Account numbers
  10. Certificate/license numbers
  11. Vehicle identifiers and serial numbers, including license plate numbers
  12. Device identifiers and serial numbers
  13. Web universal resource locators (URLs)
  14. Internet protocol (IP) address numbers
  15. Biometric identifiers, including fingerprints and voiceprints
  16. Full-face photographic images and any comparable images
Numbers suppressed (**) when:

Numerator < 5
Denominator < 30 In BRFSS module, numbers suppressed (**) when: RSE > 50% Number shown with (*) when: 30% < RSE <= 50%
Utah Department of Health
IBIS Query System, Data Use Agreement


The data and information provided through the IBIS-PH Query System are intended to support any individuals or entities engaged in activities designed solely to enhance the well-being of a specific community, which may include State of Utah. Activities include informing evidence-based decision making in Utah to plan and improve health service delivery, evaluate health care interventions and systems, and inform health policy decisions. Other uses are not permissible.
As an IBIS-PH Query System user, I agree to:
  • Use the data for statistical reporting and analysis only.
  • Avoid any attempt to identify or contact individual(s) represented in the IBIS-PH query system data.
  • Avoid disclosure or use of the identity of any individual(s) discovered inadvertently.
  • Avoid linkage of IBIS-PH query system data with other data that, after linkage, might allow identification of an individual represented in the IBIS-PH query system data.
  • Use appropriate safeguards to prevent the inappropriate use or disclosure of individual(s) represented in the data, including when disclosing IBIS-PH Query System data to others.
  • Report IMMEDIATELY any inadvertent or intentional identity disclosures or violations of this agreement of which I become aware to the Director of the Center for Public Health Data, Utah Department of Health.
I understand that failure to adhere to the above stated agreement items will result in loss of access to UDOH Internet databases, and I may be subject to legal penalties. Any use, release, or publication of health data contrary to the provisions stated is a class B misdemeanor, with subsequent violation begin class A misdemeanors punishable by a fine of up to $5,000 per offense (Chapter 23, Title 26, Utah Code Annotated). If I am a Utah state government employee, this may be grounds for immediate dismissal.


Query Help Page IBIS Help Page Email IBIS-PH Director IBIS-PH Home Page
The information provided above is from the Department of Health's Center for Health Data IBIS-PH web site (http://ibis.health.state.gov). The information published on this website may be reproduced without permission. Please use the following citation: " Retrieved Wed, 08 April 2020 20:16:14 from Department of Health, Center for Health Data, Indicator-Based Information System for Public Health Web site: http://ibis.health.state.gov ".

Content updated: Wed, 18 Sep 2019 09:30:06 MDT