Anonymizing a risk assessment is the removal of all 18 HIPAA Safe Harbor IDs (45 CFR §164.514(b)) from a safety review. anonym.plus does it on your device. The findings stay readable; the person is not named.
When this applies
A team studies risk patterns to improve protocols. The forms name clients, dates, and a named third party, all of which must come out first.
How anonym.plus handles it
- Open the form in anonym.plus on your machine.
- Local OCR reads any scanned page.
- It flags names, dates, and any third party.
- Review each flag and keep the safety findings.
- Replace each ID with a label, or black it out.
- Save the clean form. The source stays local.
What you need to provide
- The form (PDF, DOCX, TXT, or scan).
- An operator: Replace, Redact, or Mask.
- Optional: a name map for re-linking.
PHI entity types detected
| Category | anonym.plus entity type | Example |
|---|---|---|
| Client | PERSON | Rosa Mejia → [CLIENT_1] |
| Assessed date | DATE_TIME | Assessed 04/09/2026 → [DATE] |
| Third party | PERSON | ex-partner Vic → [PARTY_1] |
| Record ID | MEDICAL_RECORD_NUMBER | MRN 38812 → [MRN] |
| Phone | PHONE_NUMBER | (305) 555 0152 → [PHONE] |
| National ID | US_SSN / NATIONAL_ID | 447-19-2230 → [ID] |
Compliance achieved
- Removes all 18 ID classes for HIPAA Safe Harbor (45 CFR §164.514(b)).
- Runs offline, so no BAA is required.
- Forms are kept safe with AES-256-GCM.
- Covers GDPR Art. 9 health data for EU clients.
Anonymize behavioral risk assessments offline — see plans & start free →
Limitations & cautions
A risk form often names a third party at the heart of the concern. The tool flags those names too. You still confirm no rare detail can re-identify either the client or that party.
Frequently asked questions
Are named third parties removed?
Yes. A risk form may name an ex-partner or family member. Each is an identifier, and the tool flags them so neither person is exposed.
Can I study risk trends safely?
Yes. Once the forms are de-identified, they are no longer PHI and may support protocol review without further authorization.
Is this a cloud service?
No. The app runs on your own device. Nothing is uploaded.