I will be receiving data files that include as the primary ID a social
security number (SSN). Yes, using SSNs as IDs is a worrisome practice, but
the agency we are dealing with is not going to change this policy, at least
in the near term.
I am obligated to protect the privacy of this information, and if the data
production were a one-time event, I could use some variant of a uniformly
distributed random number to generate an alternative ID and keep the
cross-walk between the SSN and the uniform random number locked in a
separate location. However, there will be ongoing updates that will require
match merges based on the SSN, along with the addition of new cases to the
population.
Has anyone on the list developed code for encrypting/decrypting a field
that they could send me? I know that there is C++ code in the free Cryptlib
toolkit but I would prefer not to have to plunge into this unless it's
really necessary.
