Have you implemented OpenMRS? Please participate in the Implementation Site Survey. If you already have, thank you!
Make patient data truly de-identified requires following some fairly stringent rules. For example, any dates associated with a patient (including birthdate, visit/encounter dates, dates of observations, etc.) may only use the year (not month or day), so the timestamps on patient data would need to be randomized enough to satisfy HIPAA rules but without losing the sequence of results so the trends of results could remain relatively realistic. Simply shifting all timestamps by the same amount would not meet HIPAA requirements, since the intervals between tests could be used to re-identify the patient. Basically, creating truly de-identified data means creating a dataset that even a team of expert statisticians could not use to establish the identity of any of the patients.
This project would develop an OpenMRS module capable of transforming and exporting data that adheres to HIPAA privacy guidelines.