OpenMRS has a built in way to simply obscure all patient's names in the system using your runtime properties:
obscure_patients=false obscure_patients.given_name=John obscure_patients.middle_name=P. obscure_patients.family_name=Smith
This archive:anonymizing sql script will scramble your patient names, patient addresses, locations, and any dates stored against patients. User names and passwords will be reset to username-"id" / test.WARNING:
Do not run this on a live database. Only run this on a copy. Accurate data is impossible to recover from this.
This anonymization may not be fully HIPAA compliant. It is very difficult to truly anonymize (de-identify) data such that someone could not re-identify a patient. People (and a growing number of tools) can come up with clever ways of figuring out identities from supposedly anonymous data. Any free text (comments on observations, observations with text values, or any user-entered text anywhere else in the database) could accidentally reveal a patient's identity. Whenever possible, avoid sharing patient data publicly (even if you think you have anonymized it). If you want/need to share data publicly, be extremely vigilant in ensuring that the data are truly anonymized.
Ideally, all protected health information should be anonymized, including: