GRUID (Global Research Unique Identifier) provides a secure, privacy-first method to identify the same patients across institutions or datasets, without ever transmitting or storing protected health information (PHI)
Why GRUID?
Enables collaboration across centers and datasets by confirming when two records belong to the same patient
Strictly preserves privacy, as patients are never re-identified and no PHI is shared
Improves data quality by identifying duplication in multi-center registries
Scales easily as new hospitals join, without compromising security
Built for trust, with cryptography and key management practices that meet best-in-class standards
How GRUID works
Local protection first: Patient health information never leaves the hospital environment. All sensitive inputs are encrypted with a one-way hash and transformed locally, behind the hospital firewall.
Secure token generation: The GRUID desktop application converts relevant identifiers into anonymized hash keys using modern SHA-3 cryptography. Only these secure tokens—never the underlying PHI—are shared.
Cross-center comparison: Participating sites provide encrypted token files, which can be compared safely to detect duplicate patients across hospitals. At no point is patient data exposed or recoverable.
Compliance assured: No PHI is ever stored in the application or transmitted externally. The process aligns with HIPAA and GDPR standards, with strict access controls built in.