Access to clinical data is of increasing importance to biomedical research. The pending HIPAA privacy regulations provide specific requirements for the release of protected health information. Under the regulations, biomedical researchers may utilize anonymized data, or adhere to HIPAA requirements regarding protected health information. In order to provide researchers with anonymized data from a clinical research database, we reviewed several published strategies for de-identification of protected health information. Critical analysis with respect to this project suggests that de-identification alone is problematic when applied to clinical research databases. We propose a hybrid system; utilizing secure key escrow, de-identification, and role-based access for IRB approved researchers.