A secure protocol for protecting the identity of providers when disclosing data for disease surveillance

BACKGROUND: Providers have been reluctant to disclose patient data for public-health purposes. Even if patient privacy is ensured, the desire to protect provider confidentiality has been an important driver of this reluctance. METHODS: Six requirements for a surveillance protocol were defined that s...

Descripción completa

Detalles Bibliográficos
Autores principales: El Emam, Khaled, Hu, Jun, Mercer, Jay, Peyton, Liam, Kantarcioglu, Murat, Malin, Bradley, Buckeridge, David, Samet, Saeed, Earle, Craig
Formato: Texto
Lenguaje:English
Publicado: BMJ Group 2011
Materias:
Research and Applications
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC3078664/
https://www.ncbi.nlm.nih.gov/pubmed/21486880
http://dx.doi.org/10.1136/amiajnl-2011-000100
_version_ 1782201963524390912
author El Emam, Khaled
Hu, Jun
Mercer, Jay
Peyton, Liam
Kantarcioglu, Murat
Malin, Bradley
Buckeridge, David
Samet, Saeed
Earle, Craig
author_facet El Emam, Khaled
Hu, Jun
Mercer, Jay
Peyton, Liam
Kantarcioglu, Murat
Malin, Bradley
Buckeridge, David
Samet, Saeed
Earle, Craig
author_sort El Emam, Khaled
collection PubMed
description BACKGROUND: Providers have been reluctant to disclose patient data for public-health purposes. Even if patient privacy is ensured, the desire to protect provider confidentiality has been an important driver of this reluctance. METHODS: Six requirements for a surveillance protocol were defined that satisfy the confidentiality needs of providers and ensure utility to public health. The authors developed a secure multi-party computation protocol using the Paillier cryptosystem to allow the disclosure of stratified case counts and denominators to meet these requirements. The authors evaluated the protocol in a simulated environment on its computation performance and ability to detect disease outbreak clusters. RESULTS: Theoretical and empirical assessments demonstrate that all requirements are met by the protocol. A system implementing the protocol scales linearly in terms of computation time as the number of providers is increased. The absolute time to perform the computations was 12.5 s for data from 3000 practices. This is acceptable performance, given that the reporting would normally be done at 24 h intervals. The accuracy of detection disease outbreak cluster was unchanged compared with a non-secure distributed surveillance protocol, with an F-score higher than 0.92 for outbreaks involving 500 or more cases. CONCLUSION: The protocol and associated software provide a practical method for providers to disclose patient data for sentinel, syndromic or other indicator-based surveillance while protecting patient privacy and the identity of individual providers.
format Text
id pubmed-3078664
institution National Center for Biotechnology Information
language English
publishDate 2011
publisher BMJ Group
record_format MEDLINE/PubMed
spelling pubmed-30786642011-04-18 A secure protocol for protecting the identity of providers when disclosing data for disease surveillance El Emam, Khaled Hu, Jun Mercer, Jay Peyton, Liam Kantarcioglu, Murat Malin, Bradley Buckeridge, David Samet, Saeed Earle, Craig J Am Med Inform Assoc Research and Applications BACKGROUND: Providers have been reluctant to disclose patient data for public-health purposes. Even if patient privacy is ensured, the desire to protect provider confidentiality has been an important driver of this reluctance. METHODS: Six requirements for a surveillance protocol were defined that satisfy the confidentiality needs of providers and ensure utility to public health. The authors developed a secure multi-party computation protocol using the Paillier cryptosystem to allow the disclosure of stratified case counts and denominators to meet these requirements. The authors evaluated the protocol in a simulated environment on its computation performance and ability to detect disease outbreak clusters. RESULTS: Theoretical and empirical assessments demonstrate that all requirements are met by the protocol. A system implementing the protocol scales linearly in terms of computation time as the number of providers is increased. The absolute time to perform the computations was 12.5 s for data from 3000 practices. This is acceptable performance, given that the reporting would normally be done at 24 h intervals. The accuracy of detection disease outbreak cluster was unchanged compared with a non-secure distributed surveillance protocol, with an F-score higher than 0.92 for outbreaks involving 500 or more cases. CONCLUSION: The protocol and associated software provide a practical method for providers to disclose patient data for sentinel, syndromic or other indicator-based surveillance while protecting patient privacy and the identity of individual providers. BMJ Group 2011-04-12 2011 /pmc/articles/PMC3078664/ /pubmed/21486880 http://dx.doi.org/10.1136/amiajnl-2011-000100 Text en © 2011, Published by the BMJ Publishing Group Limited. For permission to use (where not already granted under a licence) please go to http://group.bmj.com/group/rights-licensing/permissions. This is an open-access article distributed under the terms of the Creative Commons Attribution Non-commercial License, which permits use, distribution, and reproduction in any medium, provided the original work is properly cited, the use is non commercial and is otherwise in compliance with the license. See: http://creativecommons.org/licenses/by-nc/2.0/ and http://creativecommons.org/licenses/by-nc/2.0/legalcode.
spellingShingle Research and Applications
El Emam, Khaled
Hu, Jun
Mercer, Jay
Peyton, Liam
Kantarcioglu, Murat
Malin, Bradley
Buckeridge, David
Samet, Saeed
Earle, Craig
A secure protocol for protecting the identity of providers when disclosing data for disease surveillance
title A secure protocol for protecting the identity of providers when disclosing data for disease surveillance
title_full A secure protocol for protecting the identity of providers when disclosing data for disease surveillance
title_fullStr A secure protocol for protecting the identity of providers when disclosing data for disease surveillance
title_full_unstemmed A secure protocol for protecting the identity of providers when disclosing data for disease surveillance
title_short A secure protocol for protecting the identity of providers when disclosing data for disease surveillance
title_sort secure protocol for protecting the identity of providers when disclosing data for disease surveillance
topic Research and Applications
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC3078664/
https://www.ncbi.nlm.nih.gov/pubmed/21486880
http://dx.doi.org/10.1136/amiajnl-2011-000100
work_keys_str_mv AT elemamkhaled asecureprotocolforprotectingtheidentityofproviderswhendisclosingdatafordiseasesurveillance
AT hujun asecureprotocolforprotectingtheidentityofproviderswhendisclosingdatafordiseasesurveillance
AT mercerjay asecureprotocolforprotectingtheidentityofproviderswhendisclosingdatafordiseasesurveillance
AT peytonliam asecureprotocolforprotectingtheidentityofproviderswhendisclosingdatafordiseasesurveillance
AT kantarcioglumurat asecureprotocolforprotectingtheidentityofproviderswhendisclosingdatafordiseasesurveillance
AT malinbradley asecureprotocolforprotectingtheidentityofproviderswhendisclosingdatafordiseasesurveillance
AT buckeridgedavid asecureprotocolforprotectingtheidentityofproviderswhendisclosingdatafordiseasesurveillance
AT sametsaeed asecureprotocolforprotectingtheidentityofproviderswhendisclosingdatafordiseasesurveillance
AT earlecraig asecureprotocolforprotectingtheidentityofproviderswhendisclosingdatafordiseasesurveillance
AT elemamkhaled secureprotocolforprotectingtheidentityofproviderswhendisclosingdatafordiseasesurveillance
AT hujun secureprotocolforprotectingtheidentityofproviderswhendisclosingdatafordiseasesurveillance
AT mercerjay secureprotocolforprotectingtheidentityofproviderswhendisclosingdatafordiseasesurveillance
AT peytonliam secureprotocolforprotectingtheidentityofproviderswhendisclosingdatafordiseasesurveillance
AT kantarcioglumurat secureprotocolforprotectingtheidentityofproviderswhendisclosingdatafordiseasesurveillance
AT malinbradley secureprotocolforprotectingtheidentityofproviderswhendisclosingdatafordiseasesurveillance
AT buckeridgedavid secureprotocolforprotectingtheidentityofproviderswhendisclosingdatafordiseasesurveillance
AT sametsaeed secureprotocolforprotectingtheidentityofproviderswhendisclosingdatafordiseasesurveillance
AT earlecraig secureprotocolforprotectingtheidentityofproviderswhendisclosingdatafordiseasesurveillance

Ejemplares similares