Cargando…
The Ad-Hoc Uncertainty Principle of Patient Privacy
The Health Information Portability and Accountability Act (HIPAA) allows for the exchange of de-identified patient data, but its definition of de-identification is essentially open-ended, thus leaving the onus on dataset providers to ensure patient privacy. The Patient Centered Outcomes Research Net...
| Autores principales: | , , , , , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
American Medical Informatics Association
2018
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC5961824/ https://www.ncbi.nlm.nih.gov/pubmed/29888058 |
| _version_ | 1783324789097627648 |
|---|---|
| author | Klann, Jeffrey G. Joss, Matthew Shirali, Rohan Natter, Marc Schneeweiss, Sebastian Mandl, Kenneth D. Murphy, Shawn N. |
| author_facet | Klann, Jeffrey G. Joss, Matthew Shirali, Rohan Natter, Marc Schneeweiss, Sebastian Mandl, Kenneth D. Murphy, Shawn N. |
| author_sort | Klann, Jeffrey G. |
| collection | PubMed |
| description | The Health Information Portability and Accountability Act (HIPAA) allows for the exchange of de-identified patient data, but its definition of de-identification is essentially open-ended, thus leaving the onus on dataset providers to ensure patient privacy. The Patient Centered Outcomes Research Network (PCORnet) builds a de-identification approach into queries, but we have noticed various subtle problems with this approach. We censor aggregate counts below a threshold (i.e. <11) to protect patient privacy. However, we have found that thresholded numbers can at times be inferred, and some key numbers are not thresholded at all. Furthermore, PCORnet’s approach of thresholding low counts introduces a selection bias which slants the data towards larger health care sites and their corresponding demographics. We propose a solution: instead of censoring low counts, introduce Gaussian noise to all aggregate counts. We describe this approach and the freely available tools we created for this purpose. |
| format | Online Article Text |
| id | pubmed-5961824 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2018 |
| publisher | American Medical Informatics Association |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-59618242018-06-08 The Ad-Hoc Uncertainty Principle of Patient Privacy Klann, Jeffrey G. Joss, Matthew Shirali, Rohan Natter, Marc Schneeweiss, Sebastian Mandl, Kenneth D. Murphy, Shawn N. AMIA Jt Summits Transl Sci Proc Articles The Health Information Portability and Accountability Act (HIPAA) allows for the exchange of de-identified patient data, but its definition of de-identification is essentially open-ended, thus leaving the onus on dataset providers to ensure patient privacy. The Patient Centered Outcomes Research Network (PCORnet) builds a de-identification approach into queries, but we have noticed various subtle problems with this approach. We censor aggregate counts below a threshold (i.e. <11) to protect patient privacy. However, we have found that thresholded numbers can at times be inferred, and some key numbers are not thresholded at all. Furthermore, PCORnet’s approach of thresholding low counts introduces a selection bias which slants the data towards larger health care sites and their corresponding demographics. We propose a solution: instead of censoring low counts, introduce Gaussian noise to all aggregate counts. We describe this approach and the freely available tools we created for this purpose. American Medical Informatics Association 2018-05-18 /pmc/articles/PMC5961824/ /pubmed/29888058 Text en ©2018 AMIA - All rights reserved. This is an Open Access article: verbatim copying and redistribution of this article are permitted in all media for any purpose |
| spellingShingle | Articles Klann, Jeffrey G. Joss, Matthew Shirali, Rohan Natter, Marc Schneeweiss, Sebastian Mandl, Kenneth D. Murphy, Shawn N. The Ad-Hoc Uncertainty Principle of Patient Privacy |
| title | The Ad-Hoc Uncertainty Principle of Patient Privacy |
| title_full | The Ad-Hoc Uncertainty Principle of Patient Privacy |
| title_fullStr | The Ad-Hoc Uncertainty Principle of Patient Privacy |
| title_full_unstemmed | The Ad-Hoc Uncertainty Principle of Patient Privacy |
| title_short | The Ad-Hoc Uncertainty Principle of Patient Privacy |
| title_sort | ad-hoc uncertainty principle of patient privacy |
| topic | Articles |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC5961824/ https://www.ncbi.nlm.nih.gov/pubmed/29888058 |
| work_keys_str_mv | AT klannjeffreyg theadhocuncertaintyprincipleofpatientprivacy AT jossmatthew theadhocuncertaintyprincipleofpatientprivacy AT shiralirohan theadhocuncertaintyprincipleofpatientprivacy AT nattermarc theadhocuncertaintyprincipleofpatientprivacy AT schneeweisssebastian theadhocuncertaintyprincipleofpatientprivacy AT mandlkennethd theadhocuncertaintyprincipleofpatientprivacy AT murphyshawnn theadhocuncertaintyprincipleofpatientprivacy AT klannjeffreyg adhocuncertaintyprincipleofpatientprivacy AT jossmatthew adhocuncertaintyprincipleofpatientprivacy AT shiralirohan adhocuncertaintyprincipleofpatientprivacy AT nattermarc adhocuncertaintyprincipleofpatientprivacy AT schneeweisssebastian adhocuncertaintyprincipleofpatientprivacy AT mandlkennethd adhocuncertaintyprincipleofpatientprivacy AT murphyshawnn adhocuncertaintyprincipleofpatientprivacy |