Preserving patient privacy when sharing same-disease data

Xiaoping Liu, Xiao Bai Li, Luvai Motiwalla, Wenjun Li, Hua Zheng, Patricia Durkin Franklin

Research output: Contribution to journalArticlepeer-review

6 Scopus citations

Abstract

Medical and health data are often collected for studying a specific disease. For such same-disease microdata, a privacy disclosure occurs as long as an individual is known to be in the microdata. Individuals in samedisease microdata are thus subject to higher disclosure risk than those in microdata with different diseases. This important problem has been overlooked in data-privacy research and practice, and no prior study has addressed this problem. In this study, we analyze the disclosure risk for the individuals in same-disease microdata and propose a new metric that is appropriate for measuring disclosure risk in this situation. An efficient algorithm is designed and implemented for anonymizing same-disease data to minimize the disclosure risk while keeping data utility as good as possible. An experimental study was conducted on real patient and population data. Experimental results show that traditional reidentification risk measures underestimate the actual disclosure risk for the individuals in same-disease microdata and demonstrate that the proposed approach is very effective in reducing the actual risk for same-disease data. This study suggests that privacy protection policy and practice for sharing medical and health data should consider not only the individuals' identifying attributes but also the health and disease information contained in the data. It is recommended that data-sharing entities employ a statistical approach, instead of the HIPAA's Safe Harbor policy, when sharing same-disease microdata.

Original languageEnglish (US)
Article number17
JournalJournal of Data and Information Quality
Volume7
Issue number4
DOIs
StatePublished - Oct 2016

Keywords

  • Data sharing
  • Disclosure risk
  • HIPAA

ASJC Scopus subject areas

  • Information Systems
  • Information Systems and Management

Fingerprint Dive into the research topics of 'Preserving patient privacy when sharing same-disease data'. Together they form a unique fingerprint.

Cite this