Current studentsExisting staffContact us
 

R-U policy frontiers for health data de-identification

Date

2015

Authors

Xia, W.
Heatherly, R.
Ding, X.
Li, J.
Malin, B.A.

Editors

Advisors

Journal Title

Journal ISSN

Volume Title

Type:

Journal article

Citation

Journal of the American Medical Informatics Association : JAMIA, 2015; 22(5):1029-1041

Statement of Responsibility

Conference Name

DOI

10.1093/jamia/ocv004

Abstract

Objective The Health Insurance Portability and Accountability Act Privacy Rule enables healthcare organizations to share de-identified data via two routes. They can either 1) show re-identification risk is small (e.g., via a formal model, such as k-anonymity) with respect to an anticipated recipient or 2) apply a rule-based policy (i.e., Safe Harbor) that enumerates attributes to be altered (e.g., dates to years). The latter is often invoked because it is interpretable, but it fails to tailor protections to the capabilities of the recipient. The paper shows rule-based policies can be mapped to a utility (U) and re-identification risk (R) space, which can be searched for a collection, or frontier, of policies that systematically trade off between these goals. Methods We extend an algorithm to efficiently compose an R-U frontier using a lattice of policy options. Risk is proportional to the number of patients to which a record corresponds, while utility is proportional to similarity of the original and de-identified distribution. We allow our method to search 20 000 rule-based policies (out of 2700) and compare the resulting frontier with k-anonymous solutions and Safe Harbor using the demographics of 10 U.S. states. Results The results demonstrate the rule-based frontier 1) consists, on average, of 5000 policies, 2% of which enable better utility with less risk than Safe Harbor and 2) the policies cover a broader spectrum of utility and risk than k-anonymity frontiers. Conclusions R-U frontiers of de-identification policies can be discovered efficiently, allowing healthcare organizations to tailor protections to anticipated needs and trustworthiness of recipients.

School/Discipline

Dissertation Note

Provenance

Description

Data source: Supplementary data, http://jamia.oxfordjournals.org/highwire/filestream/20605/field_highwire_adjunct_files/0/appendix_0.12_BAM.docx

Access Status

Rights

Copyright 2015 the authors. Published by Oxford University Press on behalf of the American Medical Informatics Association.

License

Grant ID

Published Version

https://doi.org/10.1093/jamia/ocv004

Call number

Persistent link to this record

https://hdl.handle.net/11541.2/117430