Building public trust in uses of Health Insurance Portability and Accountability Act de-identified data

Journal of the American Medical Informatics Association (Impact Factor: 3.93). 06/2012; 20(1). DOI: 10.1136/amiajnl-2012-000936
Source: PubMed

ABSTRACT OBJECTIVES: The aim of this paper is to summarize concerns with the de-identification standard and methodologies established under the Health Insurance Portability and Accountability Act (HIPAA) regulations, and report some potential policies to address those concerns that were discussed at a recent workshop attended by industry, consumer, academic and research stakeholders. TARGET AUDIENCE: The target audience includes researchers, industry stakeholders, policy makers and consumer advocates concerned about preserving the ability to use HIPAA de-identified data for a range of important secondary uses. SCOPE: HIPAA sets forth methodologies for de-identifying health data; once such data are de-identified, they are no longer subject to HIPAA regulations and can be used for any purpose. Concerns have been raised about the sufficiency of HIPAA de-identification methodologies, the lack of legal accountability for unauthorized re-identification of de-identified data, and insufficient public transparency about de-identified data uses. Although there is little published evidence of the re-identification of properly de-identified datasets, such concerns appear to be increasing. This article discusses policy proposals intended to address de-identification concerns while maintaining de-identification as an effective tool for protecting privacy and preserving the ability to leverage health data for secondary purposes.

  • Journal of the American Medical Informatics Association 12/2012; 20(1). DOI:10.1136/amiajnl-2012-001509 · 3.93 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: OBJECTIVE: Privacy-preserving data publishing addresses the problem of disclosing sensitive data when mining for useful information. Among existing privacy models, ε-differential privacy provides one of the strongest privacy guarantees and makes no assumptions about an adversary's background knowledge. All existing solutions that ensure ε-differential privacy handle the problem of disclosing relational and set-valued data in a privacy-preserving manner separately. In this paper, we propose an algorithm that considers both relational and set-valued data in differentially private disclosure of healthcare data. METHODS: The proposed approach makes a simple yet fundamental switch in differentially private algorithm design: instead of listing all possible records (ie, a contingency table) for noise addition, records are generalized before noise addition. The algorithm first generalizes the raw data in a probabilistic way, and then adds noise to guarantee ε-differential privacy. RESULTS: We showed that the disclosed data could be used effectively to build a decision tree induction classifier. Experimental results demonstrated that the proposed algorithm is scalable and performs better than existing solutions for classification analysis. LIMITATION: The resulting utility may degrade when the output domain size is very large, making it potentially inappropriate to generate synthetic data for large health databases. CONCLUSIONS: Unlike existing techniques, the proposed algorithm allows the disclosure of health data containing both relational and set-valued data in a differentially private manner, and can retain essential information for discriminative analysis.
    Journal of the American Medical Informatics Association 12/2012; 20(3). DOI:10.1136/amiajnl-2012-001027 · 3.93 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: There is an increasing awareness of the power of integrating multiple sources of data to accelerate biomedical discoveries. Some even argue that it is unethical not to share data that could be used for the public good. However, the challenges involved in sharing clinical and biomedical data are seldom discussed. I briefly review some of these challenges and provide an overview of how they are being addressed by the scientific community.
    Science translational medicine 12/2012; 4(165):165cm15. DOI:10.1126/scitranslmed.3004454 · 14.41 Impact Factor

Preview (2 Sources)

1 Download
Available from