Skip to main content
SpringerLink
Log in

On Deducibility and Anonymisation in Medical Databases

  • Conference paper
Secure Data Management (SDM 2005)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 3674))

Included in the following conference series:

Abstract

The utilisation of real medical data in research projects is becoming evermore widespread, and a clear duty of care towards such data is mandatory. To this end, anonymisation is essential. It is well understood that a conflict between functionality and confidentiality exists within this context: while patients’ confidentiality must be preserved, restricting access can reduce the value of the data that is available to researchers. As such, limiting access so that confidentiality is preserved while still ensuring a high degree of functionality should be a key aim of every designer of medical research databases. In this paper, we outline an approach developed within the e-DiaMoND project that combines anonymisation and query modification to manage this conflict.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Armstrong, W.W.: Dependency structures of data base relationships. In: Proc. IFIP Congress, Stockholm, Sweden (1974)

    Google Scholar 

  2. Bethelehem, J.G., Keller, W.J., Pannekoek, J.: Disclosure control of microdata. Journal of the American Statistical Association 85, 38–45 (1990)

    Article  Google Scholar 

  3. Biskip, J., Bonatti, P.A.: Controlled query evaluation for enforcing confidentiality in complete information systems. International Journal of Information Security (Special issue on ESORICS 2002 2(1), 14–27 (2004)

    Google Scholar 

  4. Brady, J.M., Gavaghan, D.J., Simpson, A.C., Parada, M.M., Highnam, R.P.: e-DiaMoND: A Grid-enabled federated database of annotated mammograms. In: Berman, F., Fox, G.C., Hey, A.J.G. (eds.) Grid Computing: Making the Global Infrastructure a Reality. Wiley Series, pp. 923–943 (2003)

    Google Scholar 

  5. The Caldicott Report (December 1997), http://www.publications.doh.gov.uk/ipu/confiden

  6. Chauduri, S.: Generalization and a framework for query modification. In: Proceedings of the IEEE International Conference on Data Engineering (1990)

    Google Scholar 

  7. Chen, G., Keller-McNulty, S.: Estimation of deidentification disclosure risk in microdata. Journal of Official Statistics 14(1), 79–95 (1998)

    Google Scholar 

  8. Dalenius, T., Reiss, S.P.: Data-swapping: a technique for disclosure contol. Journal of Statistical Planning and Inference 6, 73–85 (1982)

    Article  MATH  MathSciNet  Google Scholar 

  9. Date, C.J.: An Introduction to Database Systems, 7th edn. Addison-Wesley, Reading (2000)

    Google Scholar 

  10. Denning, D.E.: A lattice model of secure information flow. Communications of the ACM 19(5), 236–243 (1976)

    Article  MATH  MathSciNet  Google Scholar 

  11. Denning, D.E., Denning, P.J.: Data security. ACM Conputing Surveys 11(3) (September 1979)

    Google Scholar 

  12. Denning, D.E., Denning, P.J., Schwartz, M.D.: The tracker: a threat to statistical database security. ACM Transactions on Database Systems 4(1), 7–18 (1978)

    Google Scholar 

  13. Data Protection Act 1998. The Stationery Office Limited, London (1998)

    Google Scholar 

  14. Du., K.: On automated query modification techniques for databases. PhD thesis, Case Western Reserve University (May 1993)

    Google Scholar 

  15. Elliot, M.J.: Dis: a new approach to the measurement of statistical disclosure risk. International Journal of Risk Management, 39–48 (2000)

    Google Scholar 

  16. Feinberg, S.E., Markov, U.E.: Confidentiality, uniqueness, and disclosure information for categorical data. Journal of Official Statistics, 385–397 (1998)

    Google Scholar 

  17. Florescu, D., Raschid, L., Valduriez, P.: Query modification in multidatabase systems. International Journal of Intelligent and Cooperative Information Systems (Special Issue on Formal Methods in Cooperative Information Systems: Heterogeneous Databases) 5(4) (December 1996)

    Google Scholar 

  18. Fonkam, M.M., Gray, W.A.: Employing integrity constraints for query modification and intensional answer generation in multi-database systems. In: Gray, P.M.D., Lucas, R.J. (eds.) BNCOD 1992. LNCS, vol. 618, pp. 244–260. Springer, Heidelberg (1992)

    Google Scholar 

  19. Greenberg, B., Zayatz, L.: Strategies for measuring risk in public use microdata files. Statistica Neerlandica, 33–48 (1992)

    Google Scholar 

  20. Harman, D.: Relevance feedback and other query modification techniques. In: Frakes, W.B., Baeza-Yates, R. (eds.) Information retrieval: data structures and algorithms. Prentice-Hall, Englewood Cliffs (1992)

    Google Scholar 

  21. Human Rights Act 1998. The Stationery Office Limited, London (1998)

    Google Scholar 

  22. Lambert, D.: Measures of disclosure risk and harm. Journal of Official Statistics 9, 313–331 (1993)

    Google Scholar 

  23. Power, D.J., Politou, E., Slaymaker, M.A., Harris, S., Simpson, A.C.: An approach to the storage of dicom files for grid-enabled medical imaging databases. In: Proceedings of the ACM Symposium on Applied Computing, pp. 272–279 (2004)

    Google Scholar 

  24. Power, D.J., Slaymaker, M.A., Politou, E.A., Simpson, A.C.: Protecting sensitive patient data via query modification. In: ACM Symposium on Applied Computing, pp. 224–230 (2005)

    Google Scholar 

  25. Simpson, A.C., Power, D.J., Slaymaker, M.A., Lloyd, S.L., Politou, E.A.: GIMI: Generic infrastructure for medical informatics. In: IEEE Computer-Based Medical Systems (2005) (to appear)

    Google Scholar 

  26. Skinner, C.J., Marsh, C., Openshaw, S., Wymer, C.: Disclosure control for census microdata. Journal of Official Statistics, 31–51 (1994)

    Google Scholar 

  27. Slaymaker, M.A., Politou, E., Power, D.J., Lloyd, S.L., Simpson, A.C.: Security aspects of grid-enabled digital mammography. Methods of Information in Medicine (2004) (to appear)

    Google Scholar 

  28. Slaymaker, M.A., Power, D.J., Politou, E.A., Simpson, A.C.: A vision for secure grid-enabled healthcare. In: Workshop on Grid Security Practice and Experience. Technical Report YCS-2004-380, University of York (June 2004)

    Google Scholar 

  29. Spivey, J.M.: The Z Notation: A Reference Manual, 2nd edn. Prentice-Hall International, Englewood Cliffs (1992)

    Google Scholar 

  30. Stonebraker, M.: Implementation of integrity constraints and views by query modification. In: Proceedings of ACM SIGMOD International Conference on the Management of Data, pp. 65–78 (1975)

    Google Scholar 

  31. Stonebraker, M., Wong, E.: Access control in a relational data base management system by query modification. In: ACM/CSC-ER Proceedings of the 1974 annual conference (1974)

    Google Scholar 

  32. Tendick, P., Matloff, N.: A modified random pertubation method for database security. ACM Transactions on Database Systems 19(1) (1994)

    Google Scholar 

  33. Walker, A., Salveter, S.C.: Automatic modification of transactions to preserve data base integrity without undoing updates. Technical Report 81/026, State University of New York, Stony Brook, New York (June 1981)

    Google Scholar 

  34. Wang, L., Jajodia, S., Wijesekera, D.: Securing OLAP data cubes against privacy breaches. In: Proceedings of the 2004 IEEE Symposium on Security and Privacy, pp. 161–175 (2004)

    Google Scholar 

  35. Willemborg, L., Waal, T.: Elements of statistical disclosure control. Springer, Heidelberg (2001)

    Book  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computing Laboratory, Oxford University, Wolfson Building, Parks Road, Oxford, OX1 3QD, United Kingdom

    David Power, Mark Slaymaker & Andrew Simpson

Authors
  1. David Power
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mark Slaymaker
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Andrew Simpson
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Philips Research, The Netherlands

    Willem Jonker

  2. Information & System Security, Philips Research, High Tech Campus 37 (WY 71), 5656, Eindhoven, AE, The Netherlands

    Milan Petković

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Power, D., Slaymaker, M., Simpson, A. (2005). On Deducibility and Anonymisation in Medical Databases. In: Jonker, W., Petković, M. (eds) Secure Data Management. SDM 2005. Lecture Notes in Computer Science, vol 3674. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11552338_12

Download citation

  • DOI: https://doi.org/10.1007/11552338_12

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-28798-8

  • Online ISBN: 978-3-540-31974-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation