Abstract
Electronic patient medical records contain vast amounts of information of potential value to researchers striving to increase understanding of diseases, treatments, and outcomes. Effective use of such data is limited by privacy and technical concerns. Privacy laws require the removal of Personally Identifiable Information (PII) from the released data. Technical concerns are that the data must be abstracted for consistency across different providers. To be most useful, data from different providers for the same patient must be linked together. This paper applies cryptographic techniques to the problem of privacy-preserving linking of medical records.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
In a recent survey of health care organizations, 70% of respondents reported that their organizations had experienced significant security incidents in the prior 12 months [12].
References
Alhaqbani, B., Fidge, C.: Privacy-preserving electronic health record linkage using pseudonym identifiers. In: 10th International Conference on e-health Networking, Applications and Services, HealthCom 2008, pp. 108–117 (2008). https://doi.org/10.1109/HEALTH.2008.4600120
Bakken, I.J., Ariansen, A.M.S., Knudsen, G.P., Johansen, K.I., Vollset, S.E.: The Norwegian Patient Registry and the Norwegian Registry for Primary Health Care: Research potential of two nationwide health-care registries. Scand. J. Public Health 48(1), 49–55 (2020)
Benaloh, J., de Mare, M.: One-way accumulators: a decentralized alternative to digital signatures. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 274–285. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48285-7_24
Boeyen, S., Santesson, S., Polk, T., Housley, R., Farrell, S., Cooper, D.: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 5280, May 2008. https://doi.org/10.17487/RFC5280
Boffa, D.J., et al.: Using the national cancer database for outcomes research: a review. JAMA Oncol. 3(12), 1722–1728 (2017)
Camenisch, J., Lehmann, A.: Privacy-preserving user-auditable pseudonym systems. In: 2017 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 269–284 (2017). https://doi.org/10.1109/EuroSP.2017.36
Dang, Q.: Secure hash standard, 04 August 2015. https://doi.org/10.6028/NIST.FIPS.180-4
Demuynck, L., De Decker, B.: Privacy-preserving electronic health records. In: Dittmann, J., Katzenbeisser, S., Uhl, A. (eds.) CMS 2005. LNCS, vol. 3677, pp. 150–159. Springer, Heidelberg (2005). https://doi.org/10.1007/11552055_15
Franke, M., Sehili, Z., Rahm, E.: PRIMAT: a toolbox for fast privacy-preserving matching. Proc. VLDB Endow. 12(12), 1826–1829 (2019). https://doi.org/10.14778/3352063.3352076
von Goethe, J.W.: The Sorrows of Young Werther. Oxford World’s Classics, Oxford, (tr.) David Constantine, online edn., December 2020. https://doi.org/10.1093/owc/9780199583027.001.0001, Accessed 25 Sept 2021
Google Cloud Key Management Service: Key rotation. https://cloud.google.com/kms/docs/key-rotation. Accessed 26 Sept 2021
HIMSS Cybersecurity Survey (2020). https://www.himss.org/sites/hde/files/media/file/2020/11/16/2020_himss_cybersecurity_survey_final.pdf
Jones, M., Bradley, J., Sakimura, N.: JSON Web Token (JWT). RFC 7519, May 2015. https://doi.org/10.17487/RFC7519
Knuth, D.E.: The Art of Computer Programming, vol. 2: Seminumerical Algorithms, 3rd edn. Addison-Wesley Professional (1998)
Kolata, G.: Your Data were ‘Anonymized’? These Scientists Can Still Identify You. The New York Times, 23 July 2019. https://www.nytimes.com/2019/07/23/health/data-privacy-protection.html
Kumar, A., et al.: Evaluation of the use of cancer registry data for comparative effectiveness research. JAMA Netw. Open 3(7), e2011985 (2020). https://doi.org/10.1001/jamanetworkopen.2020.11985
Pohlig, S., Hellman, M.: An improved algorithm for computing logarithms over GF(p) and its cryptographic significance (Corresp.). IEEE Trans. Inf. Theory 24(1), 106–110 (1978). https://doi.org/10.1109/TIT.1978.1055817
Salazar, M.C., et al.: Association of delayed adjuvant chemotherapy with survival after lung cancer surgery. JAMA Oncol. 3(5), 610–619 (2017). https://doi.org/10.1001/jamaoncol.2016.5829
Shoup, V.: A Computational Introduction to Number Theory and Algebra, chap. 5.5.5 Sophie Germain Primes, 2nd edn., pp. 123–124. Cambridge University Press, February 2009. ISBN 9780521516440
Vatsalan, D., Christen, P., Verykios, V.S.: A taxonomy of privacy-preserving record linkage techniques. Inf. Syst. 38(6), 946–969 (2013). https://doi.org/10.1016/j.is.2012.11.005
Wikipedia contributors: Hanlon’s razor – Wikipedia, The Free Encyclopedia (2021). https://en.wikipedia.org/w/index.php?title=Hanlon’s_razor&oldid=1045571584. Accessed 24 Sept 2021
Acknowledgments
We are grateful to Ewa Syta of Trinity College (Connecticut) for a thorough reading of an early draft of this paper and for providing many helpful comments and pointers to the relevant literature. We thank Bonnie Kaplan of the Yale School of Medicine for sharing her vast knowledge of the world of electronic health data with us. Lastly, we are indebted to Alice Fischer from the University of New Haven, who scrutinized our nearly final draft.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Fischer, M.J., Hochman, J.E., Boffa, D. (2021). Privacy-Preserving Data Sharing for Medical Research. In: Johnen, C., Schiller, E.M., Schmid, S. (eds) Stabilization, Safety, and Security of Distributed Systems. SSS 2021. Lecture Notes in Computer Science(), vol 13046. Springer, Cham. https://doi.org/10.1007/978-3-030-91081-5_6
Download citation
DOI: https://doi.org/10.1007/978-3-030-91081-5_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-91080-8
Online ISBN: 978-3-030-91081-5
eBook Packages: Computer ScienceComputer Science (R0)