Practicing differential privacy in health care: A review

Fida K. Dankar; Khaled El Emam

Practicing differential privacy in health care: A review

Fida K. Dankar, Khaled El Emam

Research output: Contribution to journal › Review article › peer-review

Abstract

Differential privacy has gained a lot of attention in recent years as a general model for the protection of personal information when used and disclosed for secondary purposes. It has also been proposed as an appropriate model for protecting health data. In this paper we review the current literature on differential privacy and highlight important general limitations to the model and the proposed mechanisms. We then examine some practical challenges to the application of differential privacy to health data. The most severe limitation is the theoretical nature of the privacy parameter ε. It has implications on our ability to quantify the level of anonymization that would be guaranteed to patients, as well as assessing responsibilities when a privacy breach occurs. The review concludes by identifying the areas that researchers and practitioners need to address to increase the adoption of differential privacy for health data.

Original language	English
Pages (from-to)	35-67
Number of pages	33
Journal	Transactions on Data Privacy
Volume	6
Issue number	1
Publication status	Published - 2013
Externally published	Yes

ASJC Scopus subject areas

Software
Statistics and Probability

Cite this

@article{0d98eddb438b4b85bf3d8a1d19e65f1d,

title = "Practicing differential privacy in health care: A review",

abstract = "Differential privacy has gained a lot of attention in recent years as a general model for the protection of personal information when used and disclosed for secondary purposes. It has also been proposed as an appropriate model for protecting health data. In this paper we review the current literature on differential privacy and highlight important general limitations to the model and the proposed mechanisms. We then examine some practical challenges to the application of differential privacy to health data. The most severe limitation is the theoretical nature of the privacy parameter ε. It has implications on our ability to quantify the level of anonymization that would be guaranteed to patients, as well as assessing responsibilities when a privacy breach occurs. The review concludes by identifying the areas that researchers and practitioners need to address to increase the adoption of differential privacy for health data.",

author = "Dankar, {Fida K.} and {El Emam}, Khaled",

year = "2013",

language = "English",

volume = "6",

pages = "35--67",

journal = "Transactions on Data Privacy",

issn = "1888-5063",

publisher = "Institut d'Investigacio en Intel-ligencia Artificial - Consejo Superior Investigaciones Cientificas (IIIA-CSIC)",

number = "1",

}

TY - JOUR

T1 - Practicing differential privacy in health care

T2 - A review

AU - Dankar, Fida K.

AU - El Emam, Khaled

PY - 2013

Y1 - 2013

N2 - Differential privacy has gained a lot of attention in recent years as a general model for the protection of personal information when used and disclosed for secondary purposes. It has also been proposed as an appropriate model for protecting health data. In this paper we review the current literature on differential privacy and highlight important general limitations to the model and the proposed mechanisms. We then examine some practical challenges to the application of differential privacy to health data. The most severe limitation is the theoretical nature of the privacy parameter ε. It has implications on our ability to quantify the level of anonymization that would be guaranteed to patients, as well as assessing responsibilities when a privacy breach occurs. The review concludes by identifying the areas that researchers and practitioners need to address to increase the adoption of differential privacy for health data.

AB - Differential privacy has gained a lot of attention in recent years as a general model for the protection of personal information when used and disclosed for secondary purposes. It has also been proposed as an appropriate model for protecting health data. In this paper we review the current literature on differential privacy and highlight important general limitations to the model and the proposed mechanisms. We then examine some practical challenges to the application of differential privacy to health data. The most severe limitation is the theoretical nature of the privacy parameter ε. It has implications on our ability to quantify the level of anonymization that would be guaranteed to patients, as well as assessing responsibilities when a privacy breach occurs. The review concludes by identifying the areas that researchers and practitioners need to address to increase the adoption of differential privacy for health data.

UR - http://www.scopus.com/inward/record.url?scp=84877081683&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84877081683&partnerID=8YFLogxK

M3 - Review article

AN - SCOPUS:84877081683

SN - 1888-5063

VL - 6

SP - 35

EP - 67

JO - Transactions on Data Privacy

JF - Transactions on Data Privacy

IS - 1

ER -

Practicing differential privacy in health care: A review

Abstract

ASJC Scopus subject areas

Other files and links

Fingerprint

Cite this