Li Xiong CS573 Data Privacy and Security Healthcare privacy and security: Genomic data privacy.

Slides:



Advertisements
Similar presentations
29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY.
Advertisements

HIPAA and its Implications on Epidemiological Research Using Large Databases K. Arnold Chan, MD, ScD Harvard School of Public Health Channing Laboratory,
1 Bernie LaSalle Biomedical Informatics Dept University of Utah CCTS.
Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.
Using ICD Codes and Birth Records to Prevent Mismatches of Multiple Births in Linked Hospital Readmission Data Alison Fraser 1, MSPH, Zhiwei Liu 2, MS,
“Mortgages, Privacy, and Deidentified Data” Professor Peter Swire Ohio State University Center for American Progress Consumer Financial Protection Bureau.
DNA FINGERPRINTING - AN ETHICAL ISSUE?. Student Activity  Who discovered DNA? and at which university?  What is DNA?  In what year do you think DNA.
KEY CONCEPT DNA fingerprints identify people at the molecular level.
UTEPComputer Science Dept.1 University of Texas at El Paso Privacy in Statistical Databases Dr. Luc Longpré Computer Science Department Spring 2006.
K Beyond k-Anonimity: A Decision Theoretic Framework for Assessing Privacy Risk M.Scannapieco, G.Lebanon, M.R.Fouad and E.Bertino.
C MU U sable P rivacy and S ecurity Laboratory 1 Privacy Policy, Law and Technology Data Privacy October 30, 2008.
CUMC IRB Investigator Meeting November 9, 2004 Research Use of Stored Data and Tissues.
Views Chapter 12. What Are Views? A virtual table that comprises the fields of one or more tables in the database It is a virtual table since it does.
Attacks against K-anonymity
BTRIS: The NIH Biomedical Translational Research Information System James J. Cimino Chief, Laboratory for Informatics Development NIH Clinical Center.
Privacy Policy, Law and Technology Carnegie Mellon University Fall 2007 Lorrie Cranor 1 Data Privacy.
BridgeServer Application Overview BridgeServer is a data extraction tool used to organize the exchange of information between databases. BridgeServer provides.
Improving Data Quality and Quality Assurance in Newborn Screening by Including the Bloodspot Screening Collection Device Serial Number on Birth Certificates.
1 VUMC Confidentiality Policy and HIPAA Implications for Clinical Research General Clinical Research Center Skills Workshop March 2, 2007 Gaye Smith Privacy.
Human Research Protection Programs 1a: How to Navigate Human Subject Protection Regulations Sponsored by the American Society for Investigative Pathology.
Meeting The Technical Security Needs Primary and Secondary use of EHR systems Filip De Meyer
NIH Data Sharing Policy University of Nebraska Medical Center.
De-identifying Pathology Reports for Pathology Informatics
Health information that does not identify an individual and with respect to which there is no reasonable basis to believe that the information can be.
Future Use of Stored Samples & Data and the NIH Policy on GWAS and dbGaP NIAID/DAIDS Dione Washington, M.S. -- ProPEP Sudha Srinivasan, Ph.D.-- TRP Tanisha.
OHT 11.1 © Marketing Insights Limited 2004 Chapter 9 Analysis and Design EC Security.
Tragedy of the Deidentified Data Commons An Appeal for Transparency and Access Jane Bambauer James E. Rogers College of Law University of Arizona.
0 Craig Miller Vice President, Health Strategy and Innovation Health Information Exchange: Facilitating data sharing between public.
July 31, 2009Prepared by the Maine Health Information Center Overview of All Payer Claims Data Suanne Singer, Senior Consultant Maine Health Information.
Patient Data Security and Privacy Lecture # 7 PHCL 498 Amar Hijazi, Majed Alameel, Mona AlMehaid.
Gateway to the Future: Improving the National Vital Statistics System St. Louis, MO June 6 th – June 10 th, 2010 Use of Vital Records for Research: What’s.
Integration of Clinical Workflows with Privacy Policies on a Common Semantic Domain Jan Werner, Bradley Malin, Yonghwan Lee, Akos Ledeczi, Janos Sztipanovits.
De-Identification Jules J. Berman, Ph.D., M.D. Panel #: 1, March 8.
1 Linking Registry Data: Technical and Legal Considerations Sara Rosenbaum, JD George Washington University Alan F. Karr, PhD National Institute of Statistical.
HIPAA SURVIVAL SKILLS: An Update University of Miami1 Marisabel Davalos, M.S.Ed., CIP Associate Director of Educational Initiatives November, 2008.
Dimensions of Privacy 18739A: Foundations of Security and Privacy Anupam Datta Fall 2009.
Lecture 17 Page 1 CS 236 Online Privacy CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Facilitate Scientific Data Sharing by Sharing Informatics Tools and Standards Belinda Seto and James Luo National Institute of Biomedical Imaging and Bioengineering.
De-identification: A Critical Success Factor in Clinical and Population Research Steven Merahn MD Dee Lang, RHIT Prepared for 2007 APIII Pittsburgh, PA.
Data Anonymization – Introduction and k-anonymity Li Xiong CS573 Data Privacy and Security.
1 Ethical issues in genomics research Bernard Lo, M.D. March 3, 2009.
Can you eat your cake and have it too? S haring healthcare data without compromising privacy or confidentiality 12 th National HIPAA Summit Concurrent.
Creating Open Data whilst maintaining confidentiality Philip Lowthian, Caroline Tudor Office for National Statistics 1.
Anonymity and Privacy Issues --- re-identification
Use of Data from the Electronic Medical Record in Research Opportunities & Pit Falls Kristin West.
Probabilistic km-anonymity (Efficient Anonymization of Large Set-valued Datasets) Gergely Acs (INRIA) Jagdish Achara (INRIA)
PCOR Privacy and Security Research Scenario Initiative and Legal Analysis and Ethics Framework Development Welcome and Please Sign In »Please sign into.
PCOR Privacy and Security Research Scenario Initiative and Legal Analysis and Ethics Framework Development Welcome and Please Sign In »Please sign into.
Biomedical Informatics Research Network DATA SHARING HIPAA Compliance & IRB Approvals Martha Payne, Jeffrey Grethe October 10, nd Annual All Hands.
ROLE OF ANONYMIZATION FOR DATA PROTECTION Irene Schluender and Murat Sariyar (TMF)
Table of Contents. Lessons 1. Introduction to HIPAA Go Go 2. The Privacy Rule Go Go.
Research Tools Brought to you by the Clinical and Translational Science Institute Presented by: Terri Shkuda Systems Analyst Research Informatics The Penn.
Minding HIPAA & IRBs Cave Fatuis!. Elements HIPAA definitions of identifiable data Reducing risk of identifying people Research and IRB approval Business.
PCOR Privacy and Security Research Scenario Initiative and Legal Analysis and Ethics Framework Development Welcome and Please Sign In »Please sign into.
IT 5433 LM3 Relational Data Model. Learning Objectives: List the 5 properties of relations List the properties of a candidate key, primary key and foreign.
South East Public Health Observatory Hospital Episodes Statistics (HES) Steve Morgan - Senior Public Health Intelligence Analyst - SEPHO Day 2 – Session.
Honest Brokers for Secure De- identification of Patient Records Project – CSE 5810 – Introduction to Biomedical Informatics Krishna Kalaparti Date: 04/20/2016.
PCOR Privacy and Security Research Scenario Initiative and Legal Analysis and Ethics Framework Development Welcome and Please Sign In »Please sign into.
An agency of the European Union Guidance on the anonymisation of clinical reports for the purpose of publication in accordance with policy 0070 Industry.
Design of Case Report Forms
ACHIEVING k-ANONYMITY PRIVACY PROTECTION USING GENERALIZATION AND SUPPRESSION International Journal on Uncertainty, Fuzziness and Knowledge-based Systems,
Privacy Preserving Record Linkage
By (Group 17) Mahesha Yelluru Rao Surabhee Sinha Deep Vakharia
KEY CONCEPT DNA fingerprints identify people at the molecular level.
KEY CONCEPT DNA fingerprints identify people at the molecular level.
KEY CONCEPT DNA fingerprints identify people at the molecular level.
Presented by : SaiVenkatanikhil Nimmagadda
KEY CONCEPT DNA fingerprints identify people at the molecular level.
The European Union’s General Data Protection Regulation (GDPR): Overview and Guidance SUNY Office of General Counsel Spring 2019.
KEY CONCEPT DNA fingerprints identify people at the molecular level.
Presentation transcript:

Li Xiong CS573 Data Privacy and Security Healthcare privacy and security: Genomic data privacy

Genomic data are increasingly collected, stored, and shared in research and clinical environments Genomic data are person-specific (there exists no public registrar that maps genomes to names of individuals) Genomic data is not specified as an identifying patient attribute under HIPAA privacy rule and may be released for public research purposes How can person-specific DNA be shared, such that it cannot be associated to its explicit identity?

Data sharing scenario John Smith admitted to a local hospital which stores clinical and DNA information John visits other hospitals The hospital forward certain DNA data onto a research group, with institution and pseudonyms of the patients The hospital sends identified discharge record onto a state-controlled database

Data at a specific location Identified table of patient demographics De-identified DNA sequences Can we uniquely link identified data to DNA data?

Data at multiple locations Each site has an identified table and de-identified DNA sequences Can we uniquely link identified data to DNA data?

Trails The set of locations each patient visited is called a trail The trails can be tracked and matched to link DNA data to identified data

REIDIT-Complete Re-identification of data in trails (REIDIT) for complete publishing If there is a unique trail match, then a re- identification occurred

Results

REIDIT-C reidentification Re-identifiability related to average # people per location

Reserved publishing Data releasers can reserve certain information N is reserved to P vs. P is reserved to N

REIDIT - Incomplete REIDIT for reserved publishing For each trail in the track with incomplete trails, if there is only one supertrail, then a re- identification occurred Remove the re-identified supertrail Important because a trail can be a supertrail to many trails Repeat the process

REIDIT-Incomplete 0.0, 0.1, 0.5, 0.9: probability of reserving information; hospital rank based on # of patients

Can masking location help? Not necessarily!

Comments and open issues Can k-anonymity solve the problem? Pseudonyms subject to dictionary attacks, how to allow linkage of the data without pseudonyms Genomic protection methods incorporating utility of the genomic data

De-identification e.g. Utah Resource for Genetic and Epidemiologic Research (RGE)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.