Are My EHRs Private Enough? Event-Level Privacy Protection

Privacy is a major concern in sharing human subject data to researchers for secondary analyses. A simple binary consent (opt-in or not) may significantly reduce the amount of sharable data, since many patients might only be concerned about a few sensitive medical conditions rather than the entire me...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	IEEE/ACM transactions on computational biology and bioinformatics 2019-01, Vol.16 (1), p.103-112
Hauptverfasser:	Mao, Chengsheng, Zhao, Yuan, Sun, Mengxin, Luo, Yuan
Format:	Artikel
Sprache:	eng
Schlagworte:	Ablation Computer Security - standards Confidentiality Data privacy data sharing Databases, Factual Diseases Drugs Electronic Health Records Electronic medical records Feasibility studies feature ablation Healthcare privacy Humans Information Dissemination Machine Learning Medical diagnostic imaging Medical records Privacy Task analysis
Online-Zugang:	Volltext bestellen
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	112
container_issue	1
container_start_page	103
container_title	IEEE/ACM transactions on computational biology and bioinformatics
container_volume	16
creator	Mao, Chengsheng Zhao, Yuan Sun, Mengxin Luo, Yuan
description	Privacy is a major concern in sharing human subject data to researchers for secondary analyses. A simple binary consent (opt-in or not) may significantly reduce the amount of sharable data, since many patients might only be concerned about a few sensitive medical conditions rather than the entire medical records. We propose event-level privacy protection, and develop a feature ablation method to protect event-level privacy in electronic medical records. Using a list of 13 sensitive diagnoses, we evaluate the feasibility and the efficacy of the proposed method. As feature ablation progresses, the identifiability of a sensitive medical condition decreases with varying speeds on different diseases. We find that these sensitive diagnoses can be divided into three categories: (1) five diseases have fast declining identifiability (AUC below 0.6 with less than 400 features excluded); (2) seven diseases with progressively declining identifiability (AUC below 0.7 with between 200 and 700 features excluded); and (3) one disease with slowly declining identifiability (AUC above 0.7 with 1,000 features excluded). The fact that the majority (12 out of 13) of the sensitive diseases fall into the first two categories suggests the potential of the proposed feature ablation method as a solution for event-level record privacy protection.
doi_str_mv	10.1109/TCBB.2018.2850037
format	Article
fullrecord	<record><control><sourceid>proquest_RIE</sourceid><recordid>TN_cdi_crossref_primary_10_1109_TCBB_2018_2850037</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>8395018</ieee_id><sourcerecordid>2177336879</sourcerecordid><originalsourceid>FETCH-LOGICAL-c447t-5e8d0b705a5e4741a5d090c67c4ac05d7c2e9eae35eac5db7c8129f5bdd4600c3</originalsourceid><addsrcrecordid>eNpdkU9LI0EQxRtR1FU_gAgy4GUvE6v_TU97UDRkVyGiiJ6bTk9FRybT2j0TyLffDolh9VQF71ePejxCjikMKAV9_jy8uRkwoOWAlRKAqy2yT6VUudaF2F7uQuZSF3yP_IrxHYAJDWKX7DGttRCl2icX1wGz-0U2un2K2WOo57bDbNT6_vXtKhvNse3yMc6xWWlukabv0HW1bw_JztQ2EY_W84C8_Bk9D2_z8cPfu-H1OHdCqC6XWFYwUSCtRKEEtbICDa5QTlgHslKOoUaLXKJ1spooV1Kmp3JSVaIAcPyAXK58P_rJDCuXfgq2MR-hntmwMN7W5rvS1m_m1c9NIQTlmiWD32uD4D97jJ2Z1dFh09gWfR8Ng6LkAjjIhJ79QN99H9oUzzCqFOdFqXSi6IpywccYcLp5hoJZNmOWzZhlM2bdTLo5_T_F5uKrigScrIAaETdyybVMNvwfnrqRgw</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2177336879</pqid></control><display><type>article</type><title>Are My EHRs Private Enough? Event-Level Privacy Protection</title><source>IEEE Electronic Library (IEL)</source><creator>Mao, Chengsheng ; Zhao, Yuan ; Sun, Mengxin ; Luo, Yuan</creator><creatorcontrib>Mao, Chengsheng ; Zhao, Yuan ; Sun, Mengxin ; Luo, Yuan</creatorcontrib><description>Privacy is a major concern in sharing human subject data to researchers for secondary analyses. A simple binary consent (opt-in or not) may significantly reduce the amount of sharable data, since many patients might only be concerned about a few sensitive medical conditions rather than the entire medical records. We propose event-level privacy protection, and develop a feature ablation method to protect event-level privacy in electronic medical records. Using a list of 13 sensitive diagnoses, we evaluate the feasibility and the efficacy of the proposed method. As feature ablation progresses, the identifiability of a sensitive medical condition decreases with varying speeds on different diseases. We find that these sensitive diagnoses can be divided into three categories: (1) five diseases have fast declining identifiability (AUC below 0.6 with less than 400 features excluded); (2) seven diseases with progressively declining identifiability (AUC below 0.7 with between 200 and 700 features excluded); and (3) one disease with slowly declining identifiability (AUC above 0.7 with 1,000 features excluded). The fact that the majority (12 out of 13) of the sensitive diseases fall into the first two categories suggests the potential of the proposed feature ablation method as a solution for event-level record privacy protection.</description><identifier>ISSN: 1545-5963</identifier><identifier>ISSN: 1557-9964</identifier><identifier>EISSN: 1557-9964</identifier><identifier>DOI: 10.1109/TCBB.2018.2850037</identifier><identifier>PMID: 29994487</identifier><identifier>CODEN: ITCBCY</identifier><language>eng</language><publisher>United States: IEEE</publisher><subject>Ablation ; Computer Security - standards ; Confidentiality ; Data privacy ; data sharing ; Databases, Factual ; Diseases ; Drugs ; Electronic Health Records ; Electronic medical records ; Feasibility studies ; feature ablation ; Healthcare privacy ; Humans ; Information Dissemination ; Machine Learning ; Medical diagnostic imaging ; Medical records ; Privacy ; Task analysis</subject><ispartof>IEEE/ACM transactions on computational biology and bioinformatics, 2019-01, Vol.16 (1), p.103-112</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2019</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c447t-5e8d0b705a5e4741a5d090c67c4ac05d7c2e9eae35eac5db7c8129f5bdd4600c3</citedby><cites>FETCH-LOGICAL-c447t-5e8d0b705a5e4741a5d090c67c4ac05d7c2e9eae35eac5db7c8129f5bdd4600c3</cites><orcidid>0000-0002-1515-9626 ; 0000-0003-0195-7456</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/8395018$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>230,314,776,780,792,881,27901,27902,54733</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/8395018$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc><backlink>$$Uhttps://www.ncbi.nlm.nih.gov/pubmed/29994487$$D View this record in MEDLINE/PubMed$$Hfree_for_read</backlink></links><search><creatorcontrib>Mao, Chengsheng</creatorcontrib><creatorcontrib>Zhao, Yuan</creatorcontrib><creatorcontrib>Sun, Mengxin</creatorcontrib><creatorcontrib>Luo, Yuan</creatorcontrib><title>Are My EHRs Private Enough? Event-Level Privacy Protection</title><title>IEEE/ACM transactions on computational biology and bioinformatics</title><addtitle>TCBB</addtitle><addtitle>IEEE/ACM Trans Comput Biol Bioinform</addtitle><description>Privacy is a major concern in sharing human subject data to researchers for secondary analyses. A simple binary consent (opt-in or not) may significantly reduce the amount of sharable data, since many patients might only be concerned about a few sensitive medical conditions rather than the entire medical records. We propose event-level privacy protection, and develop a feature ablation method to protect event-level privacy in electronic medical records. Using a list of 13 sensitive diagnoses, we evaluate the feasibility and the efficacy of the proposed method. As feature ablation progresses, the identifiability of a sensitive medical condition decreases with varying speeds on different diseases. We find that these sensitive diagnoses can be divided into three categories: (1) five diseases have fast declining identifiability (AUC below 0.6 with less than 400 features excluded); (2) seven diseases with progressively declining identifiability (AUC below 0.7 with between 200 and 700 features excluded); and (3) one disease with slowly declining identifiability (AUC above 0.7 with 1,000 features excluded). The fact that the majority (12 out of 13) of the sensitive diseases fall into the first two categories suggests the potential of the proposed feature ablation method as a solution for event-level record privacy protection.</description><subject>Ablation</subject><subject>Computer Security - standards</subject><subject>Confidentiality</subject><subject>Data privacy</subject><subject>data sharing</subject><subject>Databases, Factual</subject><subject>Diseases</subject><subject>Drugs</subject><subject>Electronic Health Records</subject><subject>Electronic medical records</subject><subject>Feasibility studies</subject><subject>feature ablation</subject><subject>Healthcare privacy</subject><subject>Humans</subject><subject>Information Dissemination</subject><subject>Machine Learning</subject><subject>Medical diagnostic imaging</subject><subject>Medical records</subject><subject>Privacy</subject><subject>Task analysis</subject><issn>1545-5963</issn><issn>1557-9964</issn><issn>1557-9964</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2019</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><sourceid>EIF</sourceid><recordid>eNpdkU9LI0EQxRtR1FU_gAgy4GUvE6v_TU97UDRkVyGiiJ6bTk9FRybT2j0TyLffDolh9VQF71ePejxCjikMKAV9_jy8uRkwoOWAlRKAqy2yT6VUudaF2F7uQuZSF3yP_IrxHYAJDWKX7DGttRCl2icX1wGz-0U2un2K2WOo57bDbNT6_vXtKhvNse3yMc6xWWlukabv0HW1bw_JztQ2EY_W84C8_Bk9D2_z8cPfu-H1OHdCqC6XWFYwUSCtRKEEtbICDa5QTlgHslKOoUaLXKJ1spooV1Kmp3JSVaIAcPyAXK58P_rJDCuXfgq2MR-hntmwMN7W5rvS1m_m1c9NIQTlmiWD32uD4D97jJ2Z1dFh09gWfR8Ng6LkAjjIhJ79QN99H9oUzzCqFOdFqXSi6IpywccYcLp5hoJZNmOWzZhlM2bdTLo5_T_F5uKrigScrIAaETdyybVMNvwfnrqRgw</recordid><startdate>20190101</startdate><enddate>20190101</enddate><creator>Mao, Chengsheng</creator><creator>Zhao, Yuan</creator><creator>Sun, Mengxin</creator><creator>Luo, Yuan</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>CGR</scope><scope>CUY</scope><scope>CVF</scope><scope>ECM</scope><scope>EIF</scope><scope>NPM</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7QF</scope><scope>7QO</scope><scope>7QQ</scope><scope>7SC</scope><scope>7SE</scope><scope>7SP</scope><scope>7SR</scope><scope>7TA</scope><scope>7TB</scope><scope>7U5</scope><scope>8BQ</scope><scope>8FD</scope><scope>F28</scope><scope>FR3</scope><scope>H8D</scope><scope>JG9</scope><scope>JQ2</scope><scope>KR7</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><scope>P64</scope><scope>7X8</scope><scope>5PM</scope><orcidid>https://orcid.org/0000-0002-1515-9626</orcidid><orcidid>https://orcid.org/0000-0003-0195-7456</orcidid></search><sort><creationdate>20190101</creationdate><title>Are My EHRs Private Enough? Event-Level Privacy Protection</title><author>Mao, Chengsheng ; Zhao, Yuan ; Sun, Mengxin ; Luo, Yuan</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c447t-5e8d0b705a5e4741a5d090c67c4ac05d7c2e9eae35eac5db7c8129f5bdd4600c3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2019</creationdate><topic>Ablation</topic><topic>Computer Security - standards</topic><topic>Confidentiality</topic><topic>Data privacy</topic><topic>data sharing</topic><topic>Databases, Factual</topic><topic>Diseases</topic><topic>Drugs</topic><topic>Electronic Health Records</topic><topic>Electronic medical records</topic><topic>Feasibility studies</topic><topic>feature ablation</topic><topic>Healthcare privacy</topic><topic>Humans</topic><topic>Information Dissemination</topic><topic>Machine Learning</topic><topic>Medical diagnostic imaging</topic><topic>Medical records</topic><topic>Privacy</topic><topic>Task analysis</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Mao, Chengsheng</creatorcontrib><creatorcontrib>Zhao, Yuan</creatorcontrib><creatorcontrib>Sun, Mengxin</creatorcontrib><creatorcontrib>Luo, Yuan</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998–Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>Medline</collection><collection>MEDLINE</collection><collection>MEDLINE (Ovid)</collection><collection>MEDLINE</collection><collection>MEDLINE</collection><collection>PubMed</collection><collection>CrossRef</collection><collection>Aluminium Industry Abstracts</collection><collection>Biotechnology Research Abstracts</collection><collection>Ceramic Abstracts</collection><collection>Computer and Information Systems Abstracts</collection><collection>Corrosion Abstracts</collection><collection>Electronics & Communications Abstracts</collection><collection>Engineered Materials Abstracts</collection><collection>Materials Business File</collection><collection>Mechanical & Transportation Engineering Abstracts</collection><collection>Solid State and Superconductivity Abstracts</collection><collection>METADEX</collection><collection>Technology Research Database</collection><collection>ANTE: Abstracts in New Technology & Engineering</collection><collection>Engineering Research Database</collection><collection>Aerospace Database</collection><collection>Materials Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Civil Engineering Abstracts</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><collection>Biotechnology and BioEngineering Abstracts</collection><collection>MEDLINE - Academic</collection><collection>PubMed Central (Full Participant titles)</collection><jtitle>IEEE/ACM transactions on computational biology and bioinformatics</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Mao, Chengsheng</au><au>Zhao, Yuan</au><au>Sun, Mengxin</au><au>Luo, Yuan</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Are My EHRs Private Enough? Event-Level Privacy Protection</atitle><jtitle>IEEE/ACM transactions on computational biology and bioinformatics</jtitle><stitle>TCBB</stitle><addtitle>IEEE/ACM Trans Comput Biol Bioinform</addtitle><date>2019-01-01</date><risdate>2019</risdate><volume>16</volume><issue>1</issue><spage>103</spage><epage>112</epage><pages>103-112</pages><issn>1545-5963</issn><issn>1557-9964</issn><eissn>1557-9964</eissn><coden>ITCBCY</coden><abstract>Privacy is a major concern in sharing human subject data to researchers for secondary analyses. A simple binary consent (opt-in or not) may significantly reduce the amount of sharable data, since many patients might only be concerned about a few sensitive medical conditions rather than the entire medical records. We propose event-level privacy protection, and develop a feature ablation method to protect event-level privacy in electronic medical records. Using a list of 13 sensitive diagnoses, we evaluate the feasibility and the efficacy of the proposed method. As feature ablation progresses, the identifiability of a sensitive medical condition decreases with varying speeds on different diseases. We find that these sensitive diagnoses can be divided into three categories: (1) five diseases have fast declining identifiability (AUC below 0.6 with less than 400 features excluded); (2) seven diseases with progressively declining identifiability (AUC below 0.7 with between 200 and 700 features excluded); and (3) one disease with slowly declining identifiability (AUC above 0.7 with 1,000 features excluded). The fact that the majority (12 out of 13) of the sensitive diseases fall into the first two categories suggests the potential of the proposed feature ablation method as a solution for event-level record privacy protection.</abstract><cop>United States</cop><pub>IEEE</pub><pmid>29994487</pmid><doi>10.1109/TCBB.2018.2850037</doi><tpages>10</tpages><orcidid>https://orcid.org/0000-0002-1515-9626</orcidid><orcidid>https://orcid.org/0000-0003-0195-7456</orcidid><oa>free_for_read</oa></addata></record>
fulltext	fulltext_linktorsrc
identifier	ISSN: 1545-5963
ispartof	IEEE/ACM transactions on computational biology and bioinformatics, 2019-01, Vol.16 (1), p.103-112
issn	1545-5963 1557-9964 1557-9964
language	eng
recordid	cdi_crossref_primary_10_1109_TCBB_2018_2850037
source	IEEE Electronic Library (IEL)
subjects	Ablation Computer Security - standards Confidentiality Data privacy data sharing Databases, Factual Diseases Drugs Electronic Health Records Electronic medical records Feasibility studies feature ablation Healthcare privacy Humans Information Dissemination Machine Learning Medical diagnostic imaging Medical records Privacy Task analysis
title	Are My EHRs Private Enough? Event-Level Privacy Protection
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-12T03%3A48%3A11IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Are%20My%20EHRs%20Private%20Enough?%20Event-Level%20Privacy%20Protection&rft.jtitle=IEEE/ACM%20transactions%20on%20computational%20biology%20and%20bioinformatics&rft.au=Mao,%20Chengsheng&rft.date=2019-01-01&rft.volume=16&rft.issue=1&rft.spage=103&rft.epage=112&rft.pages=103-112&rft.issn=1545-5963&rft.eissn=1557-9964&rft.coden=ITCBCY&rft_id=info:doi/10.1109/TCBB.2018.2850037&rft_dat=%3Cproquest_RIE%3E2177336879%3C/proquest_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2177336879&rft_id=info:pmid/29994487&rft_ieee_id=8395018&rfr_iscdi=true