Protecting medical data for analyses

In the last few decades, medical data has mainly been a by-product of daily operations. In general, not much has been used for analytical purposes, other than reporting and simple statistics. Just recently, it has become clear that data are important assets if used for analyses that help decision-making. To be able to analyse the data, one needs to have full access to the relevant sources. This may contradict one of the paramount requirements - to have secure, private data - especially if the data analyst is outsourced and not directly affiliated with the data owner, as is often the case in medical environments. In this paper, we present data analyses from the data protection point of view. We propose a solution for outsourced model-based data analyses. A formal framework for protecting the data that leaves the organization's boundary, based on the relational data model's abstract data type, is presented. The data and the data structure are modified so that the process of data analysis can still take place and the results can still be obtained, but the data content itself is hard to reveal. Once the data analysis results are returned, the inverse process discloses the meaning of the model to the data owners.