Privacy preserving data anonymization of spontaneous ADE reporting system dataset

Lin, Wen-Yang; Yang, Duen-Chuan; Wang, Jie-Teng

doi:10.1186/s12911-016-0293-4

Cited by 20 publications

(21 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…As possible future works, we can design new anonymization methods that can satisfy h -ceiling with other privacy preserving models such as l -diversity, t -closeness, or MS( k , θ ∗ )-anonymity [ 20 – 22 ]. In this paper, we considered only the full-domain generalization which is the most widely used anonymization methodology especially in health/medical domains [ 16 , 17 , 23 , 24 ].…”

Section: Discussionmentioning

confidence: 99%

Utility-preserving anonymization for health data publishing

Lee

Kim

et al. 2017

BMC Med Inform Decis Mak

View full text Add to dashboard Cite

BackgroundPublishing raw electronic health records (EHRs) may be considered as a breach of the privacy of individuals because they usually contain sensitive information. A common practice for the privacy-preserving data publishing is to anonymize the data before publishing, and thus satisfy privacy models such as k-anonymity. Among various anonymization techniques, generalization is the most commonly used in medical/health data processing. Generalization inevitably causes information loss, and thus, various methods have been proposed to reduce information loss. However, existing generalization-based data anonymization methods cannot avoid excessive information loss and preserve data utility.MethodsWe propose a utility-preserving anonymization for privacy preserving data publishing (PPDP). To preserve data utility, the proposed method comprises three parts: (1) utility-preserving model, (2) counterfeit record insertion, (3) catalog of the counterfeit records. We also propose an anonymization algorithm using the proposed method. Our anonymization algorithm applies full-domain generalization algorithm. We evaluate our method in comparison with existence method on two aspects, information loss measured through various quality metrics and error rate of analysis result.ResultsWith all different types of quality metrics, our proposed method show the lower information loss than the existing method. In the real-world EHRs analysis, analysis results show small portion of error between the anonymized data through the proposed method and original data.ConclusionsWe propose a new utility-preserving anonymization method and an anonymization algorithm using the proposed method. Through experiments on various datasets, we show that the utility of EHRs anonymized by the proposed method is significantly better than those anonymized by previous approaches.

show abstract

Section: Discussionmentioning

confidence: 99%

Utility-preserving anonymization for health data publishing

Lee

Kim

et al. 2017

BMC Med Inform Decis Mak

View full text Add to dashboard Cite

show abstract

“…Dangerous Identity Ratio(DIR) [21][22] and Dangerous Sensitivity Ratio (DSR) [21][22] are used to evaluate the security of publishing methods. We call a group as a dangerous identity group (DIG) if the number of records in the group is less than threshold k. If a group contains at least one sensitive value v i whose frequency is higher than its threshold θ i , we call it as a dangerous sensitivity group (DSG).…”

Section: Securitymentioning

confidence: 99%

Improved privacy preserving method for periodical SRS publishing

Huang

Zhu

et al. 2021

PLoS ONE

View full text Add to dashboard Cite

Spontaneous reporting systems (SRSs) are used to collect adverse drug events (ADEs) for their evaluation and analysis. Periodical SRS data publication gives rise to a problem where sensitive, private data can be discovered through various attacks. The existing SRS data publishing methods are vulnerable to Medicine Discontinuation Attack(MD-attack) and Substantial symptoms-attack(SS-attack). To remedy this problem, an improved periodical SRS data publishing—PPMS(k, θ, ɑ)-bounding is proposed. This new method can recognize MD-attack by ensuring that each equivalence group contains at least k new medicine discontinuation records. The SS-attack can be thwarted using a heuristic algorithm. Theoretical analysis indicates that PPMS(k, θ, ɑ)-bounding can thwart the above-mentioned attacks. The experimental results also demonstrate that PPMS(k, θ, ɑ)-bounding can provide much better protection for privacy than the existing method and the new method dose not increase the information loss. PPMS(k, θ, ɑ)-bounding can improve the privacy, guaranteeing the information usability of the released tables.

show abstract

“…Ayrıca sırasıyla savcı, gazeteci ve pazarlamacı risklerinin %20, %20 ve % 6,96 olduğu görülmektedir. Bu çalışmada saldırgan kurbanın yayınlanan veri seti içerisinde olduğu bilgisine sahip olduğu varsayıldığından ρ-Kazanım öncesi savcı risk grafiği Şekil 9'da verilmiştir Grafik incelendiğinde kayıtların %4,24'nün yüksek risk aralığında (16,(7)(8)(9)(10)(11)(12)(13)(14)(15)(16)(17)(18)(19)(20) olduğu ve başlangıç riskinin %20 olduğu görülmektedir.…”

Section: Deneyler (Experimental Setup)unclassified

“…Veri toplayıcılar, topladıkları verileri çoğunlukla öznitelik ve kayıtlardan oluşan mikro veri tablosu biçiminde paylaşırlar. Mikro veri tablosundaki öznitelikler, her bir kayıtta yer alan muhatapları hakkında verdikleri bilgilere göre, kimlik tanımlayıcı öznitelik (Identifier-ID), birleşik tanımlayıcı öznitelik (Quasi Identifier-QID), hassas öznitelik (Sensitive Attribute-SA) ve hassas olmayan öznitelik (Non Sensitive Attribute-NSA) olmak üzere dört grupta sınıflandırılır [10]. Orijinal mikro veri tablosu T (ID, QID, SA, NSA), anonimleştirilmiş mikro veri tablosu T* (QID*, SA) biçiminde gösterilir.…”

Section: Gi̇ri̇ş (Introduction)unclassified

ρ-kazanım: fayda temelli veri yayınlama modeli

Vural¹,

Aydos²

2018

Gazi Üniversitesi Mühendislik-Mimarlık Fakültesi Dergisi

View full text Add to dashboard Cite

Privacy preserving data publishing  Data anonymization and privacy models  Data utility and outlier equivalence classes Data privacy is a difficult problem that tries to find the best balance between the privacy risks of data owners and the utility of data sharing to the third parties. Anonymization is the most commonly applied technique to overcome data privacy problems. The equivalence classes, the natural outcome of anonymization process, are classified according to the data utility in two main categories: Utility and Outlier Equivalence Classes (UEC, OEC). The utility equivalence class contains records that have been suppressed by anonymization techniques for privacy concerns. Meanwhile, the outlier equivalence class contains records that have been fully suppressed by anonymization techniques resulting in no data utility. Figure A. Data publishing process Purpose: The aim of this study is to define and construct a new anonymization model for data publishing process given the above Figure A with high data utility and low privacy risk for data publishing purpose.

show abstract

Privacy preserving data anonymization of spontaneous ADE reporting system dataset

Cited by 20 publications

References 14 publications

Utility-preserving anonymization for health data publishing

Utility-preserving anonymization for health data publishing

Improved privacy preserving method for periodical SRS publishing

ρ-kazanım: fayda temelli veri yayınlama modeli

Contact Info

Product

Resources

About