Your browser doesn't support javascript.
loading
Proposal and Assessment of a De-Identification Strategy to Enhance Anonymity of the Observational Medical Outcomes Partnership Common Data Model (OMOP-CDM) in a Public Cloud-Computing Environment: Anonymization of Medical Data Using Privacy Models.
Jeon, Seungho; Seo, Jeongeun; Kim, Sukyoung; Lee, Jeongmoon; Kim, Jong-Ho; Sohn, Jang Wook; Moon, Jongsub; Joo, Hyung Joon.
Afiliação
  • Jeon S; Division of Information Security, Graduate School of Information Security, Korea University, Seoul, Republic of Korea.
  • Seo J; Division of Information Security, Graduate School of Information Security, Korea University, Seoul, Republic of Korea.
  • Kim S; Division of Information Security, Graduate School of Information Security, Korea University, Seoul, Republic of Korea.
  • Lee J; Korea University Research Institute for Medical Bigdata Science, Korea University, Seoul, Republic of Korea.
  • Kim JH; Department of Cardiology, Cardiovascular Center, Korea University, Seoul, Republic of Korea.
  • Sohn JW; Division of Infectious Diseases, Department of Internal Medicine, College of Medicine, Korea University, Seoul, Republic of Korea.
  • Moon J; Division of Information Security, Graduate School of Information Security, Korea University, Seoul, Republic of Korea.
  • Joo HJ; Department of Internal Medicine, Korea University College of Medicine, Korea University, Seoul, Republic of Korea.
J Med Internet Res ; 22(11): e19597, 2020 11 26.
Article em En | MEDLINE | ID: mdl-33177037
BACKGROUND: De-identifying personal information is critical when using personal health data for secondary research. The Observational Medical Outcomes Partnership Common Data Model (CDM), defined by the nonprofit organization Observational Health Data Sciences and Informatics, has been gaining attention for its use in the analysis of patient-level clinical data obtained from various medical institutions. When analyzing such data in a public environment such as a cloud-computing system, an appropriate de-identification strategy is required to protect patient privacy. OBJECTIVE: This study proposes and evaluates a de-identification strategy that is comprised of several rules along with privacy models such as k-anonymity, l-diversity, and t-closeness. The proposed strategy was evaluated using the actual CDM database. METHODS: The CDM database used in this study was constructed by the Anam Hospital of Korea University. Analysis and evaluation were performed using the ARX anonymizing framework in combination with the k-anonymity, l-diversity, and t-closeness privacy models. RESULTS: The CDM database, which was constructed according to the rules established by Observational Health Data Sciences and Informatics, exhibited a low risk of re-identification: The highest re-identifiable record rate (11.3%) in the dataset was exhibited by the DRUG_EXPOSURE table, with a re-identification success rate of 0.03%. However, because all tables include at least one "highest risk" value of 100%, suitable anonymizing techniques are required; moreover, the CDM database preserves the "source values" (raw data), a combination of which could increase the risk of re-identification. Therefore, this study proposes an enhanced strategy to de-identify the source values to significantly reduce not only the highest risk in the k-anonymity, l-diversity, and t-closeness privacy models but also the overall possibility of re-identification. CONCLUSIONS: Our proposed de-identification strategy effectively enhanced the privacy of the CDM database, thereby encouraging clinical research involving multiple centers.
Assuntos
Palavras-chave

Texto completo: 1 Base de dados: MEDLINE Assunto principal: Informática Médica / Bases de Dados Factuais / Confidencialidade / Anonimização de Dados / Computação em Nuvem Tipo de estudo: Diagnostic_studies / Prognostic_studies Limite: Humans Idioma: En Ano de publicação: 2020 Tipo de documento: Article

Texto completo: 1 Base de dados: MEDLINE Assunto principal: Informática Médica / Bases de Dados Factuais / Confidencialidade / Anonimização de Dados / Computação em Nuvem Tipo de estudo: Diagnostic_studies / Prognostic_studies Limite: Humans Idioma: En Ano de publicação: 2020 Tipo de documento: Article