Querying Medical Datasets while Preserving Privacy

Nafees Qamar; Yilong Yang; Andras Nadas; Zhiming Liu

doi:10.1016/j.procs.2016.09.049

Querying Medical Datasets while Preserving Privacy

Nafees Qamar
, Yilong Yang
, Andras Nadas
, Zhiming Liu^*

^*Corresponding author for this work

University of Hafr Al Batin
University of Macau
Vanderbilt University
Southwest University

Research output: Contribution to journal › Conference article › peer-review

4 Scopus citations

Abstract

This paper addresses the challenge of identifying clinically-relevant patterns in medical datasets without endangering patient privacy. To this end, we treat medical datasets as black box for both internal and external users of the data enabling a remote query mechanism to construct and execute database queries. The novelty of the approach lies in avoiding the complex data de-identification process which is often used to preserve patient privacy. The implemented toolkit combines software engineering technologies such as Java EE and RESTful web services, to allow exchanging medical data in an unidentifiable XML format along with restricting users to the need-to-know privacy principle. Consequently, the technique inhibits retrospective processing of data, such as attacks by an adversary on a medical dataset using advanced computational methods to reveal Protected Health Information (PHI). The approach is validated on an endoscopic reporting application based on openEHR and MST standards. The proposed approach is largely motivated by the issues related to querying datasets by clinical researchers, governmental or non-governmental organizations in monitoring health care services to improve quality of care.

Original language	English
Pages (from-to)	324-331
Number of pages	8
Journal	Procedia Computer Science
Volume	58
DOIs	https://doi.org/10.1016/j.procs.2016.09.049
State	Published - 2016
Externally published	Yes
Event	7th International Conference on Emerging Ubiquitous Systems and Pervasive Networks, EUSPN 2016 / The 6th International Conference on Current and Future Trends of Information and Communication Technologies in Healthcare, ICTH-2016 / Affiliated Workshops, 2016 - London, United Kingdom Duration: 19 Sep 2016 → 22 Sep 2016

Keywords

Automated Software Engineering
Data Privacy
Data de-identification
Data disclosure
Web Services

Access to Document

10.1016/j.procs.2016.09.049

Cite this

@article{7509ae37f7fd4d8daf87211e0398b693,

title = "Querying Medical Datasets while Preserving Privacy",

abstract = "This paper addresses the challenge of identifying clinically-relevant patterns in medical datasets without endangering patient privacy. To this end, we treat medical datasets as black box for both internal and external users of the data enabling a remote query mechanism to construct and execute database queries. The novelty of the approach lies in avoiding the complex data de-identification process which is often used to preserve patient privacy. The implemented toolkit combines software engineering technologies such as Java EE and RESTful web services, to allow exchanging medical data in an unidentifiable XML format along with restricting users to the need-to-know privacy principle. Consequently, the technique inhibits retrospective processing of data, such as attacks by an adversary on a medical dataset using advanced computational methods to reveal Protected Health Information (PHI). The approach is validated on an endoscopic reporting application based on openEHR and MST standards. The proposed approach is largely motivated by the issues related to querying datasets by clinical researchers, governmental or non-governmental organizations in monitoring health care services to improve quality of care.",

keywords = "Automated Software Engineering, Data Privacy, Data de-identification, Data disclosure, Web Services",

author = "Nafees Qamar and Yilong Yang and Andras Nadas and Zhiming Liu",

year = "2016",

doi = "10.1016/j.procs.2016.09.049",

language = "英语",

volume = "58",

pages = "324--331",

journal = "Procedia Computer Science",

issn = "1877-0509",

publisher = "Elsevier B.V.",

note = "7th International Conference on Emerging Ubiquitous Systems and Pervasive Networks, EUSPN 2016 / The 6th International Conference on Current and Future Trends of Information and Communication Technologies in Healthcare, ICTH-2016 / Affiliated Workshops, 2016 ; Conference date: 19-09-2016 Through 22-09-2016",

}

TY - JOUR

T1 - Querying Medical Datasets while Preserving Privacy

AU - Qamar, Nafees

AU - Yang, Yilong

AU - Nadas, Andras

AU - Liu, Zhiming

PY - 2016

Y1 - 2016

N2 - This paper addresses the challenge of identifying clinically-relevant patterns in medical datasets without endangering patient privacy. To this end, we treat medical datasets as black box for both internal and external users of the data enabling a remote query mechanism to construct and execute database queries. The novelty of the approach lies in avoiding the complex data de-identification process which is often used to preserve patient privacy. The implemented toolkit combines software engineering technologies such as Java EE and RESTful web services, to allow exchanging medical data in an unidentifiable XML format along with restricting users to the need-to-know privacy principle. Consequently, the technique inhibits retrospective processing of data, such as attacks by an adversary on a medical dataset using advanced computational methods to reveal Protected Health Information (PHI). The approach is validated on an endoscopic reporting application based on openEHR and MST standards. The proposed approach is largely motivated by the issues related to querying datasets by clinical researchers, governmental or non-governmental organizations in monitoring health care services to improve quality of care.

AB - This paper addresses the challenge of identifying clinically-relevant patterns in medical datasets without endangering patient privacy. To this end, we treat medical datasets as black box for both internal and external users of the data enabling a remote query mechanism to construct and execute database queries. The novelty of the approach lies in avoiding the complex data de-identification process which is often used to preserve patient privacy. The implemented toolkit combines software engineering technologies such as Java EE and RESTful web services, to allow exchanging medical data in an unidentifiable XML format along with restricting users to the need-to-know privacy principle. Consequently, the technique inhibits retrospective processing of data, such as attacks by an adversary on a medical dataset using advanced computational methods to reveal Protected Health Information (PHI). The approach is validated on an endoscopic reporting application based on openEHR and MST standards. The proposed approach is largely motivated by the issues related to querying datasets by clinical researchers, governmental or non-governmental organizations in monitoring health care services to improve quality of care.

KW - Automated Software Engineering

KW - Data Privacy

KW - Data de-identification

KW - Data disclosure

KW - Web Services

UR - https://www.scopus.com/pages/publications/84992343705

U2 - 10.1016/j.procs.2016.09.049

DO - 10.1016/j.procs.2016.09.049

M3 - 会议文章

AN - SCOPUS:84992343705

SN - 1877-0509

VL - 58

SP - 324

EP - 331

JO - Procedia Computer Science

JF - Procedia Computer Science

T2 - 7th International Conference on Emerging Ubiquitous Systems and Pervasive Networks, EUSPN 2016 / The 6th International Conference on Current and Future Trends of Information and Communication Technologies in Healthcare, ICTH-2016 / Affiliated Workshops, 2016

Y2 - 19 September 2016 through 22 September 2016

ER -

Querying Medical Datasets while Preserving Privacy

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this