New threats to health data privacy

View/ Open
Issue Date
2011-11-24Author
Li, Fengjun
Zou, Xukai
Liu, Peng
Chen, Jake Y.
Publisher
BioMed Central
Type
Article
Article Version
Scholarly/refereed, publisher version
Rights
This is an Open Access article distributed under the terms of the Creative Commons Attribution License
(http://creativecommons.org/licenses/by/2.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Metadata
Show full item recordAbstract
Background: Along with the rapid digitalization of health data (e.g. Electronic Health Records), there is an increasing concern on maintaining data privacy while garnering the benefits, especially when the data are required to be published for secondary use. Most of the current research on protecting health data privacy is centered around data de-identification and data anonymization, which removes the identifiable information from the published health data to prevent an adversary from reasoning about the privacy of the patients. However, published health data is not the only source that the adversaries can count on: with a large amount of information that people voluntarily share on the Web, sophisticated attacks that join disparate information pieces from multiple sources against health data privacy become practical. Limited efforts have been devoted to studying these attacks yet.
Results: We study how patient privacy could be compromised with the help of today’s information technologies. In particular, we show that private healthcare information could be collected by aggregating and associating disparate pieces of information from multiple online data sources including online social networks, public records and search engine results. We demonstrate a real-world case study to show user identity and privacy are highly vulnerable to the attribution, inference and aggregation attacks. We also show that people are highly identifiable to adversaries even with inaccurate information pieces about the target, with real data analysis.
Conclusion: We claim that too much information has been made available electronic and available online that people are very vulnerable without effective privacy protection.
Collections
Citation
Li, Fengjun, Xukai Zou, Peng Liu, and Jake Y Chen. 2011. “New Threats to Health Data Privacy.” BMC Bioinformatics 12 Suppl 1 (Suppl 12): S7. http://dx.doi.org/10.1186/1471-2105-12-S12-S7.
Items in KU ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
We want to hear from you! Please share your stories about how Open Access to this item benefits YOU.
Except where otherwise noted, this item's license is described as: This is an Open Access article distributed under the terms of the Creative Commons Attribution License
(http://creativecommons.org/licenses/by/2.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.