A genetic approach to statistical disclosure control

Statistical disclosure control is the collective name for a range of tools used by data providers such as government departments to protect the confidentiality of individuals or organizations. When the published tables contain magnitude data such as turnover or health statistics, the preferred method is to suppress the values of certain cells. Assigning a cost to the information lost by suppressing any given cell creates the cell suppression problem. This consists of finding the minimum cost solution which meets the confidentiality constraints. Solving this problem simultaneously for all of the sensitive cells in a table is NP-hard and not possible for medium to large sized tables. In this paper, we describe the development of a heuristic tool for this problem which hybridizes linear programming (to solve a relaxed version for a single sensitive cell) with a genetic algorithm (to seek an order for considering the sensitive cells which minimizes the final cost). Considering a range of real-world and representative artificial datasets, we show that the method is able to provide relatively low cost solutions for far larger tables than is possible for the optimal approach to tackle. We show that our genetic approach is able to significantly improve on the initial solutions provided by existing heuristics for cell ordering, and outperforms local search. This approach is then extended and applied to large statistical tables with over 200000 cells. © 2012 IEEE

Routes for breaching and protecting genetic privacy

We are entering the era of ubiquitous genetic information for research, clinical care, and personal curiosity. Sharing these datasets is vital for rapid progress in understanding the genetic basis of human diseases. However, one growing concern is the ability to protect the genetic privacy of the data originators. Here, we technically map threats to genetic privacy and discuss potential mitigation strategies for privacy-preserving dissemination of genetic data.Comment: Draft for comment

Ethical issues of electronic patient data and informatics in clinical trial settings

The field of cancer bio-informatics unites the disciplines of scientific and clinical research withclinical practice and the treatment of individual patients. There is a need to study patients andsometimes their families, over many decades, to follow disease progress and long-term outcomes.This may require research teams to access the routinely-collected health data from generalpractice and hospital health records, prior to and after the cancer diagnosis is made. This clinicalinformation will increasingly include data provided by patients or acquired from them throughwearable devices that can monitor or deliver treatment, and data acquired from genetic relativesof the patient.All of these data, whether explicitly collected for the purpose of a clinical study, or routinelycollected as part of a patient?s life-time healthcare journey, are personal health data. There areethical and legal requirements to manage these data with care. This chapter explores the ethicalrequirements for collecting, holding, analysing and sharing personal health data, and thelegislation covering such activities

Joining up health and bioinformatics: e-science meets e-health

CLEF (Co-operative Clinical e-Science Framework) is an MRC sponsored project in the e-Science programme that aims to establish methodologies and a technical infrastructure forthe next generation of integrated clinical and bioscience research. It is developing methodsfor managing and using pseudonymised repositories of the long-term patient histories whichcan be linked to genetic, genomic information or used to support patient care. CLEF concentrateson removing key barriers to managing such repositories ? ethical issues, informationcapture, integration of disparate sources into coherent ?chronicles? of events, userorientedmechanisms for querying and displaying the information, and compiling the requiredknowledge resources. This paper describes the overall information flow and technicalapproach designed to meet these aims within a Grid framework

Systematizing Genome Privacy Research: A Privacy-Enhancing Technologies Perspective

Rapid advances in human genomics are enabling researchers to gain a better understanding of the role of the genome in our health and well-being, stimulating hope for more effective and cost efficient healthcare. However, this also prompts a number of security and privacy concerns stemming from the distinctive characteristics of genomic data. To address them, a new research community has emerged and produced a large number of publications and initiatives. In this paper, we rely on a structured methodology to contextualize and provide a critical analysis of the current knowledge on privacy-enhancing technologies used for testing, storing, and sharing genomic data, using a representative sample of the work published in the past decade. We identify and discuss limitations, technical challenges, and issues faced by the community, focusing in particular on those that are inherently tied to the nature of the problem and are harder for the community alone to address. Finally, we report on the importance and difficulty of the identified challenges based on an online survey of genome data privacy expertsComment: To appear in the Proceedings on Privacy Enhancing Technologies (PoPETs), Vol. 2019, Issue

Personal Privacy and Common Goods: A Framework for Balancing Under the National Health Information Privacy Rule

In this Article, we discuss how these principles for balancing apply in a number of important contexts where individually identifiable health data are shared. In Part I, we analyze the modern view favoring autonomy and privacy. In the last several decades, individual autonomy has been used as a justification for preventing sharing of information irrespective of the good to be achieved. Although respect for privacy can sometimes be important for achieving public purposes (e.g., fostering the physician/patient relationship), it can also impair the achievement of goals that are necessary for any healthy and prosperous society. A framework for balancing that strictly favors privacy can lead to reduced efficiencies in clinical care, research, and public health. We reason that society would be better served, and individuals would be only marginally less protected, if privacy rules permitted exchange of data for important public benefits. In Part II, we explain the national health information privacy regulations: (1) what do they cover?; (2) to whom do they apply?; and (3) how do they safeguard personal privacy? Parts III and IV focus on whether the standards adhere, or fail to adhere, to the privacy principles discussed in Part I. In Part III, we examine two autonomy rules established in the national privacy regulations: informed consent (for uses or disclosures of identifiable health data for health-care related purposes) and written authorization (for uses or disclosures of health data for non-health care related purposes). We observe that the informed consent rule is neither informed nor consensual. The rule is likely to thwart the effective management of health organizations without benefiting the individual. Requiring written authorization, on the other hand, protects individual privacy to prevent disclosures to entities that do not perform health-related functions, such as employers and life insurers. In Part IV, we examine various contexts in which data can be shared for public purposes under the national privacy rule: public health, research, law enforcement, familial notification, and commercial marketing. We apply our framework for balancing in each context and observe the relative strengths and weaknesses of the privacy regulations in achieving a fair balance of private and public interests

Behavioral Genetics Research and Criminal DNA Databases

Kaye discusses DNA databanks and the potential use of such databanks for behavioral genetics research. He addresses the concern that DNA databanks serve as a limitless repository for future research and that the samples used in the databanks could be used for research into a crime gene