The composition of a linked database on administrative healthcare and employment data in Austria

Introduction In Austria, healthcare and employment services are organized by different public entities. Therefore, administrative data are dispersed but share a common individual identifier. We present a linked dataset, matching individual information from both administrative ambits for Austria’s second largest province Lower Austria. Methods The linkage procedure is based on a previously published proof of concept [Endel et al. 2016, European Journal of Epidemiology 31, p. S49, DOI:10.1007/s10654-016-0183-1], which is applied on a larger scale for the first time. Utilizing the established link, selected variables are extracted from the respective sources and are merged on a shared infrastructure per project, thus preserving a high level of data protection and privacy. Results The linked databases cover employment records from 2002 to 2016, including information on, e.g., earnings and education as well as claims data from the health insurance system for 2006 to 2011, including outpatient contacts, inpatient episodes, prescriptions and leaves of absence. Data quality analysis and an in-depth documentation of major characteristics such as diagnoses and medication are prepared. Conclusion The resulting matched database provides the foundation for studying the coherence of burden of disease, healthcare services, employment, and earnings for a large population for several years

Fast Differentially Private Matrix Factorization

Differentially private collaborative filtering is a challenging task, both in terms of accuracy and speed. We present a simple algorithm that is provably differentially private, while offering good performance, using a novel connection of differential privacy to Bayesian posterior sampling via Stochastic Gradient Langevin Dynamics. Due to its simplicity the algorithm lends itself to efficient implementation. By careful systems design and by exploiting the power law behavior of the data to maximize CPU cache bandwidth we are able to generate 1024 dimensional models at a rate of 8.5 million recommendations per second on a single PC

Differential Privacy Applications to Bayesian and Linear Mixed Model Estimation

We consider a particular maximum likelihood estimator (MLE) and a computationally-intensive Bayesian method for differentially private estimation of the linear mixed-effects model (LMM) with normal random errors. The LMM is important because it is used in small area estimation and detailed industry tabulations that present significant challenges for confidentiality protection of the underlying data. The differentially private MLE performs well compared to the regular MLE, and deteriorates as the protection increases for a problem in which the small-area variation is at the county level. More dimensions of random effects are needed to adequately represent the time- dimension of the data, and for these cases the differentially private MLE cannot be computed. The direct Bayesian approach for the same model uses an informative, but reasonably diffuse, prior to compute the posterior predictive distribution for the random effects. The differential privacy of this approach is estimated by direct computation of the relevant odds ratios after deleting influential observations according to various criteria

The RFID PIA – developed by industry, agreed by regulators

This chapter discusses the privacy impact assessment (PIA) framework endorsed by the European Commission on February 11th, 2011. This PIA, the first to receive the Commission's endorsement, was developed to deal with privacy challenges associated with the deployment of radio frequency identification (RFID) technology, a key building block of the Internet of Things. The goal of this chapter is to present the methodology and key constructs of the RFID PIA Framework in more detail than was possible in the official text. RFID operators can use this article as a support document when they conduct PIAs and need to interpret the PIA Framework. The chapter begins with a history of why and how the PIA Framework for RFID came about. It then proceeds with a description of the endorsed PIA process for RFID applications and explains in detail how this process is supposed to function. It provides examples discussed during the development of the PIA Framework. These examples reflect the rationale behind and evolution of the text's methods and definitions. The chapter also provides insight into the stakeholder debates and compromises that have important implications for PIAs in general.Series: Working Papers on Information Systems, Information Business and Operation