Quantifying the Re-identification Risk of Event Logs for Process Mining

Event logs recorded during the execution of business processes constitute a valuable source of information. Applying process mining techniques to them, event logs may reveal the actual process execution and enable reasoning on quantitative or qualitative process properties. However, event logs often contain sensitive information that could be related to individual process stakeholders through background information and cross-correlation. We therefore argue that, when publishing event logs, the risk of such re-identification attacks must be considered. In this paper, we show how to quantify the re-identification risk with measures for the individual uniqueness in event logs. We also report on a large-scale study that explored the individual uniqueness in a collection of publicly available event logs. Our results suggest that potentially up to all of the cases in an event log may be re-identified, which highlights the importance of privacy-preserving techniques in process mining.Comment: Accepted to CAiSE-202

Process mining for healthcare: Characteristics and challenges

Process mining techniques can be used to analyse business processes using the data logged during their execution. These techniques are leveraged in a wide range of domains, including healthcare, where it focuses mainly on the analysis of diagnostic, treatment, and organisational processes. Despite the huge amount of data generated in hospitals by staff and machinery involved in healthcare processes, there is no evidence of a systematic uptake of process mining beyond targeted case studies in a research context. When developing and using process mining in healthcare, distinguishing characteristics of healthcare processes such as their variability and patient-centred focus require targeted attention. Against this background, the Process-Oriented Data Science in Healthcare Alliance has been established to propagate the research and application of techniques targeting the data-driven improvement of healthcare processes. This paper, an initiative of the alliance, presents the distinguishing characteristics of the healthcare domain that need to be considered to successfully use process mining, as well as open challenges that need to be addressed by the community in the future.This work is partially supported by ANID FONDECYT 1220202, Dirección de Investigación de la Vicerrectoría de Investigación de la Pontificia Universidad Católica de Chile - PUENTE [Grant No. 026/ 2021]; and Agencia Nacional de Investigación y Desarrollo [Grant Nos. ANID-PFCHA/Doctorado Nacional/2019–21190116, ANID-PFCHA/ Doctorado Nacional/2020–21201411]. With regard to the co-author Hilda Klasky, this manuscript has been authored by UT-Battelle, LLC, under contract DE-AC05-00OR22725 with the US Department of Energy (DOE). The US government retains and the publisher, by accepting the article for publication, acknowledges that the US government retains a nonexclusive, paid-up, irrevocable, worldwide license to publish or reproduce the published form of this manuscript, or allow others to do so, for US government purposes. DOE will provide public access to these results of federally sponsored research in accordance with the DOE Public Access Plan (http://energy.gov/downloads/doe-public-accessplan).Peer ReviewedArticle signat per 55 autors/es: Jorge Munoz-Gama (a)* , Niels Martin (b,c)* , Carlos Fernandez-Llatas (d,g)* , Owen A. Johnson (e)* , Marcos Sepúlveda (a)* , Emmanuel Helm (f)* , Victor Galvez-Yanjari (a)* , Eric Rojas (a) , Antonio Martinez-Millana (d) , Davide Aloini (k) , Ilaria Angela Amantea (l,q,r) , Robert Andrews (ab), Michael Arias (z) , Iris Beerepoot (o) , Elisabetta Benevento (k) , Andrea Burattin (ai), Daniel Capurro (j) , Josep Carmona (s) , Marco Comuzzi (w), Benjamin Dalmas (aj,ak), Rene de la Fuente (a) , Chiara Di Francescomarino (h) , Claudio Di Ciccio (i) , Roberto Gatta (ad,ae), Chiara Ghidini (h) , Fernanda Gonzalez-Lopez (a) , Gema Ibanez-Sanchez (d) , Hilda B. Klasky (p) , Angelina Prima Kurniati (al), Xixi Lu (o) , Felix Mannhardt (m), Ronny Mans (af), Mar Marcos (v) , Renata Medeiros de Carvalho (m), Marco Pegoraro (x) , Simon K. Poon (ag), Luise Pufahl (u) , Hajo A. Reijers (m,o) , Simon Remy (y) , Stefanie Rinderle-Ma (ah), Lucia Sacchi (t) , Fernando Seoane (g,am,an), Minseok Song (aa), Alessandro Stefanini (k) , Emilio Sulis (l) , Arthur H. M. ter Hofstede (ab), Pieter J. Toussaint (ac), Vicente Traver (d) , Zoe Valero-Ramon (d) , Inge van de Weerd (o) , Wil M.P. van der Aalst (x) , Rob Vanwersch (m), Mathias Weske (y) , Moe Thandar Wynn (ab), Francesca Zerbato (n) // (a) Pontificia Universidad Catolica de Chile, Chile; (b) Hasselt University, Belgium; (c) Research Foundation Flanders (FWO), Belgium; (d) Universitat Politècnica de València, Spain; (e) University of Leeds, United Kingdom; (f) University of Applied Sciences Upper Austria, Austria; (g) Karolinska Institutet, Sweden; (h) Fondazione Bruno Kessler, Italy; (i) Sapienza University of Rome, Italy; (j) University of Melbourne, Australia; (k) University of Pisa, Italy; (l) University of Turin, Italy; (m) Eindhoven University of Technology, The Netherlands; (n) University of St. Gallen, Switzerland; (o) Utrecht University, The Netherlands; (p) Oak Ridge National Laboratory, United States; (q) University of Bologna, Italy; (r) University of Luxembourg, Luxembourg; (s) Universitat Politècnica de Catalunya, Spain; (t) University of Pavia, Italy; (u) Technische Universitaet Berlin, Germany; (v) Universitat Jaume I, Spain; (w) Ulsan National Institute of Science and Technology (UNIST), Republic of Korea; (x) RWTH Aachen University, Germany; (y) University of Potsdam, Germany; (z) Universidad de Costa Rica, Costa Rica; (aa) Pohang University of Science and Technology, Republic of Korea; (ab) Queensland University of Technology, Australia; (ac) Norwegian University of Science and Technology, Norway; (ad) Universita degli Studi di Brescia, Italy; (ae) Lausanne University Hospital (CHUV), Switzerland; (af) Philips Research, the Netherlands; (ag) The University of Sydney, Australia; (ah) Technical University of Munich, Germany; (ai) Technical University of Denmark, Denmark; (aj) Mines Saint-Etienne, France; (ak) Université Clermont Auvergne, France; (al) Telkom University, Indonesia; (am) Karolinska University Hospital, Sweden; (an) University of Borås, SwedenPostprint (published version

Process mining for healthcare: Characteristics and challenges

[EN] Process mining techniques can be used to analyse business processes using the data logged during their execution. These techniques are leveraged in a wide range of domains, including healthcare, where it focuses mainly on the analysis of diagnostic, treatment, and organisational processes. Despite the huge amount of data generated in hospitals by staff and machinery involved in healthcare processes, there is no evidence of a systematic uptake of process mining beyond targeted case studies in a research context. When developing and using process mining in healthcare, distinguishing characteristics of healthcare processes such as their variability and patient-centred focus require targeted attention. Against this background, the Process-Oriented Data Science in Healthcare Alliance has been established to propagate the research and application of techniques targeting the data-driven improvement of healthcare processes. This paper, an initiative of the alliance, presents the distinguishing characteristics of the healthcare domain that need to be considered to successfully use process mining, as well as open challenges that need to be addressed by the community in the future.This work is partially supported by ANID FONDECYT 1220202, Direccion de Investigacion de la Vicerrectoria de Investigacion de la Pontificia Universidad Catolica de Chile-PUENTE [Grant No. 026/2021] ; and Agencia Nacional de Investigacion y Desarrollo [Grant Nos. ANID-PFCHA/Doctorado Nacional/2019-21190116, ANID-PFCHA/Doctorado Nacional/2020-21201411] . With regard to the co-author Hilda Klasky, this manuscript has been authored by UT-Battelle, LLC, under contract DE-AC05-00OR22725 with the US Department of Energy (DOE) . The US government retains and the publisher, by accepting the article for publication, acknowledges that the US government retains a nonexclusive, paid-up, irrevocable, worldwide license to publish or reproduce the published form of this manuscript, or allow others to do so, for US government purposes. DOE will provide public access to these results of federally sponsored research in accordance with the DOE Public Access Plan (http://energy.gov/downloads/doe-public-access-plan)Munoz Gama, J.; Martin, N.; Fernández Llatas, C.; Johnson, OA.; Sepúlveda, M.; Helm, E.; Galvez-Yanjari, V.... (2022). Process mining for healthcare: Characteristics and challenges. Journal of Biomedical Informatics. 127:1-15. https://doi.org/10.1016/j.jbi.2022.10399411512

Generative Adversarial Networks for Multi-Objective Synthetic Data Generation

Synthetic data has become increasingly accessible due to remarkable advancements in machine learning. This data is extremely useful to researchers due to its wide range of applications. Synthetic data may be used to robust populations that are under-sampled, or to create permutations of some existing data, generating combinations not seen in the original data. Synthetic data may also be used in place of the original data completely when sensitive aspects limit the distribution.Previously, research in synthetic data generation has been primarily focused on generating data that is maximally realistic. Significantly less attention has been paid to assurances of other components of the data, such as privacy concerns or data diversity. This has left a gap in the field of synthetic data generation. We address this through the investigation of multi-agent synthetic data generation.In this dissertation, we expand the scope of data generation by introducing agents that optimize various facets of synthetic data, such as privacy, class diversity, and training utility. We propose a novel, multi-objective synthetic generation framework to allow all of these objectives to be optimized. We finally demonstrate this framework can generate high quality data across multiple domains for an arbitrary number of objectives

Contributions to Context-Aware Smart Healthcare: A Security and Privacy Perspective

Les tecnologies de la informació i la comunicació han canviat les nostres vides de manera irreversible. La indústria sanitària, una de les indústries més grans i de major creixement, està dedicant molts esforços per adoptar les últimes tecnologies en la pràctica mèdica diària. Per tant, no és sorprenent que els paradigmes sanitaris estiguin en constant evolució cercant serveis més eficients, eficaços i sostenibles. En aquest context, el potencial de la computació ubiqua mitjançant telèfons intel·ligents, rellotges intel·ligents i altres dispositius IoT ha esdevingut fonamental per recopilar grans volums de dades, especialment relacionats amb l'estat de salut i la ubicació de les persones. Les millores en les capacitats de detecció juntament amb l'aparició de xarxes de telecomunicacions d'alta velocitat han facilitat la implementació d'entorns sensibles al context, com les cases i les ciutats intel·ligents, capaços d'adaptar-se a les necessitats dels ciutadans. La interacció entre la computació ubiqua i els entorns sensibles al context va obrir la porta al paradigma de la salut intel·ligent, centrat en la prestació de serveis de salut personalitzats i de valor afegit mitjançant l'explotació de grans quantitats de dades sanitàries, de mobilitat i contextuals. No obstant, la gestió de dades sanitàries, des de la seva recollida fins a la seva anàlisi, planteja una sèrie de problemes desafiants a causa del seu caràcter altament confidencial. Aquesta tesi té per objectiu abordar diversos reptes de seguretat i privadesa dins del paradigma de la salut intel·ligent. Els resultats d'aquesta tesi pretenen ajudar a la comunitat científica a millorar la seguretat dels entorns intel·ligents del futur, així com la privadesa dels ciutadans respecte a les seves dades personals i sanitàries.Las tecnologías de la información y la comunicación han cambiado nuestras vidas de forma irreversible. La industria sanitaria, una de las industrias más grandes y de mayor crecimiento, está dedicando muchos esfuerzos por adoptar las últimas tecnologías en la práctica médica diaria. Por tanto, no es sorprendente que los paradigmas sanitarios estén en constante evolución en busca de servicios más eficientes, eficaces y sostenibles. En este contexto, el potencial de la computación ubicua mediante teléfonos inteligentes, relojes inteligentes, dispositivos wearables y otros dispositivos IoT ha sido fundamental para recopilar grandes volúmenes de datos, especialmente relacionados con el estado de salud y la localización de las personas. Las mejoras en las capacidades de detección junto con la aparición de redes de telecomunicaciones de alta velocidad han facilitado la implementación de entornos sensibles al contexto, como las casas y las ciudades inteligentes, capaces de adaptarse a las necesidades de los ciudadanos. La interacción entre la computación ubicua y los entornos sensibles al contexto abrió la puerta al paradigma de la salud inteligente, centrado en la prestación de servicios de salud personalizados y de valor añadido mediante la explotación significativa de grandes cantidades de datos sanitarios, de movilidad y contextuales. No obstante, la gestión de datos sanitarios, desde su recogida hasta su análisis, plantea una serie de cuestiones desafiantes debido a su naturaleza altamente confidencial. Esta tesis tiene por objetivo abordar varios retos de seguridad y privacidad dentro del paradigma de la salud inteligente. Los resultados de esta tesis pretenden ayudar a la comunidad científica a mejorar la seguridad de los entornos inteligentes del futuro, así como la privacidad de los ciudadanos con respecto a sus datos personales y sanitarios.Information and communication technologies have irreversibly changed our lives. The healthcare industry, one of the world’s largest and fastest-growing industries, is dedicating many efforts in adopting the latest technologies into daily medical practice. It is not therefore surprising that healthcare paradigms are constantly evolving seeking for more efficient, effective and sustainable services. In this context, the potential of ubiquitous computing through smartphones, smartwatches, wearables and IoT devices has become fundamental to collect large volumes of data, including people's health status and people’s location. The enhanced sensing capabilities together with the emergence of high-speed telecommunication networks have facilitated the implementation of context-aware environments, such as smart homes and smart cities, able to adapt themselves to the citizens needs. The interplay between ubiquitous computing and context-aware environments opened the door to the so-called smart health paradigm, focused on the provision of added-value personalised health services by meaningfully exploiting vast amounts of health, mobility and contextual data. However, the management of health data, from their gathering to their analysis, arises a number of challenging issues due to their highly confidential nature. In particular, this dissertation addresses several security and privacy challenges within the smart health paradigm. The results of this dissertation are intended to help the research community to enhance the security of the intelligent environments of the future as well as the privacy of the citizens regarding their personal and health data