Beyond Safe Harbor: Risk of Exposing Location in De-Identified Clinical Data

The use of de-identified EHR data for clinical and translational research has increased significantly since the HIPAA Privacy Rule De-Identification standards went into effect -Inclusion of SDOH measures in de-identified research is increasing as well, which presents an inherent risk of re-identifying PHI (primarily location units smaller than the state) -Data warehouse architecture and institutional policies need to recognize the risk associated with providing multiple location-based indices -Research interests are secondary to privacy concerns throughout biomedical research, but particularly in de-identified research, which is intended to promote more secure access to EHR data while allowing for expedient access (fewer institutional barriers to entry)https://digitalcommons.unmc.edu/com_neuro_pres/1000/thumbnail.jp

Who is who at different cameras: people re-identification using depth cameras

This study proposes the concept of bodyprints to perform re-identification of people in surveillance videos. Bodyprints are obtained using calibrated depth-colour cameras such as kinect. The author's results on a database of 40 people show that bodyprints are very robust to changes of pose, point of view and illumination. Potential applications include tracking people with networks of non-overlapping cameras. © 2012 The Institution of Engineering and Technology.The work presented in this paper has been funded by the Spanish Ministry of Science and Technology under the CICYT contract TEVISMART, TEC2009-09146.Albiol Colomer, AJ.; Albiol Colomer, A.; Oliver Moll, J.; Mossi García, JM. (2012). Who is who at different cameras: people re-identification using depth cameras. IET Computer Vision. 6(5):378-387. https://doi.org/10.1049/iet-cvi.2011.0140S37838765Dee, H. M., & Velastin, S. A. (2007). How close are we to solving the problem of automated visual surveillance? Machine Vision and Applications, 19(5-6), 329-343. doi:10.1007/s00138-007-0077-zhttp://www.pointclouds.org/Zhang, Z., & Troje, N. F. (2005). View-independent person identification from human gait. Neurocomputing, 69(1-3), 250-256. doi:10.1016/j.neucom.2005.06.002Bazzani, L., Cristani, M., Perina, A., Farenzena, M., & Murino, V. (2010). Multiple-Shot Person Re-identification by HPE Signature. 2010 20th International Conference on Pattern Recognition. doi:10.1109/icpr.2010.349Doretto, G., Sebastian, T., Tu, P., & Rittscher, J. (2011). Appearance-based person reidentification in camera networks: problem overview and current approaches. Journal of Ambient Intelligence and Humanized Computing, 2(2), 127-151. doi:10.1007/s12652-010-0034-yBk, S., Corvee, E., Bremond, F., & Thonnat, M. (2010). Person Re-identification Using Spatial Covariance Regions of Human Body Parts. 2010 7th IEEE International Conference on Advanced Video and Signal Based Surveillance. doi:10.1109/avss.2010.34Da-Jinn Wang, Chao-Ho Chen, Tsong-Yi Chen, & Chien-Tsung Lee. (2009). People Recognition for Entering & Leaving a Video Surveillance Area. 2009 Fourth International Conference on Innovative Computing, Information and Control (ICICIC). doi:10.1109/icicic.2009.293Bird, N. D., Masoud, O., Papanikolopoulos, N. P., & Isaacs, A. (2005). Detection of Loitering Individuals in Public Transportation Areas. IEEE Transactions on Intelligent Transportation Systems, 6(2), 167-177. doi:10.1109/tits.2005.848370Oliveira, I. O. de, & Pio, J. L. de S. (2009). People Reidentification in a Camera Network. 2009 Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing. doi:10.1109/dasc.2009.33Hamdoun, O., Moutarde, F., Stanciulescu, B., & Steux, B. (2008). Person re-identification in multi-camera system by signature based on interest point descriptors collected on short video sequences. 2008 Second ACM/IEEE International Conference on Distributed Smart Cameras. doi:10.1109/icdsc.2008.4635689Office, U.H.: ‘i-LIDS multiple camera tracking scenario definition’, 2008)http://www.gpiv.upv.es/kinect_data/http://www.primesense.com/http://www.openni.org/http://opencv.willowgarage.com/http://www.ros.org/http://kinectforwindows.org/Grimaud, M. (1992). New measure of contrast: the dynamics. Image Algebra and Morphological Image Processing III. doi:10.1117/12.60650Beucher, S., and Meyer, F.: ‘The morphological approach to segmentation: the watershed transformation’, (Marcel-Dekker 1992), p. 433–4

Health Participatory Sensing Networks for Mobile Device Public Health Data Collection and Intervention

The pervasive availability and increasingly sophisticated functionalities of smartphones and their connected external sensors or wearable devices can provide new data collection capabilities relevant to public health. Current research and commercial efforts have concentrated on sensor-based collection of health data for personal fitness and personal healthcare feedback purposes. However, to date there has not been a detailed investigation of how such smartphones and sensors can be utilized for public health data collection. Unlike most sensing applications, in the case of public health, capturing comprehensive and detailed data is not a necessity, as aggregate data alone is in many cases sufficient for public health purposes. As such, public health data has the characteristic of being capturable whilst still not infringing privacy, as the detailed data of individuals that may allow re-identification is not needed, but rather only aggregate, de-identified and non-unique data for an individual. These types of public health data collection provide the challenge of the need to be flexible enough to answer a range of public health queries, while ensuring the level of detail returned preserves privacy. Additionally, the distribution of public health data collection request and other information to the participants without identifying the individual is a core requirement. An additional requirement for health participatory sensing networks is the ability to perform public health interventions. As with data collection, this needs to be completed in a non-identifying and privacy preserving manner. This thesis proposes a solution to these challenges, whereby a form of query assurance provides private and secure distribution of data collection requests and public health interventions to participants. While an additional, privacy preserving threshold approach to local processing of data prior to submission is used to provide re-identification protection for the participant. The evaluation finds that with manageable overheads, minimal reduction in the detail of collected data and strict communication privacy; privacy and anonymity can be preserved. This is significant for the field of participatory health sensing as a major concern of participants is most often real or perceived privacy risks of contribution

The Chandra COSMOS Survey: III. Optical and Infrared Identification of X-ray Point Sources

The Chandra COSMOS Survey (C-COSMOS) is a large, 1.8 Ms, Chandra program that has imaged the central 0.9 deg^2 of the COSMOS field down to limiting depths of 1.9 10^-16 erg cm^-2 s-1 in the 0.5-2 keV band, 7.3 10^-16 erg cm^-2 s^-1 in the 2-10 keV band, and 5.7 10^-16 erg cm^-2 s-1 in the 0.5-10 keV band. In this paper we report the i, K and 3.6micron identifications of the 1761 X-ray point sources. We use the likelihood ratio technique to derive the association of optical/infrared counterparts for 97% of the X-ray sources. For most of the remaining 3%, the presence of multiple counterparts or the faintness of the possible counterpart prevented a unique association. For only 10 X-ray sources we were not able to associate a counterpart, mostly due to the presence of a very bright field source close by. Only 2 sources are truly empty fields. Making use of the large number of X-ray sources, we update the "classic locus" of AGN and define a new locus containing 90% of the AGN in the survey with full band luminosity >10^42 erg/s. We present the linear fit between the total i band magnitude and the X-ray flux in the soft and hard band, drawn over 2 orders of magnitude in X-ray flux, obtained using the combined C-COSMOS and XMM-COSMOS samples. We focus on the X-ray to optical flux ratio (X/O) and we test its known correlation with redshift and luminosity, and a recently introduced anti-correlation with the concentration index (C). We find a strong anti-correlation (though the dispersion is of the order of 0.5 dex) between C and X/O, computed in the hard band, and that 90% of the obscured AGN in the sample with morphological information live in galaxies with regular morphology (bulgy and disky/spiral), suggesting that secular processes govern a significant fraction of the BH growth at X-ray luminosities of 10^43- 10^44.5 erg/s.Comment: 21 pages, 17 figures, 4 tables; accepted for publication in ApJS. The catalog is available at the urls listed in the pape

Patient privacy protection using anonymous access control techniques

Objective: The objective of this study is to develop a solution to preserve security and privacy in a healthcare environment where health-sensitive information will be accessed by many parties and stored in various distributed databases. The solution should maintain anonymous medical records and it should be able to link anonymous medical information in distributed databases into a single patient medical record with the patient identity. Methods: In this paper we present a protocol that can be used to authenticate and authorize patients to healthcare services without providing the patient identification. Healthcare service can identify the patient using separate temporary identities in each identification session and medical records are linked to these temporary identities. Temporary identities can be used to enable record linkage and reverse track real patient identity in critical medical situations. Results: The proposed protocol provides main security and privacy services such as user anonymity, message privacy, message confidentiality, user authentication, user authorization and message replay attacks. The medical environment validates the patient at the healthcare service as a real and registered patient for the medical services. Using the proposed protocol, the patient anonymous medical records at different healthcare services can be linked into one single report and it is possible to securely reverse track anonymous patient into the real identity. Conclusion: The protocol protects the patient privacy with a secure anonymous authentication to healthcare services and medical record registries according to the European and the UK legislations, where the patient real identity is not disclosed with the distributed patient medical records

Security and confidentiality approach for the Clinical E-Science Framework (CLEF)

CLEF is an MRC sponsored project in the E-Science programme that aims to establish policies and infrastructure for the next generation of integrated clinical and bioscience research. One of the major goals of the project is to provide a pseudonymised repository of histories of cancer patients that can be accessed by researchers. Robust mechanisms and policies are needed to ensure that patient privacy and confidentiality are preserved while delivering a repository of such medically rich information for the purposes of scientific research. This paper summarises the overall approach adopted by CLEF to meet data protection requirements, including the data flows and pseudonymisation mechanisms that are currently being developed. Intended constraints and monitoring policies that will apply to research interrogation of the repository are also outlined. Once evaluated, it is hoped that the CLEF approach can serve as a model for other distributed electronic health record repositories to be accessed for research