A method for evaluating marketer re-identification risk

ACM International Conference Proceeding Series

Volumn , Issue , 2010, Pages

  Dankar, Fida Kamal ^a   El Emam, Khaled ^a  

^a CHILDREN S HOSPITAL OF EASTERN ONTARIO   (Canada)

Author keywords

disclosure control; identity disclosure; privacy; re identification risk

Indexed keywords

DATA SETS; DISCLOSURE CONTROL; IDENTITY DISCLOSURE; PRIVACY; RE-IDENTIFICATION RISK;

DATABASE SYSTEMS; HEALTH RISKS;

IDENTIFICATION (CONTROL SYSTEMS);

EID: 77955821670     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1754239.1754271     Document Type: Conference Paper

References (52)

1. C. Safran, M. Bloomrosen, E. Hammond, S. Labkoff, K.-F. S, P. Tang, and D. Detmer, "Toward a national framework for the secondary use of health data: An American Medical Informatics Association white paper," Journal of the American Medical Informatics Association, vol. 14, pp. 1-9, 2007.
2. "Transforming healthcare through secondary use of health data," PriceWaterhouseCoopers 2009.
3. K. El Emam and F. K. Dankar, "Protecting privacy using kanonymity," Journal of the American Medical Informatics Association, vol. 15, pp. 627-637, September/October 2008.
4. T. Dalenius, "Finding a needle in a haystack or identifying anonymous census records," Journal of Official Statistics, vol. 2, pp. 329-336, 1986.
5. K. El Emam, A. Brown, and P. Abdelmalik, "Evaluating Predictors of Geographic Area Population Size Cutoffs to Manage Re-identification Risk," Journal of the American Medical Informatics Association, vol. (accepted), 2008.
6. K. El Emam, S. Jabbouri, S. Sams, Y. Drouet, and M. Power, "Evaluating common de-identification heuristics for personal health information," Journal of Medical Internet Research, vol. 8, p. e28, 2006.
7. K. El Emam, E. Jonker, S. Sams, E. Neri, A. Neisa, T. Gao, and S. Chowdhury, "Pan-Canadian De-Identification Guidelines for Personal Health Information (report prepared for the Office of the Privacy Commissioner of Canada)," 2007.
8. Canadian Institutes of Health Research, "CIHR best practices for protecting privacy in health research," Canadian Institutes of Health Research 2005.
9. ISO/TS 25237, "Health Informatics: Pseudonymization," 2008.
10. K. Benitz and B. Malin, "Evaluating re-identification risks with respect to the HIPAA privacy rule," Journal of the American Medical Informatics Association, 2010.
11. P. Kosseim and K. El Emam, "Privacy Interests in Prescription Records, Part 1: Prescriber Privacy," IEEE Security and Privacy, vol. 7, pp. 72-76, 2009.
12. K. El Emam and P. Kosseim, "Privacy Interests in Prescription Records, Part 2: Patient Privacy," IEEE Security and Privacy, vol. 7, pp. 75-78, 2009.
13. K. El Emam, F. K. Dankar, R. Vaillancourt, T. Roffey, and M. Lysyk, "Evaluating patient re-identification risk from hospital prescription records," Canadian Journal of Hospital Pharmacy, vol. 62, pp. 307-319, 2009.
14. National Institutes of Health, "Policy for Sharing of Data Obtained in NIH Supported or Conducted Genome-Wide Association Studies (GWAS) ". vol. NOT-OD-07-088, 2007.
15. G. Loukides, J. Denny, and B. Malin, "Do clinical profiles constitute privacy risks for research participants ?," in Proceedings of the AMIA Symposium, 2009.
16. S. Stolfo, S. Bellovin, S. Herkshop, A. Keromytis, S. Sinclair, and S. Smith, Insider attack and cyber security: Springer-verlag, 2008.
17. E. Kowalski, D. Cappelli, and A. Moore, "Insider Threat Study: Illicit Cyber Activity in the Information Technology and Telecommunications Sector," in Carnegie Mellon University and the United States Secret Service, 2008.
18. M. Randazzo, M. Keeney, E. Kowalski, D. Cappelli, and A. Moore, "Insider Threat Study: Illicit Cyber Activity in the Banking and Finance Sector," in Carnegie Mellon University and the United States Secret Service, 2004.
19. M. Keeney, E. Kowalski, D. Cappelli, A. Moore, T. Shimeall, and S. Rogers, "Insider Threat Study: Computer System Sabotage in Critical Infrastructure Sectors," in Carnegie Mellon University and the United States Secret Service, 2005.
20. E. Kowalski, T. Conway, S. Keverline, M. Williams, D. Cappelli, B. Willke, and A. Moore, "Insider Threat Study: Illicit Cyber Activity in the Government Sector," in Carnegie Mellon University and the United States Secret Service, 2008.
21. Kroll Fraud Solutions, "HIMSS Analytics Report: Security of Patient ", 2008.
22. CSO Magazine, "2006 e-crime watch survey," US Secret Service, Carnegie Mellon University, and Microsoft Corporation 2006.
23. J. Predd, J. Hunker, and C. Bulford, "Insiders behaving badly," IEEE Security and Privacy, vol. 6, pp. 66-70, 2008.
24. CSI, "14th Annual CSI Computer Crime and Security Survey," 2009.
25. Ponemon Institute, "Data loss risks during downsizing," 2009.
26. Verizon Business Risk Team, "2009 data breach investigations report," 2009.
27. PriceWaterhouseCoopers, "Safeguarding the new currency of business: Findings from the 2008 global state of information security study," 2008.
28. K. El Emam and M. King, "The data breach analyzer," 2009,
29. [Available at: http://www.ehealthinformation.ca/dataloss].
30. E. Shaw, K. Ruby, and M. Jerrold, "The insider Threat to Information Systems," Department of Defense Security Institute 1998.
31. S. Bell, "Alleged LTTE front had voter lists," in National Post, 2006.
32. S. Bell, "Privacy chief probes how group got voter lists," in National Post, 2006.
33. C. Freeze and C. Clark, "Voters lists 'most disturbing' items seized in Tamil raids, documents say," in Globe and Mail, May 7, 2008.
34. J. Domingo-Ferrer and V. Torra, "Disclosure risk assessment in statistical microdata protection via advanced record linkage," Statistics and Computing, vol. 13, 2003.
35. T. M. Truta, F. Fotouhi, and D. Barth-Jones, "Assessing global disclosure risk in masked microdata," in Proceedings of the Workshop on Privacy and Electronic Society (WPES2004), in conjunction with 11th ACM CCS, 2004, pp. 85-93.
36. R. Benedetti, A. Capobianchi, and L. Franconi, "Individual risk of disclosure using sampling design information," Istituto nazionale di statistica (Italy) 2003.
37. C. Skinner and N. Shlomo, "Assessing identification risk in survey microdata using log-linear models," Journal of the American Statistical Association, vol. 103, pp. 989-1001, 2008.
38. J. Bethlehem, W. Keller, and J. Pannekoek, "Disclosure control of microdata," Journal of the American Statistical Association, vol. 85, pp. 38-45, 1990.
39. Y. Rinott, "On models for statistical disclosure risk estimation," Joint ECE/Eurostat Working Session on Statistical Data Confidentiality 2003.
40. N. Cressie, A. S. Davis, J. Folks, and G. E. Policello, "The Moment Generating Function and Negative Integer Moments," American Statistician, vol. 35, pp. 148-150, 1981.
41. P. Haas and L. Stokes, "Estimating the number of classes in a finite population," Journal of the American Statistical Association, vol. 93, pp. 1475-1487, 1998.
42. H. Howe, A. Lake, and T. Shen, "Method to assess identifiability in electronic data files," American Journal of Epidemiology, vol. 165, pp. 597-601, 2007.
43. H. Howe, A. Lake, M. Lehnherr, and D. Roney, "Unique record identification on public use files as tested on the 1994-1998 CINA analytic file," North American Association of Central Cancer Registries 2002.
44. K. El Emam, "Heuristics for de-identifying health data," IEEE Security and Privacy, pp. 72-75, July/August 2008.
45. S. Polsky, "Witness statement to the Standing Senate Committee on Legal and Constitutional Affairs," Parliament of Canada 2007.
46. Symantec, "Symantec Global Internet Threat Report - Trends for July-December 07," Symantec Enterprise Security 2008.
47. Symantec, "What is the underground economy ?," 2009,
48. [Available at: http://www.everyclickmatters.com/victim/assessmenttool. html].
49. N. Luck and J. Burns, "Your secrets for sale," in Daily Express, 1994.
50. L. Rogers and D. Leppard, "For sale: Your secret medical record for 150," in Sunday Times, 1995, p. 2.
51. D. Kravets, "Extortion Plot Threatens to Divulge Millions of Patients' Prescriptions," in Wired, 2008.
52. B. Krebs, "Hackers Break Into Virginia Health Professions Database, Demand Ransom," in Washington Post. vol. May 4, 2009.