New Publication: "Privacy Protocol for Linking Distributed Medical Data"
Von: Daniel Janusz, Martin Kost, Johann-Christoph Freytag
To be published in the Proceedings of the 9th Workshop on SECURE DATA MANAGEMENT (SDM'12) at the 38th Conference on Very Large Data Bases (VLDB), Turkey, August 2012.
Health care providers need to exchange medical data to provide complex medical treatments. In general, regulations of privacy protection define strong constraints for exchanging such personal data within a distributed system. Privacy-preserving query protocols provide mechanisms for implementing and maintaining these privacy constraints. In this paper, we introduce a new two-phase protocol for protecting the privacy of patients. The first phase implements a private record linking. Thereby, the queried data provider links the received query with matching records in his data base. In the second phase, a requestor and a data provider perform an authorized exchange of matched patient data. Thus, our protocol provides a method for health care providers to exchange individual medical data in a privacy preserving manner. In contrast to other approaches, we actively involve patients in the exchange process. We apply the honest-but-curious adversary model to our protocol in order to evaluate our approach with respect to complexity and the degree of privacy protection.