Confidentiality of the Patient Records and the Data Inference Problem

Brankovic, Ljiljana; Miller, M; Bomba, L; Cooper, J; Morris, S; Pacheco, F

Author(s)

Brankovic, Ljiljana

Miller, M

Bomba, L

Cooper, J

Morris, S

Pacheco, F

Publication Date

1995

Abstract

The problem of data inference from statistical queries (such as MAX, MIN.AVG, SUM and COUNT) is particularly pertinent to medical databases. A medical database is used by individual doctors each of whom has an unrestricted access to their own patients' records. Additionally, medical researchers and health authorities have access to the answers to statistical queries about subpopulations of the database but not to any of the individual records. However, it is often possible to infer information about an individual from the answers to statistical queries by correlating the obtained statistics (possibly supplemented by other information obtained from within or without the database). If this happens, we say that the database has been compromised. At present, none of the commercially available database management systems offer any form of protection from data inference due to statistical queries. The situation is likely to change as more medical information systems become computerised and integrated. In this paper we present an overview of the data inference problem, the most common data inference techniques and the available mechanisms for the prevention of a database compromise

Citation

HIC 95: It's Time for Healthcare: Proceedings of the Third National Health Informatics Conference, Adelaide, Australia 16th-17th October, p. 67-69

ISBN

0646251090

Link

https://hdl.handle.net/1959.11/62185

Language

en

Publisher

Health Informatics Society of Australia

Title

Confidentiality of the Patient Records and the Data Inference Problem

Type of document

Conference Publication

Entity Type

Publication

Author(s)	Brankovic, Ljiljana Miller, M Bomba, L Cooper, J Morris, S Pacheco, F
Publication Date	1995
Abstract	The problem of data inference from statistical queries (such as MAX, MIN.AVG, SUM and COUNT) is particularly pertinent to medical databases. A medical database is used by individual doctors each of whom has an unrestricted access to their own patients' records. Additionally, medical researchers and health authorities have access to the answers to statistical queries about subpopulations of the database but not to any of the individual records. However, it is often possible to infer information about an individual from the answers to statistical queries by correlating the obtained statistics (possibly supplemented by other information obtained from within or without the database). If this happens, we say that the database has been compromised. At present, none of the commercially available database management systems offer any form of protection from data inference due to statistical queries. The situation is likely to change as more medical information systems become computerised and integrated. In this paper we present an overview of the data inference problem, the most common data inference techniques and the available mechanisms for the prevention of a database compromise
Citation	HIC 95: It's Time for Healthcare: Proceedings of the Third National Health Informatics Conference, Adelaide, Australia 16th-17th October, p. 67-69
ISBN	0646251090
Link	https://hdl.handle.net/1959.11/62185
Language	en
Publisher	Health Informatics Society of Australia
Title	Confidentiality of the Patient Records and the Data Inference Problem
Type of document	Conference Publication
Entity Type	Publication

Confidentiality of the Patient Records and the Data Inference Problem

Files: