| HOME | HELP | FEEDBACK | SUBSCRIPTIONS | ARCHIVE | SEARCH |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Submitted on April 9, 2004
Accepted on August 21, 2004
Affiliation of the authors: 1 Data Privacy Laboratory, School of Computer Science, Carnegie Mellon University, Pittsburgh, PA
* To whom correspondence should be addressed.
The increasing integration of patient-specific genomic data into clinical practice and research raises serious privacy concerns. In response, various systems for preserving patient privacy in shared genomic data have been developed and deployed. Though these systems de-identify the data by removing explicit identifiers (e.g. name, address, or Social Security number) and incorporate sound security design principles, they suffer from a lack of formal modeling of inferences learnable from shared data. This paper evaluates the extent to which current protection systems are capable of withstanding a range of re-identification methods, including genotype-phenotype inferences, location-visit patterns, family structures, and dictionary attacks. For a comparative re-identification analysis, the systems are mapped to a common formalism. Though there is variation in susceptibility, each system is deficient in its protection capacity. We discover patterns of protection failure and discuss several of the reasons why these systems are susceptible. The analyses and discussion within provide guideposts for the development of next generation protection methods amenable to formal proofs.
This article has been cited by other articles:
 |
|
 |
|
  M. W. Foster and R. R. Sharp Ethical issues in medical-sequencing research: implications of genotype-phenotype studies for individuals and populations. Hum. Mol. Genet., April 15, 2006; 15(suppl_1): R45 - R49. [Abstract] [Full Text] [PDF]
|
|
| HOME | HELP | FEEDBACK | SUBSCRIPTIONS | ARCHIVE | SEARCH |
