Embed Size (px)
DESCRIPTION
Chapter 8. Multilateral Security Information flowing across boundaries. Multilateral Models. Compartmentation Chinese wall BMA (British Medical Association) Develop system to track from conception to autopsy Policy consists of nine principles listed on pages 170-171 - PowerPoint PPT Presentation
Citation preview
Chapter 8
Multilateral Security
Information flowing across boundaries
Multilateral Models
CompartmentationChinese wallBMA (British Medical Association)
Develop system to track from conception to autopsy
Policy consists of nine principles listed on pages 170-171
Pilot implementations of BMA are in service
Inference Control
If take name off of medical record is that enough?
Medicare keeps 3 sets of records Complete records Beneficiary encrypted Public access
Inference control first looked at in census data One record in 1000 made available Noise added Extreme values not included in averages
Theory of inference control
Query set size controlTrackersCell suppression
Which sometimes requires complementary cell suppression
Limit number of attributes of queryAudit based controlsRandomization
De-identification
It is hardIssues can be politically fraughtHow to pick out specific data in a sea of
information
Residual problem
Insurers get all the data in order to pay claim
They want to know who the most expensive doctors and patients are
These are politically charged issue that seldom have rational solutions
Medical records
Easy problem setting up system of access controls to the record can only be viewed by sensible number of staff
Harder problem statistical securityHardest problem managing interface
between the 2Specifically to medicine how to prevent
spread of payment information
Discussion articles
Current state of BMAGenetic database in IcelandInference cases
List of Resources
Multilateral securityhttp://csrc.nist.gov/nissc/2000/proceedings/
papers/202ra.pdfChinese Wall
http://www.gammassl.co.uk/topics/chinesewall.html
List of Resources
Inference controlhttp://www.parc.xerox.com/research/publica
tions/details.php?id=5264http://www.parc.xerox.com/research/publica
tions/files/5264.pdfhttp://www.informatik.uni-trier.de/~ley/db/co
nf/icsd/icsd2002.htmlhttp://www.iis.sinica.edu.tw/~tshsu/projects/
inf.html
List of resources
De-identificationhttp://www.mii.ucla.edu/dataserver-
documentation-features-de-identificationhttp://www.haifa.ibm.com/projects/
software/udip/index.htmlhttp://www.sunclinical.com/old%20site_back
%20up/about/privacy.htm
