Exciting experience in participating EDM forum commissioned projects

1

Exciting experience in participating EDM forum commissioned projects

Protect Patient Privacy When Sharing Data for CER 12/01/11 – 6/01/12Write a commissioned paper (i.e., systematic review of privacy technologies of sharing data for Comparative Effectiveness Research) and present the paper at the June 15, 2012 EDM Forum Stakeholder Symposium. Making distributed models accessible and useful to data analysis 08/15/12 - 08/15/13Test a practical user interface to Grid LOgistic REgression (GLORE) across clinical sites.

2

Motivation

• We want to provide researchers a set of tools that enable efficient global data analyses without accessing patient-level health records.

• The EDM forum commissioned project provides us an opportunity to access the viability of distributed model that builds model without sharing data.

3

Distributed data analysis

Dataset A Dataset B

4


Dataset A Dataset B

5


Dataset A Dataset B

6


Dataset A Dataset B

7


Dataset A Dataset B

8

Distributed data analysisuntil global parameters convergeLoop n times:

Dataset A Dataset B

GLORE

Foundation of GLORE

9

• Suppose m-1 features are consistent over k sites

• In each iteration, intermediary results of a mxm matrix and a m-dimensional vector are transmitted to k-1 sites

No exchanging of raw data

Wu Y, Jiang X, Kim J, et al. Grid Binary LOgistic REgression (GLORE): building shared models without sharing data. J Am Med Inform Assoc 2012;2012:758–64.

10

Grid Logistic Regression as a webservice

MIT license

Healthcare

research

Data collection

Algorithm development

Software implementati

on

Results verification

11

Challenges and solutions• Privacy challenge

Ji Z, Jiang X, Wang S, et al. Differentially private distributed logistic regression using private and public data. BMC Med Genomics 2014;7:S14.

• Efficiency challengeWu Y, Jiang X, Kim J, et al. Grid Binary LOgistic REgression (GLORE): building shared models without sharing data. J Am Med Inform Assoc 2012;2012:758–64.

• Institutional privacy concernWu Y, Jiang X, Ohno-machado L. Preserving Institutional Privacy in Distributed Binary Logistic Regression. In: AMIA Annu Symp. Chicago, IL: 2012. 1450–8.

• UI challengeJiang W, Li P, Wang S, et al. WebGLORE: a web service for Grid LOgistic REgression. Bioinformatics 2013;29:3238–40.

• Implementation challengeJiang W, Wang S, et al. Development of a web service for model building in a distributed network, eGEMs (under revision), 2014.

12

Beyond WebGLORE• How to collaborate more efficiently and securely?

o Efficiency: Data user can delegate a part of collaborative studies into a cloud environment

o Security: public cloud cannot learn any information about the underlying data protected by the cryptographic technologies

13




Data A

Answer

Data A Data B

(a) Traditional encryption methods

Encrypted data A

14




Encrypted data A Encrypted data BData A

Answer

Data A

Answer

Data A Data B

(a) Traditional encryption methods

(b) Homomorphic encryption based method

Encrypted data A

15

An Analogy: Alice’s necklace

• Alice has some gemstones and gold

16


• Alice has some gemstones and gold• She wants to ask a worker to assemble raw materials

into a necklace

17


• Alice has some gemstones and gold• She wants to ask a worker to assemble raw materials

into a necklace

But, Alice is worried about theft. She wants the worker to process the raw materials without having access to them

18


• Alice solves the problem by locking the materials in a glove box

19



• She asks the worker to assemble the necklace in the box

20



• She asks the worker to assemble the necklace in the box• She unlocks the box to get the necklace without worry

about theft

21

The Analogy in Homomorphic (HM)

Operations• HM Encryption: put things inside the locked box

o Anyone can do this (e.g., a mail drop box)o Health data privacy can be protected by HM encryption

22




• HM Decryption: take the results out of the boxo Only the person who has the keyo Authorized researchers, stakeholders, etc.

23




• HM Decryption: take the results out of the boxo Only the person who has the keyo Authorized researchers, stakeholders, etc.

• HM Evaluation: work on the materials o Anyone can do it.o Compute encrypted data in a cloud environment without

sacrificing the privacy.

What can we do now using Homomorphic Encryption

(HME)?

24

Fully HME(e.g., enable

unlimited number of both addition and multiplication on encrypted data)

Partial HME(e.g., enable either

addition or multiplication on encrypted data, but not both)

Leveled HME(e.g., enable a

certain number of both addition and multiplication on encrypted data)Fl

exib

ilit

y

Complexity

Low High

Hig

h

Medium

Med

ium

25

Challenges and solutions• Supporting more types of operations

o HM encrypted data currently only support basic addition, multiplication or bit-wise shifting operations.

o Approximate advanced operations with addition and multiplication operations.

• E.g., Logarithm or exponential operation can be approximated by series expansion, which includes only addition and multiplication operations

26





• Supporting floating numbero All the HM operations are taken place on integero Use fixed point approximation

• E.g., the floating number 0.5 can be represented by an integer of 128 with respect to a base 256 (0.5 = 128/256)

27





• Supporting floating numbero All the HM operations are taken place on integero Use fixed point approximation

• E.g., the floating number 0.5 can be represented by an integer of 128 with respect to a base 256 (0.5 = 128/256)

• Complexity issueso HM operations are computationally demandingo Use Parallel computing to speed up HM operationso Leverage partial HM, leveled HM and fully HM operations in

different use cases.

28

Future work

Public Cloud services

Secure global model synthesisusing homomorphic computing

PrivateData

Private cloud at institution 1

Encryptor

PrivateData


Encryptor

PrivateData


Encryptor

Securely collaborate multiple data centers

homomorphic computing



Homomorphic encrypted federated-cloud computing

29

Thank you!• What is next?

o Two brief presentations to set the stage

o Breakout sessions in the afternoon

“Analytical Methods for a Learning Healthcare System”Michael Stoto, Georgetown University

“Distributed Statistical Model Fitting In Federated Networks: A user guide”Daniella Meeker, RAND Corporation and Jared Murray, Duke University

Room 304

Room 313

Documents

Exciting experience in participating EDM forum commissioned projects