Online citations, reference lists, and bibliographies.
← Back to Search

Revealing The Spatial Distribution Of A Disease While Preserving Privacy

Shannon C. Wieland, C. Cassa, K. Mandl, Bonnie Berger
Published 2008 · Medicine

Save to my Library
Download PDF
Analyze on Scholarcy
Share
Datasets describing the health status of individuals are important for medical research but must be used cautiously to protect patient privacy. For patient data containing geographical identifiers, the conventional solution is to aggregate the data by large areas. This method often preserves privacy but suffers from substantial information loss, which degrades the quality of subsequent disease mapping or cluster detection studies. Other heuristic methods for de-identifying spatial patient information do not quantify the risk to individual privacy. We develop an optimal method based on linear programming to add noise to individual locations that preserves the distribution of a disease. The method ensures a small, quantitative risk of individual re-identification. Because the amount of noise added is minimal for the desired degree of privacy protection, the de-identified set is ideal for spatial epidemiological studies. We apply the method to patients in New York County, New York, showing that privacy is guaranteed while moving patients 25—150 times less than aggregation by zip code.
This paper references
10.1109/ICDE.2008.4497436
Privacy: Theory meets Practice on the Map
Ashwin Machanavajjhala (2008)
10.1073/pnas.0507804102
Confidentiality and spatially explicit data: Concerns and challenges
Leah K. Vanwey (2005)
Protecting tables with cell perturbation, Working Paper 25
J Salazar-Gonzalez (2005)
10.1002/(SICI)1097-0258(19990315)18:5<497::AID-SIM45>3.0.CO;2-#
Geographically masking health data to preserve confidentiality.
M. P. Armstrong (1999)
10.1145/1150402.1150460
On privacy preservation against adversarial data mining
C. Aggarwal (2006)
Putting People on the Map: Protecting Confidentiality with Linked Social-Spatial Data. Panel on Confidentiality Issues Arising from the Integration of Remotely Sensed and Self-Identifying Data
M P Gutmann (2007)
An inquiry into the cause of the prevalence of the yellow fever in New York
V Seaman (1798)
10.1002/SIM.4780140809
Spatial disease clusters: detection and inference.
M. Kulldorff (1995)
10.1109/ICDEW.2008.4498326
On breaching enterprise data privacy through adversarial information fusion
S. R. Ganta (2008)
THE CONFIDENTIALITY AND ANALYTIC USEFULNESS OF MASKED BUSINESS MICRODATA
Nancy L. Spruill (2002)
10.2105/AJPH.2005.069526
Privacy protection versus cluster detection in spatial epidemiology.
K. Olson (2006)
10.1007/s10115-004-0173-6
Random-data perturbation techniques and privacy-preserving data mining
H. Kargupta (2004)
Linear Programming and Its Applications (Springer, New York)
JK Strayer (1989)
10.1002/(SICI)1097-0258(19960915)15:17<1895::AID-SIM401>3.0.CO;2-W
Protecting confidentiality in small population health and environmental statistics.
L. Cox (1996)
10.1007/978-1-4612-1009-2
Linear Programming and Its Applications
James K. Strayer (1989)
10.1145/1066157.1066165
To do or not to do: the dilemma of disclosing anonymized data
L. Lakshmanan (2005)
10.1056/NEJMC061891
No place to hide--reverse identification of patients from published maps.
J. Brownstein (2006)
10.1016/J.ANNEMERGMED.2004.08.008
From Hippocrates to HIPAA: Privacy and confidentiality in Emergency Medicine—Part I: Conceptual, moral, and legal foundations
J. Moskop (2005)
10.1142/S0218488502001648
k-Anonymity: A Model for Protecting Privacy
L. Sweeney (2002)
Obtaining Information while Preserving Privacy: A Markov Perturbation Method for Tabular Data
G. Duncan (1997)
Census 2000: Census Block Groups Cartographic Boundary Files Descriptions and Metadata
Us Census (2000)
10.1057/PALGRAVE.JPHP.3200029
Confidentiality and Confidence: Is Data Aggregation a Means to Achieve Both?
N. Fefferman (2005)
10.1197/jamia.M1920
Application of Information Technology: A Context-sensitive Approach to Anonymizing Spatial Surveillance Data: Impact on Outbreak Detection
C. Cassa (2006)



This paper is referenced by
10.1093/aje/kwq248
Mapping health data: improved privacy protection with donut method geomasking.
K. H. Hampton (2010)
10.1016/j.dcn.2018.03.008
Current, future and potential use of mobile and wearable technologies and social media data in the ABCD study to increase understanding of contributors to child health
K.S. Bagot (2018)
10.3414/ME11-01-0001
Multidimensional point transform for public health practice.
P. AbdelMalik (2012)
10.1371/journal.pmed.1000376
Participatory Epidemiology: Use of Mobile Phones for Community-Based Health Reporting
C. Freifeld (2010)
10.1111/TGIS.12462
NRand-K: Minimizing the impact of location obfuscation in spatial analysis
M. Zurbarán (2018)
10.1108/JSIT-09-2017-0074
Detection of phishing websites using a novel twofold ensemble model
K. Nagaraj (2018)
10.2139/ssrn.3530888
A Graph Theoretic Linkage Attack on Microdata in a Metric Space
Martin Kröll (2014)
10.3390/ijerph15112406
Space-Time Statistical Insights about Geographic Variation in Lung Cancer Incidence Rates: Florida, USA, 2000–2011
Lan Hu (2018)
10.1111/jlme.12036
Privacy and Anonymity Challenges When Collecting Data for Public Health Purposes
K. Emam (2013)
10.1080/13658816.2015.1101767
Privacy and spatial pattern preservation in masked GPS trajectory data
Dara E. Seidl (2016)
10.1080/15230406.2015.1095655
The location swapping method for geomasking
S. Zhang (2017)
10.1186/s12942-015-0031-7
Anonymisation of geographical distance matrices via Lipschitz embedding
Martin Kroll (2016)
10.1007/s40980-015-0013-1
Influence of Demographic and Health Survey Point Displacements on Raster-Based Analyses
Carolina Perez-Heydrich (2016)
10.1111/j.1467-9671.2012.01350.x
The Effect of Data Inaccuracy on Tests of Space-Time Interaction
Nicholas Malizia (2013)
10.1093/bioinformatics/btw009
Realizing privacy preserving genome-wide association studies
Sean Simmons (2016)
10.1080/13658816.2015.1085540
A multiscale masking method for point geographic data
K. Clarke (2016)
10.1080/15230406.2014.972456
UK open source crime data: accuracy and possibilities for research
L. Tompson (2015)
10.1177/1556264618759877
A Geoprivacy by Design Guideline for Research Campaigns That Use Participatory Sensing Data
O. Kounadi (2018)
10.1016/j.socscimed.2016.08.009
Confidentiality considerations for use of social-spatial data on the social determinants of health: Sexual and reproductive health case study.
Danielle F. Haley (2016)
10.1007/s10109-017-0252-3
Geospatial cryptography: enabling researchers to access private, spatially referenced, human subjects data for cancer control and prevention
G. Jacquez (2017)
10.3390/ijgi8120544
How Is the Confidentiality of Crime Locations Affected by Parameters in Kernel Density Estimation?
Z. Wang (2019)
10.1080/10106049.2010.496496
Geomasking sensitive health data and privacy protection: an evaluation using an E911 database
William B Allshouse (2010)
10.1111/tgis.12125
Spatial Information Divergence: Using Global and Local Indices to Compare Geographical Masks Applied to Crime Data
O. Kounadi (2015)
10.1186/s12942-020-00201-9
Daily activity locations k-anonymity for the evaluation of disclosure risk of individual GPS datasets
J. Wang (2020)
Striking The Balance: Privacy And Spatial Pattern Preservation In Masked Gps Data
Dara E. Seidl (2014)
10.1080/15230406.2018.1544932
An empirical test of household identification risk in geomasked maps
Dara E. Seidl (2019)
10.1007/978-3-642-33627-0_18
Confidentialising Maps of Mixed Point and Diffuse Spatial Data
C. O'Keefe (2012)
10.1186/s12942-019-0194-8
Addressing the data guardian and geospatial scientist collaborator dilemma: how to share health records for spatial analysis while maintaining patient confidentiality
Jayakrishnan Ajayakumar (2019)
10.1016/j.compenvurbsys.2016.01.004
Adaptive areal elimination (AAE): A transparent way of disclosing protected spatial datasets
O. Kounadi (2016)
10.1080/12265934.2018.1482778
An evaluation of kernel smoothing to protect the confidentiality of individual locations
M. Lee (2019)
10.1017/aap.2020.9
Ethics and Best Practices for Mapping Archaeological Sites
C. Smith (2020)
10.1080/15420353.2011.534685
The Role of the Map and Geographic Information Library in Medical Geographic Research
E. Cromley (2011)
See more
Semantic Scholar Logo Some data provided by SemanticScholar