Enhanced Architecture for Privacy Preserving Data Integration in a Medical Research Environment

Abstract

Recent advancement in digital and communication technologies has brought privacy aspects to the forefront. Although e-health has many advantages and it facilitates the patients and health service providers significantly, the possibility of privacy breaches can allow sensitive health care information to move into the wrong hands. Designing robust privacy preserving policies to strengthen the trust of patients in electronic health records is imperative for its wide spread acceptance and success. In this paper, we propose, a framework to solve the privacy problem in a heterogeneous network of many clinical institutions while preserving data utility and patients' privacy. The contributions of this paper include: (1) scalable privacy-enabled architecture supporting re-identification of patient identity, and (2) context-aware privacy-preserving scheme supporting named and anonymous linked access to medical data stored at one or more health service providers. Moreover, to demonstrate the correctness of proposed privacy-aware scheme, we performed formal modeling and verification using high-level Petri nets and Z3 Solver.