Re-identification of medical records by optimum quasi-identifiers

Abstract

Recently, medical records are shared to online for a purpose of medical research and expert opinion. There is a problem with sharing the medical records. If someone knows the subject of the record by using various methods, it can result in an invasion of the patient's privacy. De-identification techniques are applicable to address the problem, however, de-identified data has a risk of re-identification. For this reason, if de-identification techniques are not sufficient, it may increase a risk of re-identification. On the contrary, if the techniques are too excessive, data utility may be damaged. Meanwhile, de-identified data can be re-identified from inference using background knowledge. The objective of this paper is to analyze the probability of re-identification according to inferable quasi-identifiers. We analyzed factors, inferable quasi-identifiers, which can be inferred from background knowledge. Then, we estimated the probability of re-identification from taking advantage of the factors. As a result, we determined the effect of the re-identification according to the type and the range of inferable quasi-identifiers. This paper contributes to a decision on de-identification target and level for protecting patient's privacy through a comparative analysis of the probability of re-identification according to the type and the range of inference.