Privacy-Preserving Data Releases for Health Report Generation

Regional healthcare initiatives seek to improve the quality of healthcare by collecting, analyzing, and disseminating information about chronic diseases such as diabetes. The data required to support such initiatives comes from several organizations such as insurers, physicians, hospitals, pharmacies and labs each of which gather and maintain data for the purpose of healthcare delivery. In this paper, we focus on mediator-based architectures and the privacy problems that arise in the healthcare context owing to the linkage of information about patients, physicians, and diseases enabled by the mediator. In particular, we examine privacy issues for the two separate steps of the actual data release. First, raw data is released to the (not necessarily trustworthy) mediator and second, the mediator creates and releases the health report. For both steps, we present a technical solution that permits the final report to be useful to the user while respecting the data owners' privacy.