|
1
|
Driver EM, Ahsan M, Piske L, Lee H, Forrest S, Halden RU, Trieu N. Encrypted data-sharing for preserving privacy in wastewater-based epidemiology. THE SCIENCE OF THE TOTAL ENVIRONMENT 2024; 940:173315. [PMID: 38761955 DOI: 10.1016/j.scitotenv.2024.173315] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Key Words] [MESH Headings] [Track Full Text] [Subscribe] [Scholar Register] [Received: 02/18/2024] [Revised: 04/29/2024] [Accepted: 05/15/2024] [Indexed: 05/20/2024]
Abstract
The rapidly expanding use of wastewater for public health surveillance requires new strategies to protect privacy rights, while data are collected at increasingly discrete geospatial scales, i.e., city, neighborhood, campus, and building-level. Data collected at high geospatial resolution can inform on labile, short-lived biomarkers, thereby making wastewater-derived data both more actionable and more likely to cause privacy concerns and stigmatization of subpopulations. Additionally, data sharing restrictions among neighboring cities and communities can complicate efforts to balance public health protections with citizens' privacy. Here, we have created an encrypted framework that facilitates the sharing of sensitive population health data among entities that lack trust for one another (e.g., between adjacent municipalities with different governance of health monitoring and data sharing). We demonstrate the utility of this approach with two real-world cases. Our results show the feasibility of sharing encrypted data between two municipalities and a laboratory, while performing secure private computations for wastewater-based epidemiology (WBE) with high precision, fast speeds, and low data costs. This framework is amenable to other computations used by WBE researchers including population normalized mass loads, fecal indicator normalizations, and quality control measures. The Centers for Disease Control and Prevention's National Wastewater Surveillance System shows ∼8 % of the records attributed to collection before the wastewater treatment plant, illustrating an opportunity to further expand currently limited community-level sampling and public health surveillance through security and responsible data-sharing as outlined here.
Collapse
Affiliation(s)
- Erin M Driver
- Biodesign Center for Environmental Health Engineering, Arizona State University, Tempe, AZ 85287, USA
| | - Manazir Ahsan
- Biodesign Center for Biocomputing, Security and Society, Arizona State University, Tempe, AZ 85287, USA; School of Computing and Augmented Intelligence, Arizona State University, Tempe, AZ 85287, USA
| | - Lucas Piske
- Biodesign Center for Biocomputing, Security and Society, Arizona State University, Tempe, AZ 85287, USA; School of Computing and Augmented Intelligence, Arizona State University, Tempe, AZ 85287, USA
| | - Heewook Lee
- Biodesign Center for Biocomputing, Security and Society, Arizona State University, Tempe, AZ 85287, USA; School of Computing and Augmented Intelligence, Arizona State University, Tempe, AZ 85287, USA
| | - Stephanie Forrest
- Biodesign Center for Biocomputing, Security and Society, Arizona State University, Tempe, AZ 85287, USA; School of Computing and Augmented Intelligence, Arizona State University, Tempe, AZ 85287, USA; College of Health Solutions, Arizona State University, Tempe, AZ 85287, USA
| | - Rolf U Halden
- Biodesign Center for Environmental Health Engineering, Arizona State University, Tempe, AZ 85287, USA; School of Sustainable Engineering and the Built Environment, Arizona State University, Tempe, AZ 85287, USA.
| | - Ni Trieu
- Biodesign Center for Biocomputing, Security and Society, Arizona State University, Tempe, AZ 85287, USA; School of Computing and Augmented Intelligence, Arizona State University, Tempe, AZ 85287, USA.
| |
Collapse
|
|
2
|
Suh J, Lee G, Kim JW, Shin J, Kim YJ, Lee SW, Kim S. Privacy-Preserving Prediction of Postoperative Mortality in Multi-Institutional Data: Development and Usability Study. JMIR Med Inform 2024; 12:e56893. [PMID: 38968600 PMCID: PMC11259763 DOI: 10.2196/56893] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Key Words] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Received: 01/29/2024] [Revised: 05/07/2024] [Accepted: 06/08/2024] [Indexed: 07/07/2024] Open
Abstract
BACKGROUND To circumvent regulatory barriers that limit medical data exchange due to personal information security concerns, we use homomorphic encryption (HE) technology, enabling computation on encrypted data and enhancing privacy. OBJECTIVE This study explores whether using HE to integrate encrypted multi-institutional data enhances predictive power in research, focusing on the integration feasibility across institutions and determining the optimal size of hospital data sets for improved prediction models. METHODS We used data from 341,007 individuals aged 18 years and older who underwent noncardiac surgeries across 3 medical institutions. The study focused on predicting in-hospital mortality within 30 days postoperatively, using secure logistic regression based on HE as the prediction model. We compared the predictive performance of this model using plaintext data from a single institution against a model using encrypted data from multiple institutions. RESULTS The predictive model using encrypted data from all 3 institutions exhibited the best performance based on area under the receiver operating characteristic curve (0.941); the model combining Asan Medical Center (AMC) and Seoul National University Hospital (SNUH) data exhibited the best predictive performance based on area under the precision-recall curve (0.132). Both Ewha Womans University Medical Center and SNUH demonstrated improvement in predictive power for their own institutions upon their respective data's addition to the AMC data. CONCLUSIONS Prediction models using multi-institutional data sets processed with HE outperformed those using single-institution data sets, especially when our model adaptation approach was applied, which was further validated on a smaller host hospital with a limited data set.
Collapse
Affiliation(s)
- Jungyo Suh
- Department of Urology, Asan Medical Center, University of Ulsan College of Medicine, Seoul, Republic of Korea
| | - Garam Lee
- CryptoLab Inc, Seoul, Republic of Korea
| | | | | | - Yi-Jun Kim
- Department of Environmental Medicine, Ewha Womans University College of Medicine, Seoul, Republic of Korea
| | - Sang-Wook Lee
- Department of Anesthesiology and Pain Medicine, Asan Medical Center, University of Ulsan College of Medicine, Seoul, Republic of Korea
| | - Sulgi Kim
- CryptoLab Inc, Seoul, Republic of Korea
| |
Collapse
|
|
3
|
Gottardelli B, Gatta R, Nucciarelli L, Tudor AM, Tavazzi E, Vallati M, Orini S, Di Giorgi N, Damiani A. GEN-RWD Sandbox: bridging the gap between hospital data privacy and external research insights with distributed analytics. BMC Med Inform Decis Mak 2024; 24:170. [PMID: 38886772 PMCID: PMC11184891 DOI: 10.1186/s12911-024-02549-5] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Key Words] [MESH Headings] [Grants] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Received: 12/27/2023] [Accepted: 05/21/2024] [Indexed: 06/20/2024] Open
Abstract
BACKGROUND Artificial intelligence (AI) has become a pivotal tool in advancing contemporary personalised medicine, with the goal of tailoring treatments to individual patient conditions. This has heightened the demand for access to diverse data from clinical practice and daily life for research, posing challenges due to the sensitive nature of medical information, including genetics and health conditions. Regulations like the Health Insurance Portability and Accountability Act (HIPAA) in the U.S. and the General Data Protection Regulation (GDPR) in Europe aim to strike a balance between data security, privacy, and the imperative for access. RESULTS We present the Gemelli Generator - Real World Data (GEN-RWD) Sandbox, a modular multi-agent platform designed for distributed analytics in healthcare. Its primary objective is to empower external researchers to leverage hospital data while upholding privacy and ownership, obviating the need for direct data sharing. Docker compatibility adds an extra layer of flexibility, and scalability is assured through modular design, facilitating combinations of Proxy and Processor modules with various graphical interfaces. Security and reliability are reinforced through components like Identity and Access Management (IAM) agent, and a Blockchain-based notarisation module. Certification processes verify the identities of information senders and receivers. CONCLUSIONS The GEN-RWD Sandbox architecture achieves a good level of usability while ensuring a blend of flexibility, scalability, and security. Featuring a user-friendly graphical interface catering to diverse technical expertise, its external accessibility enables personnel outside the hospital to use the platform. Overall, the GEN-RWD Sandbox emerges as a comprehensive solution for healthcare distributed analytics, maintaining a delicate equilibrium between accessibility, scalability, and security.
Collapse
Affiliation(s)
- Benedetta Gottardelli
- Department of Diagnostic Imaging, Oncological Radiotherapy and Hematology, Università Cattolica del Sacro Cuore, Rome, Italy
| | - Roberto Gatta
- Department of Clinical and Experimental Sciences, Università degli Studi di Brescia, Brescia, Italy
| | - Leonardo Nucciarelli
- Department of Diagnostic Imaging, Oncological Radiotherapy and Hematology, Università Cattolica del Sacro Cuore, Rome, Italy.
| | - Andrada Mihaela Tudor
- Department of Diagnostic Imaging, Oncological Radiotherapy and Hematology, Università Cattolica del Sacro Cuore, Rome, Italy
| | - Erica Tavazzi
- Department of Information Engineering, University of Padova, Padova, Italy
| | - Mauro Vallati
- School of Computing and Engineering, University of Huddersfield, Huddersfield, UK
| | - Stefania Orini
- Department of Clinical and Experimental Sciences, Università degli Studi di Brescia, Brescia, Italy
- Alzheimer Operative Unit, IRCCS Istituto Centro San Giovanni di Dio Fatebenefratelli, Brescia, Italy
| | | | - Andrea Damiani
- Fondazione Policlinico Universitario Agostino Gemelli IRCCS, Rome, Italy
| |
Collapse
|
|
4
|
Chen H, Pang J, Zhao Y, Giddens S, Ficek J, Valente MJ, Cao B, Daley E. A data-driven approach to choosing privacy parameters for clinical trial data sharing under differential privacy. J Am Med Inform Assoc 2024; 31:1135-1143. [PMID: 38457282 PMCID: PMC11031247 DOI: 10.1093/jamia/ocae038] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Key Words] [MESH Headings] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Received: 11/22/2023] [Revised: 01/27/2024] [Accepted: 02/16/2024] [Indexed: 03/10/2024] Open
Abstract
OBJECTIVES Clinical trial data sharing is crucial for promoting transparency and collaborative efforts in medical research. Differential privacy (DP) is a formal statistical technique for anonymizing shared data that balances privacy of individual records and accuracy of replicated results through a "privacy budget" parameter, ε. DP is considered the state of the art in privacy-protected data publication and is underutilized in clinical trial data sharing. This study is focused on identifying ε values for the sharing of clinical trial data. MATERIALS AND METHODS We analyzed 2 clinical trial datasets with privacy budget ε ranging from 0.01 to 10. Smaller values of ε entail adding greater amounts of random noise, with better privacy as a result. Comparison of rates, odds ratios, means, and mean differences between the original clinical trial datasets and the empirical distribution of the DP estimator was performed. RESULTS The DP rate closely approximated the original rate of 6.5% when ε > 1. The DP odds ratio closely aligned with the original odds ratio of 0.689 when ε ≥ 3. The DP mean closely approximated the original mean of 164.64 when ε ≥ 1. As ε increased to 5, both the minimum and maximum DP means converged toward the original mean. DISCUSSION There is no consensus on how to choose the privacy budget ε. The definition of DP does not specify the required level of privacy, and there is no established formula for determining ε. CONCLUSION Our findings suggest that the application of DP holds promise in the context of sharing clinical trial data.
Collapse
Affiliation(s)
- Henian Chen
- Study Design and Data Analysis, College of Public Health, University of South Florida, Tampa, FL 33612, United States
| | - Jinyong Pang
- Study Design and Data Analysis, College of Public Health, University of South Florida, Tampa, FL 33612, United States
| | - Yayi Zhao
- Study Design and Data Analysis, College of Public Health, University of South Florida, Tampa, FL 33612, United States
| | - Spencer Giddens
- Department of Applied and Computational Mathematics and Statistics, University of Notre Dame, Notre Dame, IN 46556, United States
| | - Joseph Ficek
- Oncology Statistics, GlaxoSmithKline, Collegeville, PA 19426, United States
| | - Matthew J Valente
- Study Design and Data Analysis, College of Public Health, University of South Florida, Tampa, FL 33612, United States
| | - Biwei Cao
- Study Design and Data Analysis, College of Public Health, University of South Florida, Tampa, FL 33612, United States
| | - Ellen Daley
- The Lawton and Rhea Chiles Center for Children and Families, College of Public Health, University of South Florida, Tampa, FL 33612, United States
| |
Collapse
|
|
5
|
He X, Zheng X, Ding H. Existing Barriers Faced by and Future Design Recommendations for Direct-to-Consumer Health Care Artificial Intelligence Apps: Scoping Review. J Med Internet Res 2023; 25:e50342. [PMID: 38109173 PMCID: PMC10758939 DOI: 10.2196/50342] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Key Words] [MESH Headings] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Received: 07/01/2023] [Revised: 09/20/2023] [Accepted: 11/28/2023] [Indexed: 12/19/2023] Open
Abstract
BACKGROUND Direct-to-consumer (DTC) health care artificial intelligence (AI) apps hold the potential to bridge the spatial and temporal disparities in health care resources, but they also come with individual and societal risks due to AI errors. Furthermore, the manner in which consumers interact directly with health care AI is reshaping traditional physician-patient relationships. However, the academic community lacks a systematic comprehension of the research overview for such apps. OBJECTIVE This paper systematically delineated and analyzed the characteristics of included studies, identified existing barriers and design recommendations for DTC health care AI apps mentioned in the literature and also provided a reference for future design and development. METHODS This scoping review followed the Preferred Reporting Items for Systematic Reviews and Meta-Analyses Extension for Scoping Reviews guidelines and was conducted according to Arksey and O'Malley's 5-stage framework. Peer-reviewed papers on DTC health care AI apps published until March 27, 2023, in Web of Science, Scopus, the ACM Digital Library, IEEE Xplore, PubMed, and Google Scholar were included. The papers were analyzed using Braun and Clarke's reflective thematic analysis approach. RESULTS Of the 2898 papers retrieved, 32 (1.1%) covering this emerging field were included. The included papers were recently published (2018-2023), and most (23/32, 72%) were from developed countries. The medical field was mostly general practice (8/32, 25%). In terms of users and functionalities, some apps were designed solely for single-consumer groups (24/32, 75%), offering disease diagnosis (14/32, 44%), health self-management (8/32, 25%), and health care information inquiry (4/32, 13%). Other apps connected to physicians (5/32, 16%), family members (1/32, 3%), nursing staff (1/32, 3%), and health care departments (2/32, 6%), generally to alert these groups to abnormal conditions of consumer users. In addition, 8 barriers and 6 design recommendations related to DTC health care AI apps were identified. Some more subtle obstacles that are particularly worth noting and corresponding design recommendations in consumer-facing health care AI systems, including enhancing human-centered explainability, establishing calibrated trust and addressing overtrust, demonstrating empathy in AI, improving the specialization of consumer-grade products, and expanding the diversity of the test population, were further discussed. CONCLUSIONS The booming DTC health care AI apps present both risks and opportunities, which highlights the need to explore their current status. This paper systematically summarized and sorted the characteristics of the included studies, identified existing barriers faced by, and made future design recommendations for such apps. To the best of our knowledge, this is the first study to systematically summarize and categorize academic research on these apps. Future studies conducting the design and development of such systems could refer to the results of this study, which is crucial to improve the health care services provided by DTC health care AI apps.
Collapse
Affiliation(s)
- Xin He
- School of Mechanical Science and Engineering, Huazhong University of Science and Technology, Wuhan, China
| | - Xi Zheng
- School of Mechanical Science and Engineering, Huazhong University of Science and Technology, Wuhan, China
| | - Huiyuan Ding
- School of Mechanical Science and Engineering, Huazhong University of Science and Technology, Wuhan, China
| |
Collapse
|
|
6
|
Mitrea D, Cioara T, Anghel I. Privacy-Preserving Computation for Peer-to-Peer Energy Trading on a Public Blockchain. SENSORS (BASEL, SWITZERLAND) 2023; 23:4640. [PMID: 37430554 DOI: 10.3390/s23104640] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Key Words] [Grants] [Track Full Text] [Subscribe] [Scholar Register] [Received: 04/18/2023] [Revised: 05/04/2023] [Accepted: 05/09/2023] [Indexed: 07/12/2023]
Abstract
To ensure the success of energy transition and achieve the target of reducing the carbon footprint of energy systems, the management of energy systems needs to be decentralized. Public blockchains offer favorable features to support energy sector democratization and reinforce citizens' trust, such as tamper-proof energy data registration and sharing, decentralization, transparency, and support for peer-to-peer (P2P) energy trading. However, in blockchain-based P2P energy markets, transactional data are public and accessible, which raises privacy concerns related to prosumers' energy profiles while lacking scalability and featuring high transactional costs. In this paper, we employ secure multi-party computation (MPC) to assure privacy on a P2P energy flexibility market implementation in Ethereum by combining the prosumers' flexibility orders data and storing it safely on the chain. We provide an encoding mechanism for orders on the energy market to obfuscate the amount of energy traded by creating groups of prosumers, by splitting the amount of energy from bids and offers, and by creating group-level orders. The solution wraps around the smart contracts-based implementation of an energy flexibility marketplace, assuring privacy features on all market operations such as order submission, matching bids and offers, and commitment in trading and settlement. The experimental results show that the proposed solution is effective in supporting P2P energy flexibility trading, reducing the number of transactions, and gas consumption with a limited computational time overhead.
Collapse
Affiliation(s)
- Dan Mitrea
- Computer Science Department, Technical University of Cluj-Napoca, Memorandumului 28, 400114 Cluj-Napoca, Romania
| | - Tudor Cioara
- Computer Science Department, Technical University of Cluj-Napoca, Memorandumului 28, 400114 Cluj-Napoca, Romania
| | - Ionut Anghel
- Computer Science Department, Technical University of Cluj-Napoca, Memorandumului 28, 400114 Cluj-Napoca, Romania
| |
Collapse
|
|
7
|
Yang W, Wang S, Cui H, Tang Z, Li Y. A Review of Homomorphic Encryption for Privacy-Preserving Biometrics. SENSORS (BASEL, SWITZERLAND) 2023; 23:3566. [PMID: 37050626 PMCID: PMC10098691 DOI: 10.3390/s23073566] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Key Words] [MESH Headings] [Grants] [Track Full Text] [Figures] [Subscribe] [Scholar Register] [Received: 02/19/2023] [Revised: 03/20/2023] [Accepted: 03/27/2023] [Indexed: 06/19/2023]
Abstract
The advancement of biometric technology has facilitated wide applications of biometrics in law enforcement, border control, healthcare and financial identification and verification. Given the peculiarity of biometric features (e.g., unchangeability, permanence and uniqueness), the security of biometric data is a key area of research. Security and privacy are vital to enacting integrity, reliability and availability in biometric-related applications. Homomorphic encryption (HE) is concerned with data manipulation in the cryptographic domain, thus addressing the security and privacy issues faced by biometrics. This survey provides a comprehensive review of state-of-the-art HE research in the context of biometrics. Detailed analyses and discussions are conducted on various HE approaches to biometric security according to the categories of different biometric traits. Moreover, this review presents the perspective of integrating HE with other emerging technologies (e.g., machine/deep learning and blockchain) for biometric security. Finally, based on the latest development of HE in biometrics, challenges and future research directions are put forward.
Collapse
Affiliation(s)
- Wencheng Yang
- School of Mathematics, Physics and Computing, University of Southern Queensland, Toowoomba, QLD 4350, Australia
| | - Song Wang
- School of Computing, Engineering and Mathematical Sciences, La Trobe University, Bundoora, VIC 3086, Australia
| | - Hui Cui
- Faculty of IT, Claytyon Campus, Monash University, Clayton, VIC 3800, Australia
| | - Zhaohui Tang
- School of Mathematics, Physics and Computing, University of Southern Queensland, Toowoomba, QLD 4350, Australia
| | - Yan Li
- School of Mathematics, Physics and Computing, University of Southern Queensland, Toowoomba, QLD 4350, Australia
| |
Collapse
|