TY - GEN
T1 - New privacy threats in healthcare informatics
T2 - 9th International Workshop on Data Mining in Bioinformatics, BIOKDD 2010, Held in Conjunction with 16th ACM SIGKDD Conference on Knowledge Discovery and Data Mining
AU - Li, Fengjun
AU - Chen, Jake Y.
AU - Zou, Xukai
AU - Liu, Peng
N1 - Publisher Copyright:
Copyright © 2010 ACM.
PY - 2010
Y1 - 2010
N2 - In this paper, we study how patient privacy could be compromised from electronic health records (EHRs), especially with the help of today's information technologies. Current research on privacy protection is centralized around EHR: protecting patient information from being abused by authorized users or being accessed by unauthorized users. Limited efforts have been devoted to studying the attacks performed by manipulating information from external sources, or by joining information from multiple sources. Particularly, we show that (1) healthcare information could be collected by associating and aggregating information across multiple online sources including social networks, public records and search engines. Through attribution, inference and aggregation attacks, user identity and privacy are very vulnerable. (2) People are highly identifiable even when the attacker only possess inaccurate information. With real-world case study and experiments, we show that such attacks are valid and threatening. We claim that too much information has been made available electronic and available online that people are very vulnerable without effective privacy protection.
AB - In this paper, we study how patient privacy could be compromised from electronic health records (EHRs), especially with the help of today's information technologies. Current research on privacy protection is centralized around EHR: protecting patient information from being abused by authorized users or being accessed by unauthorized users. Limited efforts have been devoted to studying the attacks performed by manipulating information from external sources, or by joining information from multiple sources. Particularly, we show that (1) healthcare information could be collected by associating and aggregating information across multiple online sources including social networks, public records and search engines. Through attribution, inference and aggregation attacks, user identity and privacy are very vulnerable. (2) People are highly identifiable even when the attacker only possess inaccurate information. With real-world case study and experiments, we show that such attacks are valid and threatening. We claim that too much information has been made available electronic and available online that people are very vulnerable without effective privacy protection.
UR - http://www.scopus.com/inward/record.url?scp=84908261691&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84908261691&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:84908261691
T3 - Proceedings of the ACM SIGKDD International Conference on Knowledge Discovery and Data Mining
SP - 133
EP - 136
BT - Proceedings of the ACM SIGKDD International Conference on Knowledge Discovery and Data Mining
PB - Association for Computing Machinery
Y2 - 25 July 2010 through 28 July 2010
ER -