audit mechanisms for privacy protection in healthcare
play

Audit Mechanisms for Privacy Protection in Healthcare Environments - PowerPoint PPT Presentation

Nov 18, 2023 •253 likes •337 views

Audit Mechanisms for Privacy Protection in Healthcare Environments Anupam Datta Joint work with Jeremiah Blocki, Nicolas Christin and Arunesh Sinha Carnegie Mellon University Position } Audit mechanisms are essential for privacy protection

  1. Audit Mechanisms for Privacy Protection in Healthcare Environments Anupam Datta Joint work with Jeremiah Blocki, Nicolas Christin and Arunesh Sinha Carnegie Mellon University

  2. Position } Audit mechanisms are essential for privacy protection in healthcare environments } Guided by comprehensive study of HIPAA Privacy Rule (WPES’10, CCS’11) } Principled audit mechanisms based on machine learning and economics can be used to provide operational guidance to organizations on how to conduct audits } For “grey” policy concepts: was access for purpose of treatment or curiosity, financial gain etc.?

  3. Learning to Audit Auditing budget: $3000/ cycle Cost for one inspection: $ 1 00 Only 30 inspections per cycle Auditor Loss from 1 violation Access divided (internal, external) into 2 types $500, $ 1 000 30 accesses 1 00 accesses $250, $500 70 accesses

  4. Audit Mechanism Choices Only 30 inspections Consider 4 possible allocations of the available 30 inspections 0 1 0 20 30 30 20 1 0 0 Weights 1.0 1.0 1.0 1.0 Choose allocation probabilistically based on weights 4

  5. Audit Mechanism Run No. of Actual Access Violation 0 1 0 20 30 30 2 70 4 30 20 1 0 0 Estimated Observed Loss Loss Int. Ext. Caught Caught $2000 $ 1 500 $ 1 000 $ 1 000 1 1 1 2 $750 $ 1 250 $ 1 250 $ 1 500 Updated weights 0.5 0.5 2.0 1.5 Learning from experience: weights updated using observed and estimated loss 5

  6. Regret Minimizing Audits } Learns from experience to recommend budget allocation for audit in each audit cycle } Observed loss used to estimate loss for each action and update probabilities for actions } Budget allocation is provably close to optimal fixed strategy in hindsight (e.g., budget allocation) } Technical approach: New regret minimization algorithm for repeated games of imperfect information (Online learning-theoretic technique) J. Blocki, N. Christin, A. Datta, A. Sinha, Regret Minimizing Audits: A Learning- Theoretic Basis for Privacy Protection, CSF , June 2011.

  7. Future Work } Alternative adversary models } Worst-case, rational, well-behaved } Alternative audit mechanisms } Incorporating incentives } Identifying experts } Can experts be learned from logs? } Experimental evaluation } Real hospital logs, user studies

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

AI in Healthcare: Privacy & Ethics considerations Ivana Bartoletti Head of Privacy, Data

AI in Healthcare: Privacy & Ethics considerations Ivana Bartoletti Head of Privacy, Data

AI in Healthcare: Privacy & Ethics considerations Ivana Bartoletti Head of Privacy, Data Protection and Ethics Contents Privacy in the Digital age: main issues Ethics: definitions and background Privacy challenges in Health

713 views • 23 slides
Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in vehicular networks; Security and Cooperation in Wireless Networks Georg-August University Gttingen Chapter outline 1 Important privacy related

1.12k views • 33 slides
CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security

CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security

CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security in Healthcare Li Xiong Healthcare security and privacy HIPAA overview Research survey on information security and privacy in healthcare

1.05k views • 57 slides
EU Art.29 Data Protection Users care about privacy Working Party From: Special Eurobarometer

EU Art.29 Data Protection Users care about privacy Working Party From: Special Eurobarometer

28/05/15 Outline Data privacy and the evolving regulation Privacy threats from LBS to geoSN EveryWare Lab Main (location) privacy protection techniques Data Management for Mobile Protecting geo-tagged resource publication

411 views • 7 slides
Data Protection Webinar Case Studies 19 April 2018 INTRODUCTION Overview 1. GDPR Audit

Data Protection Webinar Case Studies 19 April 2018 INTRODUCTION Overview 1. GDPR Audit

Data Protection Webinar Case Studies 19 April 2018 INTRODUCTION Overview 1. GDPR Audit Approach 2. Consent 3. Dealing with Subject Access Requests (SAR) 4. Data Privacy Impact Assessments (DPIA) 2 Case Study: GDPR Audit

526 views • 29 slides
Should Go Hand in Hand with Privacy-Consequence Information: The Case of Smartphone Apps W3C

Should Go Hand in Hand with Privacy-Consequence Information: The Case of Smartphone Apps W3C

User Control Mechanisms for Privacy Protection Should Go Hand in Hand with Privacy-Consequence Information: The Case of Smartphone Apps W3C Workshop on Privacy and User Centric Controls 20 21 November 2014, Berlin, Germany Dipl.-Inf.

829 views • 15 slides
Privacy Protection Overview Hiroshi Nakagawa The University of Tokyo Overview of Privacy

Privacy Protection Overview Hiroshi Nakagawa The University of Tokyo Overview of Privacy

International Workshop on Spatial and Temporal Modeling from Statistical, Machine Learning and Engineering perspectives:STM2016 23 July 2016 Privacy Protection Overview Hiroshi Nakagawa The University of Tokyo Overview of Privacy Protection

1.35k views • 79 slides
Privacy and Data Protection Designing for Privacy Tobias Pulls CC-BY-4.0 Privacy is a Human

Privacy and Data Protection Designing for Privacy Tobias Pulls CC-BY-4.0 Privacy is a Human

Privacy and Data Protection Designing for Privacy Tobias Pulls CC-BY-4.0 Privacy is a Human Right (1/2) From the United Nations Universal Declaration of Human Rights: Article 12 No one shall be subjected to arbitrary interference with his

338 views • 7 slides
iDASH Healthcare Privacy Protection Challenge Fei Yu feiy@stat.cmu.edu Carnegie Mellon

iDASH Healthcare Privacy Protection Challenge Fei Yu feiy@stat.cmu.edu Carnegie Mellon

Overview Method Scoring functions Summary iDASH Healthcare Privacy Protection Challenge Fei Yu feiy@stat.cmu.edu Carnegie Mellon University 24 March 2014 Overview Method Scoring functions Summary Overview Task Select the K most

400 views • 23 slides
Oblivious Mechanisms in Differential Privacy Experiments, Conjectures, and Open Questions

Oblivious Mechanisms in Differential Privacy Experiments, Conjectures, and Open Questions

Oblivious Mechanisms in Differential Privacy Experiments, Conjectures, and Open Questions Chien-Lun Chen Joint work with Ranjan Pal and Leana Golubchik 1 5/27/2016 Quantitative Evaluation & Design (QED) Research Group Privacy Issues in

438 views • 15 slides
An Auditors Perspective on Healthcare Sergei Pekh MBA, CPA, CMA Audit Principal Doug McKenzie

An Auditors Perspective on Healthcare Sergei Pekh MBA, CPA, CMA Audit Principal Doug McKenzie

An Auditors Perspective on Healthcare Sergei Pekh MBA, CPA, CMA Audit Principal Doug McKenzie CA, LLB Audit Principal Who Are We Alberta legislatures independent audit office audit provincial departments and crown corps

705 views • 34 slides
Web and privacy Privacy and protection of personal data specific purpose (to collect and

Web and privacy Privacy and protection of personal data specific purpose (to collect and

Web and privacy Industrial perspectives on Cryptography A. Esterle - ENISA Antwerp 29 May 2008 www.enisa.europa.eu Web and privacy Privacy and protection of personal data specific purpose (to collect and process it) subject

732 views • 7 slides
Consumer Privacy Protection Principles: Privacy Principles for Vehicle Technologies and Service

Consumer Privacy Protection Principles: Privacy Principles for Vehicle Technologies and Service

Consumer Privacy Protection Principles: Privacy Principles for Vehicle Technologies and Service Automotive Industry Privacy Principles Nov. 12, 2014 Auto Alliance and Global Automakers come together to create a set of privacy principles

419 views • 20 slides
#MicroFocusCyberSummit Cloud-based Data Privacy and Protection Protecting data and privacy

#MicroFocusCyberSummit Cloud-based Data Privacy and Protection Protecting data and privacy

#MicroFocusCyberSummit Cloud-based Data Privacy and Protection Protecting data and privacy across hybrid IT Farshad Ghazi - Moderator Mat Spitz Lacy Gruen #MicroFocusCyberSummit Reiner Kappenberger Cloud-based Data Privacy and Protection:

453 views • 10 slides
Survey on Security Threats and Protection Mechanisms in Embedded Automotive Networks Ivan

Survey on Security Threats and Protection Mechanisms in Embedded Automotive Networks Ivan

The Automotive Network Threats Protection mechanisms Conclusion Survey on Security Threats and Protection Mechanisms in Embedded Automotive Networks Ivan Studnia Vincent Nicomette Eric Alata Yves Deswarte Mohamed Ka aniche Renault

752 views • 40 slides
Big Data, Key Challenges: Privacy Protection & Cooperation Observations on international

Big Data, Key Challenges: Privacy Protection & Cooperation Observations on international

Big Data, Key Challenges: Privacy Protection & Cooperation Observations on international efforts to develop frameworks to enhance privacy while realising big datas benefits Seminar arranged by the Office for Personal Data Protection, Macao,

305 views • 8 slides
INF4140 - Models of concurrency Hsten 2015 October 5, 2015 Abstract This is the handout

INF4140 - Models of concurrency Hsten 2015 October 5, 2015 Abstract This is the handout

INF4140 - Models of concurrency Hsten 2015 October 5, 2015 Abstract This is the handout version of the slides for the lecture (i.e., its a rendering of the content of the slides in a way that does not waste so much paper when

494 views • 10 slides
Objective: Compatibility of microwave and infrared radiances for use in the retrieval algorithm.

Objective: Compatibility of microwave and infrared radiances for use in the retrieval algorithm.

Objective: Compatibility of microwave and infrared radiances for use in the retrieval algorithm. Procedure: For 29 months of data (Aug. 2003 - Dec. 2005), 1) Using both IR & MW data, do cloud clearing and retrieval. If the retrieval passes

229 views • 22 slides
CSCI 3210: Computational Game Theory Inefficiency of Equilibria & Routing Games Ref: Ch 17,

CSCI 3210: Computational Game Theory Inefficiency of Equilibria & Routing Games Ref: Ch 17,

12/5/19 CSCI 3210: Computational Game Theory Inefficiency of Equilibria & Routing Games Ref: Ch 17, 18 [AGT] Mohammad T . Irfan Email: mirfan@bowdoin.edu Web: www.bowdoin.edu/~mirfan 1 Split or steal game u NE outcome vs. socially

480 views • 10 slides
Boolean Algebra Chapter 3 Boolean Values Introduction Boolean Operations Fundamental Operators

Boolean Algebra Chapter 3 Boolean Values Introduction Boolean Operations Fundamental Operators

Boolean Algebra Chapter 3 Boolean Values Introduction Boolean Operations Fundamental Operators Boolean Operations Binary Boolean Operators Boolean Algebra Precedence of Operators Boolean Algebra Function Evaluation Boolean Algebra Basic

485 views • 32 slides
Presented by Ashley H. Kaplan, Esq. Senior Employment Law Attorney Poster Guard Compliance

Presented by Ashley H. Kaplan, Esq. Senior Employment Law Attorney Poster Guard Compliance

Presented by Ashley H. Kaplan, Esq. Senior Employment Law Attorney Poster Guard Compliance Protection In March 2014, President Obama directed the Secretary of Labor to update the overtime regulations DOL conducted months of extensive

732 views • 39 slides
On connections between logic on words and limits of graphs s Jakl, Luca Reggio a Mai Gehrke,

On connections between logic on words and limits of graphs s Jakl, Luca Reggio a Mai Gehrke,

On connections between logic on words and limits of graphs s Jakl, Luca Reggio a Mai Gehrke, Tom a Logic Colloquium (Prague) 13 August 2019 a The research discussed has received funding from the European Research Council (ERC) under the

653 views • 26 slides
MATH 12002 - CALCULUS I 1.3: Introduction to Limits Professor Donald L. White Department of

MATH 12002 - CALCULUS I 1.3: Introduction to Limits Professor Donald L. White Department of

MATH 12002 - CALCULUS I 1.3: Introduction to Limits Professor Donald L. White Department of Mathematical Sciences Kent State University D.L. White (Kent State University) 1 / 7 Average and Instantaneous Velocity Suppose I drive in a

516 views • 7 slides
Transposition Table, History Heuristic, and other Search Enhancements Tsan-sheng Hsu

Transposition Table, History Heuristic, and other Search Enhancements Tsan-sheng Hsu

Transposition Table, History Heuristic, and other Search Enhancements Tsan-sheng Hsu tshsu@iis.sinica.edu.tw http://www.iis.sinica.edu.tw/~tshsu 1 Abstract Introduce heuristics for improving the efficiency of alpha-beta based searching

693 views • 56 slides

More recommend