Title of Presentation
“Sharing anonymous biomedical data: tools, trade-offs and perspectives”
Date and Place
Fabian Prasser is a computer scientist with a strong background in biomedical informatics. He holds a Ph.D. from the Technical University of Munich (TUM), where he received a scholarship from the Graduate School of Information Science in Health (GSISH). His research focuses on the intersection of biomedical informatics, database systems, data integration and data privacy. He currently works as a post-doctoral researcher at the Chair of Medical Informatics at TUM. He is the main developer of ARX, an open source anonymization tool, which has specifically been designed for applications to biomedical data. The software is one of only few mature solutions in the field and it has been recognized by several international data protection guidelines.
Data sharing has become a core principle of biomedical research, resulting in complex privacy issues. Ideally, generic solutions would enable researchers to integrate and process anonymous biomedical data while being flexible enough to support a wide variety of use cases.
However, there are inherent trade-offs and any solution needs to balance two conflicting objectives: (1) privacy protection and (2) usefulness.
Both objectives can be broken down into several further aspects. First, the term “privacy protection” can relate to a wide variety of technical models for quantifying privacy risks. Moreover, even access to medical data only, e.g. diagnoses, or aggregated results of analyses can lead to privacy breaches. Second, the term “usefulness” may refer to the quality of data or results, to the flexibility with which users can perform analyses or to the scalability of solutions. Methods for privacy-preserving sharing biomedical data need to be put into perspective by analyzing technical solutions in the context of these trade-offs. For example, tools for data anonymization either implement a protection-first or a quality-first methodology. Approaches using secure multiparty computation or differential privacy, which can also be applied to molecular data, offer only limited flexibility or scalability. In order to overcome their limitations, technical solutions must be complemented with organizational measures.