Ephemeral pseudonym based de-identification system to reduce impact of inference attacks in healthcare information system

摘要

As healthcare data is extremely sensitive, it poses a risk of invading individuals' privacy if stored or exported without proper security measures. De-identification entails pseudonymization or anonymization of data, which are methods for temporarily or permanently removing an individual's identity. These methods are most suitable to keep user healthcare data private. Inference attacks are a commonly overlooked weakness of de-identification techniques. In this paper, I discuss a method for de-identifying Electronic Healthcare Records (EHR) using chained hashing to generate short-lived pseudonyms to reduce the impact of inference attacks, as well as a mechanism for re-identification based on information self-determination. It also removes the weaknesses of existing de-identification algorithms and resolve them by using appropriate real-time de-identification algorithm, Ephemeral Pseudonym Generation Algorithm (EPGA). ? 2022, The Author(s), under exclusive licence to Springer Science+Business Media, LLC, part of Springer Nature.