Efficient Privacy-Preserving Identity Scheme for Electronic Validation of Phase 1 Clinical Trials

  • Hanna Farah
  • Daniel Amyot
  • Khaled El Emam
Conference paper
Part of the Lecture Notes in Business Information Processing book series (LNBIP, volume 209)


New drug studies are essential to advance the pharmaceutical industry’s ability to fight diseases. These studies are typically performed in four phases. We are interested in “phase 1” clinical trials where the goal is to evaluate the safety of a new drug. Contract research organizations recruit participants for their studies and need to verify electronically certain criteria without revealing the identity of these participants to other organizations. We outline some potential attacks against current identity representation schemes. Afterwards, we present privacy-preserving techniques to represent the identity of a participant in a scheme where operations can be performed efficiently and accurately. Our methods and scheme can also be applied to other domains to preserve an individual’s privacy.


Identity Privacy Clinical trial E-health Cloud computing 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Baxter, R., Christen, P., Churches, T.: A comparison of fast blocking methods for record linkage. ACM SIGKDD 3, 25–27 (2003)Google Scholar
  2. 2.
    Bloom, B.H.: Space/time trade-offs in hash coding with allowable errors. Communications of the ACM 13(7), 422–426 (1970)CrossRefzbMATHGoogle Scholar
  3. 3.
    Bouzelat, H., Quantin, C., Dusserre, L.: Extraction and anonymity protocol of medical file. In: Proc. AMIA Fall Symposium, pp. 323‒327. AMIA Inc. (1996)Google Scholar
  4. 4.
    Christen, P., Goiser, K.: Quality and complexity measures for data linkage and deduplication. In: Guillet, F.J., Hamilton, H.J. (eds.) Quality Measures in Data Mining. SCI, vol. 43, pp. 127‒151. Springer, Heidelberg (2007)Google Scholar
  5. 5.
    Churches, T., Christen, P.: Some methods for blindfolded record linkage. BMC Medical Informatics and Decision Making 4(9), 17 pages (2004)Google Scholar
  6. 6.
    Cramer, R., Gennaro, R., Schoenmakers, B.: A Secure and Optimally Efficient Multi-authority Election Scheme. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 103–118. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  7. 7.
    Durham, E.A.: A framework for accurate, efficient private record linkage. PhD Thesis, Biomedical Informatics, Vanderbilt University, USA (2012)Google Scholar
  8. 8.
    Karakasidis, A., Verykios, V.S.: Secure blocking+secure matching = Secure record linkage. Journal of Computing Science and Engineering 5(3), 101–106 (2011)CrossRefGoogle Scholar
  9. 9.
    Kroll, M., Steinmetzer, S.: Automated Cryptanalysis of Bloom Filter Encryptions of Health Records. arXiv preprint arXiv:1410.6739 (2014)Google Scholar
  10. 10.
    Kuzu, M., Kantarcioglu, M., Durham, E., Malin, B.: A Constraint Satisfaction Cryptanalysis of Bloom Filters in Private Record Linkage. In: Fischer-Hübner, S., Hopper, N. (eds.) PETS 2011. LNCS, vol. 6794, pp. 226–245. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  11. 11.
    Niedermeyer, F., Steinmetzer, S., Kroll, M., Schnell, R.: Cryptanalysis of basic Bloom Filters used for Privacy Preserving Record Linkage. German RLC, Working Paper Series, WP-GRLC-2014-04 (2014)Google Scholar
  12. 12.
    Paillier, P.: Public-Key Cryptosystems Based on Composite Degree Residuosity Classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  13. 13.
    Quantin, C., Bouzelat, H., Allaert, F.A.A., Benhamiche, A.M., Faivre, J., Dusserre, L.: How to ensure data security of an epidemiological follow-up: quality assessment of an anonymous record linkage procedure. International Journal of Medical Informatics 49(1), 117–122 (1998)CrossRefGoogle Scholar
  14. 14.
    Scannapieco, M., Figotin, I., Bertino, E., Elmagarmid, A.K.: Privacy preserving schema and data matching. In: Proc. ACM SIGMOD, pp. 653‒664. ACM (2007)Google Scholar
  15. 15.
    Schnell, R., Bachteler, T., Reiher, J.: Privacy-preserving record linkage using Bloom filters. BMC Medical Informatics and Decision Making, 9(41), 11 pages (2009)Google Scholar
  16. 16.
    The College of Physicians and Surgeons of Ontario Public Register Website: (accessed December 2014)
  17. 17.
    The Law Society of Upper Canada Directory Website: LawyerParalegalDirectory (accessed December 2014)
  18. 18.
    Vatsalan, D., Christen, P., O’Keefe, C.M., Verykios, V.S.: An evaluation framework for privacy-preserving record linkage. Journal of Privacy and Confidentiality 6(1), Article 3 (2014)Google Scholar
  19. 19.
    Weber, S.C., Lowe, H., Das, A., Ferris, T.: A simple heuristic for blindfolded record linkage. Journal of the American Medical Informatics Association 19(e1), e157–e161 (2012)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  1. 1.School of Electrical Engineering and Computer ScienceUniversity of OttawaOttawaCanada
  2. 2.Electronic Health Information LaboratoryChildren’s Hospital of Eastern Ontario Research InstituteOttawaCanada

Personalised recommendations