Privacy Aspects of Data Matching
Because data matching commonly relies on personal details such as names and addresses to conduct the matching, privacy and confidentiality issues can be of great concern, especially when databases are matched across different organisations. In many countries, privacy legislation limits the use and exchange of personal information. Matching data between different organisations, for example a private hospital and a government health department, might be limited or even impossible. In the past decade, research into privacy-preserving data matching (also known as “privacy-preserving record linkage”) has received attention from various disciplines, including data mining and health informatics. The aim of this research is to develop techniques that facilitate data matching in such a way that no database owner needs to reveal any of their private or confidential data, and the outcomes of a data matching project only reveal to the database owners which records in their respective database have been matched with a certain minimum similarity with records in the other database. This chapter starts with a discussion of how privacy and confidentiality pose challenges to data matching, followed by a series of scenarios that will illustrate these challenges. The second part of this chapter provides an overview of the different techniques that have been developed in the area of privacy-preserving data matching. The chapter concludes with a discussion of practical considerations and directions for future research in this area, as well as pointers for further reading.