A Framework and Decision Tool for Confidentiality Protection in Public Use Data

Award Information
Agency: Department of Health and Human Services
Branch: N/A
Contract: 2R44MH086138-02
Agency Tracking Number: MH086138
Amount: $749,984.00
Phase: Phase II
Program: SBIR
Awards Year: 2010
Solicitation Year: 2010
Solicitation Topic Code: NIMH
Solicitation Number: PHS2010-2
Small Business Information
OPTTEK SYSTEMS, INC., 2241 17th Street, BOULDER, CO, -
DUNS: 128005423
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 JAMES KELLY
 (303) 447-3255
 KELLY@OPTTEK.COM
Business Contact
 JAY APRIL
Phone: (303) 447-3255
Email: april@opttek.com
Research Institution
N/A
Abstract
DESCRIPTION (provided by applicant): Statistical databases for public use pose a critical problem: how to make the data available for analysis without disclosing information that would infringe on privacy, violate confidentiality, or endanger national security. Organizations in the public and private sectors have a major stake in this confidentiality protection problem, given the fact that access to data is essential for advancing research and formulating policy. Yet, the possibility of extracting certain sensitive elements of information from the data can jeopardize the welfare of these organizations and potentially, the welfare of the society in which they operate. The challenge is, therefore, to represent the data in a form that permits accurate analysis for supporting research, decision-making and policy initiatives, while preventing an unscrupulous or ill- intentioned party from exploiting the data for harmful consequences. The objective of this project is to develop a practical, computer-based framework for assessing, measuring, and mitigating disclosure risk in public use data. Our proposed framework, called OptShield, overcomes the disadvantages found in currently deployed disclosure limitation methods. We achieve this by combining perturbation and suppression methods with optimal switching of sensitive records at the micro-data level, to produce a method that protects confidentiality while preserving data integrity. In Phase II we are proposing to continue algorithmic and software development to achieve the objective of a working prototype of the software and service. This software will serve as the core technology to provide an application for a broad market in which customers have a major stake in confidentiality protection. The application we ultimately plan to offer in Phase III will consist of a three-phased approach to the disclosure limitation problem: (1) Assess a user's qualitative and quantitative disclosure risks inherent in the organization's data publishing and sharing plans; (2) Measure the disclosure risks in a user's proposed data products; and (3) Protect the user's data by applying the appropriate disclosure limitation techniques. PUBLIC HEALTH RELEVANCE: Public health organizations that collect and share sensitive data are apprehensive about the risk of inadvertently disclosing confidential information, given the fact that access to their data is essential for advancing research and formulating policy. Yet, the possibility of extracting certain vulnerable elements of information from the data, even after personal identifiers have been removed, can jeopardize the welfare of these organizations and potentially the welfare of the society in which they operate. Within the US Department of Health and Human Services, for example, preserving the confidentiality of records in order to continue to elicit information from the American people and from health care providers is a matter of primary concern (CDC/NCHS confidentiality guide). OptTek Systems, Inc. (OptTek) is developing a comprehensive framework designed to help public health and other organizations to avoid the disclosure of confidential information in public-use data. The application consists of a three-phased approach to the disclosure limitation problem: (1) Assess a user's qualitative and quantitative disclosure risks; (2) Measure the disclosure risks in a user's proposed data publishing and sharing plans; and (3) Protect the user's data by applying the appropriate disclosure limitation techniques.

* Information listed above is at the time of submission. *

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government