Intelligent Methods for Protecting Privacy and Confidentiality in Data
May 30th, 2010, Ottawa, Canada
Submission deadline: March 30th
With the increasing adoption of electronic medical/health records and the rising use of electronic data capture tools in clinical research, large electronic repositories of personal health information (PHI) are being built up. At the same time, large medical data breaches are becoming common. Data breaches may be caused by errors committed by insiders at the data custodian sites, or by malicious insiders. Data
breaches can also be caused by outsiders breaking into the data repositories. These data breaches represent legal and financial liabilities for the data custodians, and erode public trust in the ability of data custodians to manage their PHI.
An area that has grown in importance to manage the risks from breaches is data leak prevention (DLP). DLP technologies monitor communications or networks to detect PHI leaks. When a leak is detected the affected individual or organization is notified, at which point they can take remedial action. DLP can prevent a PHI leak or detect it after it happens. For example, if DLP is deployed to monitor email then a PHI alert can be generated before the email is sent. If DLP is used to monitor PHI leaks on the Internet (e.g., on peer-to-peer file sharing networks or on web sites), then the alerts pertain to leaks that have already occured, at which point the affected individual or data custodian can attempt to contain the damage and stop further leaks.
Computational AI is a key enabling technology for next-generation DLP technologies. This workshop aims to bring together researchers working on computational tools for DLP.
Topics of interest include, but are not limited to:
- reviews: reviews of DLP systems and methods; and reviews of PHI leaks that are occuring.
- methods: detection of personally identifying information in text; detection of health information in different types of text (e.g., professionally written vs. lay person generated); and re- identification risk assessment;
- applications: monitoring the web and peer-to-peer file sharing networks for PHI leaks; detection of PHI in email or other communications; and tools for dealing with PHI leaks in an automated way (e.g., de-identification).
- evaluation: empirical evaluation of deployed systems; theoretical methods of risk assessment; and new methods for evaluating such systems.
The workshop invites position papers describing original work in theory and applications of intelligent methods to the problem of DLP. Position papers will be reviewed by the Program Committee members according to their originality, technical merit and clarity of presentation. Each accepted paper will be allocated a maximum of 5 pages in the workshop proceedings. At least one author for each accepted paper is expected to attend the workshop.
The workshop is planned to be interactive with discussions on the current state and future developments in the area of DLP for PHI. All of the workshop attendees will co-author a final report on DLP for PHI after the workshop and submit that to a journal.
The workshop is being held in conjunction with the Canadian AI 2010 conference.