De-identification Tools and Services by Privacy Analytics - products

By: Privacy Analytics  09-12-2011

The Privacy Analytics Risk Assessment Tool (PARAT) takes the guesswork out of understanding the threat of re-identification. PARAT allows you to precisely measure the risk of re-identification under different scenarios of attack. Using peer-reviewed metrics and de-identification algorithms, PARAT assesses, measures and manages re-identification risk while generating maximum data granularity. Only PARAT can protect against all known types of re-identification attacks. It optimally de-identifies information to protect individual privacy while retaining the data's value.

PARAT is a Windows-based application and is compatible with a number of databases (e.g., Microsoft Access, Microsoft SQL Server, and Oracle). Using a simple four-step process, PARAT allows you to easily and safely use and disclose your valuable data.


Step 1: Select The Indirect Identifiers To Be Released From The Data Set

Select and rank the variables that can be used for re-identification. This ranking (the variables' utility/importance to the person using the de-identified data set) will be used during the de-identification process to determine the optimal anonymization that balances re-identification risk and data utility.



Step 2: Set Your Re-Identification Risk Threshold

To balance the need for privacy with the need for data granularity, PARAT allows you to adjust the acceptable re-identification risk threshold of information based on the profile of the requesting person/organization. Risk-based de-identification ensures that individual privacy is protected while maintaining the released data's utility.



Step 3: Perform the Risk Analysis

PARAT calculates the data set's risk for three types of re-identification attacks: prosecutor, journalist and marketer. In this example, PARAT shows the risk is high (above 0.2) for all three types of re-identification attacks.

The three types of attack reflect three ways in which an adversary can re-identify one or more individuals in your database.



Step 4: De-Identify To Protect Data

PARAT uses several de-identification techniques including suppression (removing high risk values in the database) and generalization (reducing the resolution of a given field). PARAT will automatically de-identify the data to reduce the re-identification risk to acceptable levels defined by the user and remain compliant with the relevant legislation.

PARAT can also automtaically produce a data sharing agreement for the de-identified data set.



Other products and services from Privacy Analytics

09-12-2011

De-identification Tools and Services by Privacy Analytics - services

If you are planning to disclose health information and want a third party assessment of re-identification risk. We provide a certification letter confirming that the risk is "very low".