Skip to content
Blog Post - Featured – 1
AdminFeb 15, 20231 min read

Privacy Assurance FAQ

What is Privacy Assurance?

One of the benefits of synthetic data is that it has low privacy risks. Privacy risks can be measured in a number of different ways.

Aetion has developed a unified privacy model for synthetic data that considers attribute disclosure conditional on identity disclosure and membership disclosure. This is a comprehensive way to think about the privacy risks in synthetic datasets.

The privacy risk assessment can be performed on every dataset that is generated by Aetion® Generate. A report is created summarizing the risks in the data.

Attribute disclosure conditional on identity disclosure is the result of two tests: 

  1. Can an adversary match a synthetic record with a real person?

  2. If a match is successful, will the adversary learn something new and correct from that match?

It produces an estimate of how likely these two tests are to pass.

 

Is consent required to generate synthetic data?

The generation of synthetic data is a process of creating non-identifiable data. The question here is whether that process needs additional consent from patients.

We have performed a detailed legal analysis of this topic in our book with reference to specific regulations, such as the GDPR and HIPAA.  Below we will summarize some of the key points:

  • Generating synthetic data is a privacy-protective measure, and therefore it further protects the rights of the data subjects. We would not want to discourage or create obstacles to this.

  • Some statutes explicitly treat this kind of processing as a permitted use (such as Ontario's PHIPA).

  • The evidence for consent bias is very strong in that consenters and non-consenters differ in systematic ways. Therefore, for secondary analysis, where we want to avoid biases in the data, working with non-identifiable data is the preferred option.

  • A strong case can be made that there is a legitimate interest in the generation of synthetic data and that the balancing test that is typically applied favors SDG.

You can get more details from the book on our legal analysis of this issue. These are extensions of the arguments that we had made in the past regarding the requirement to obtain consent for de-identification, which you can also find here.

 

Admin

RELATED ARTICLES

Xi FangApr 20, 20241 min read

How to unleash the replicability potential of synthetic data

In today's data-driven world, the need for innovative solutions to evolve alongside the ever-challenging landscape of privacy ...
Start Reading
AdminApr 19, 2024< 1 min read

Case Study: Enhancing clinical trial data sharing with synthetic datasets

Unlock the future of research with our groundbreaking approach to privacy-preserving data sharing. Our case study, "Enhancing ...
Start Reading
AdminApr 19, 2024< 1 min read

Case Study: Data Guardian: Securing the Data of Retail and Pharmacy Enterprises through Advanced Re-identification Risk Assessment

Our case study explores how advanced re-identification risk assessment can fortify the defenses of retail and pharmacy ...
Start Reading