An Advanced Architecture for Data Privacy Management – Application to Healthcare Datasets

In today’s highly connected society, we are constantly asked to provide personal information to retailers, voter surveys, medical professionals, and other data collection efforts. The collected data is contained in large databases and forms enormous collections of data warehouses. Statistical agencies use this data to facilitate research in the fields of public health, economics, sociology, etc. Moreover, organisations often share it among themselves for statistical analysis. However, this data contains private and sensitive information about individuals, which can result in identity theft, financial loss, stress and depression, embarrassment, abuse, etc. Along with this, in a typical data-owning organizational structure, there are a number of roles/actors to whom the individuals’ information at each data architectural layer is accessible, and the risks associated with these insiders are far more difficult because of their legitimate access to the system. Therefore, one must protect the collected data to ensure rigorous management of individuals’ privacy, which is very challenging. Hence, we need to formulate a data privacy-ensuring system to protect the identity and sensitivity of data not only from external but also from internal malicious intruders. We proposed an advanced data privacy management architecture composed of three modules: that are users/roles module, the data access management module, and the data management module. Firstly, regulate the actors/users of the organisation by adopting the strategy of Role-Based Access Control. Secondly, the concept of Chinese Wall Security Policy is implemented as a firewall mechanism to restrict the unauthorised access of users. Lastly, we proposed a comprehensive data management architecture composed of the necessary components of data de-identification and anonymisation. The proposed model is considered useful and has significance in the sense that it provides security and privacy along each functional layer of data architecture. Furthermore, this system is also not subject to faulty human intentions because it is an automatic system that imposes limits on the administrators’ roles with respect to regulating the accessibility of data and maliciously exercising their authority. Along with this issue, it also encounters the risk of mistakes by administrators. The proposed system is tested and validated on a healthcare dataset, in which privacy preservation is crucial.