towards patient controlled privacy
DESCRIPTION
The US Department of Health and Human Services (HHS) began publishing Linked Data in 2011 as part of an ongoing effort to inform the public and stimulate new health care applications.The Digital Enterprise Research Institute (DERI) is recognized as one of the leading international web science research institutes interlinking technologies, information and people to advance business and benefit society.In the US, the President's Council of Advisors on Science and Technology (PCAST) published a report on Health IT that imagines new scenarios and recommends new capabilities for interacting with health data.At DERI, innovative ontology and software implementations demonstrate how users can create and manage fine-grained privacy preferences that restrict or grant access to their Linked DataThis session will give an overview of the HHS/DERI collaboration to implement 'data element access services' towards the realization of patient controlled privacy.• US Department of Health and Human Services • PCAST Health Information Technology Report • Digital Enterprise Research Institute • Privacy Preference Ontology and Manager • Puelia and Linked Data APIhttp://semtechbizsf2012.semanticweb.com/sessionPop.cfm?confid=65&proposalid=4539TRANSCRIPT
Digital Enterprise Research Institute www.deri.ie
Towards Patient Controlled Privacy
Owen Sacco
SemTechBiz 2012 - San Francisco Tuesday 5th June 2012
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
Located at the National University of Ireland, Galway
Leading Semantic Web Research Institute
Approx 140 members from 30+ nations
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
US Government’s principal agency for: ☤ Protecting the Health of all Americans
☤ Providing all essential Human Services
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
Promote the advancement of the Health, Safety, and Well-‐Being of the American People
HEALTH AND HUMAN SERVICES DOMAIN
IT PROGRAM MANAGEMENT OFFICE
HHS IT Asset Discovery Application HADA
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
HEALTH AND HUMAN SERVICES DOMAIN IT PROGRAM MANAGEMENT OFFICE
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
HEALTH AND HUMAN SERVICES DOMAIN IT PROGRAM MANAGEMENT OFFICE
Currently, data about HHS IT Investments exists:
In different systems
In different data models
With different levels of access
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
HEALTH AND HUMAN SERVICES DOMAIN IT PROGRAM MANAGEMENT OFFICE
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
HEALTH AND HUMAN SERVICES DOMAIN IT PROGRAM MANAGEMENT OFFICE
HADA aims to provide intelligent:
Aggregation of this data to support information discovery
Interoperability amongst the different systems
Fine-grained Access Control
Using Semantic Web principles
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
HEALTH AND HUMAN SERVICES DOMAIN IT PROGRAM MANAGEMENT OFFICE
WWW
Docs
Semantic Database
Public Data
EPLC and other docs Data
Enterprise Repositories
Data Access Rules Who can see what?
Web Application
She searches for a specific IT Investment cost
IT asset information are pre-aggregated from multiple data sources
Which are stored in a database
Access rules are checked to grant or restrict access to the IT Investment Cost
If she has access, she can view the Investment cost
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
XML
CPIC Repositories Code, Documentation, Etc. Repositories
Content Extraction Layer
Semantic Layer
Data Layer
Instance data
Extracted instance data in XML format
System Content Extraction
Docs Code Etc.
Metadata Extraction and Manual Clarification
XML
Semantic Transformation and Synthesis
XML XML XML
Existing Ontologies
Semantic Model
Transformation
Presentation and
Navigation of Content Presentation Layer
EA Repositories
(e.g. FEA)
Semantic Database
HEALTH AND HUMAN SERVICES DOMAIN IT PROGRAM MANAGEMENT OFFICE
Privacy Layer
Privacy Preference Manager Enforcement
of Privacy Policies
Privacy Preferences Repositories
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
HEALTH AND HUMAN SERVICES DOMAIN IT PROGRAM MANAGEMENT OFFICE
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
HEALTH AND HUMAN SERVICES DOMAIN IT PROGRAM MANAGEMENT OFFICE
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
HEALTH AND HUMAN SERVICES DOMAIN IT PROGRAM MANAGEMENT OFFICE
Publishing Linked Data using the Linked Data API
• A RESTful API over RDF graphs • Acts as a proxy over SPARQL endpoints • Easy-to-process representations of resources
Indexing and searching RDF data using SIREn “A Lucene plugin to efficiently index and query RDF, as well as any textual document with an arbitrary amount of metadata fields”
Storing RDF data using Sesame over MySQL
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
Subject Predicate Object Context
HADA hasName “HHS IT Asset Discovery Application”
HEAR
HADA hasAcronym “HADA” HEAR
HADA hasCost $12345 CPIC
HADA hasIPAddress 107.20.137.210
HEAR
HADA belongsTo HHS HEAR
HADA hasLabel “Health and Human Services Asset Discovery Application”
ITDashboard
HADA hasAcronym “HADA” ITDashboard
More than one rule can be applied to each data element
Rules based on…
Where the data comes from Context
What the data is about Subject
What the data is describing Predicate
Properties of the data itself Object
Any combination of the above
Role based access and fine grained access
HEALTH AND HUMAN SERVICES DOMAIN IT PROGRAM MANAGEMENT OFFICE
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
Privacy Preference Ontology
ppo:PrivacyPreference
ppo:hasLiteral
rdfs:Literal
rdfs:Resource
ppo:appliesToResource
rdf:Statement trix:Graph
ppo:AccessSpace ppo:hasAccessSpace
ppo:appliesToStatement ppo:appliesToNamedGraph
ppo:hasAccessQuery
ppo:Condition
rdf:Property
ppo:hasProperty ppo:classAsObject ppo:classAsSubject ppo:resourceAsObject
acl:Access
ppo:hasAccess
ppo:resourceAsSubject
ppo:hasCondition
Applies To Conditions Access Test Queries Access Control Privileges
rdfs:Resource rdfs:Resource rdfs:Class rdfs:Class
rdfs:Literal
This rdfs:Literal represents a SPARQL query as a String.
Ref.: O.Sacco and A.Passant. A Privacy Preference Ontology (PPO) for Linked Data. LDOW 2011.
Namespace: http://vocab.deri.ie/ppo#
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
Privacy Preference Ontology
PREFIX ppo: <http://vocab.deri.ie/ppo#> . PREFIX hada: <http://hprod.dyndns.org/> . hada:pp1 a ppo:PrivacyPreference; ppo:appliesToResource <http://hprod.dyndns.org/hada/Investment/90000001>; ppo:hasAccess acl:Read; ppo:hasAccessSpace [ ppo:hasAccessQuery "ASK {?x foaf:topic_interest
<http://hprod.dyndns.org/hada/vocab/Asset>}"].
Ref.: O.Sacco and A.Passant. A Privacy Preference Ontology (PPO) for Linked Data. LDOW 2011.
Namespace: http://vocab.deri.ie/ppo#
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
Privacy Preference Ontology
Privacy Preference
90000001 acl:Read Who is interested in Asset
ppo:appliesToResource ppo:hasAccessQuery
ppo:hasAccess
Ref.: O.Sacco and A.Passant. A Privacy Preference Ontology (PPO) for Linked Data. LDOW 2011.
Namespace: http://vocab.deri.ie/ppo#
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
Privacy Preference Manager
User
Privacy Preference Manager
SPARQL Endpoint
RDF Documents
Privacy Preferences Repositories
Privacy Preference Manager provides:
• Creating privacy preferences • Enforcing privacy preferences
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
Enforcing Privacy Policies
RDF Data Retriever & Parser
Privacy Preferences Enforcer
Privacy Preferences Creator
Privacy Preferences
John
Request
Request RDF DATA
Logs In
John’s Profile
Privacy Preference Manager
Query
Privacy Preference
Filtered RDF Data
Query RDF Data Access Query Result
Request John’s RDF Profile
SPARQL Endpoint
RDF Documents
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
Towards Patient Controlled Privacy
Privacy Preference Manager
Alex
Privacy Preference Manager
John
SPARQL Endpoint
RDF Documents
HHS is exploring to use on healthdata.gov: • Linked Data API for publishing Linked Data • Privacy Preference Framework to provide the Patient
to control third party access to his/her health data
SPARQL Endpoint
RDF Documents
Privacy Preferences Privacy Preferences
Interface Interface
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
Links
n HADA: http://hprod.dyndns.org/
n Linked Data API: http://code.google.com/p/linked-data-api/
n SIREn: http://siren.sindice.com/
n Sesame: http://www.openrdf.org/
n PPO Namespace URI: http://vocab.deri.ie/ppo#
n PPM Screencasts: ¨ Creating Privacy Preferences: http://bit.ly/p0N1Vi
¨ Viewing Filtered Triples: http://bit.ly/qiAdxT
n Email: [email protected]