Differential Privacy

 

Overview

Differential privacy is a technique that adds "noise" to data to protect the privacy of individual records. It makes it challenging to extract information about specific individuals while still providing useful statistical insights. Using the FCP, you can set the level of noise added by your chosen privacy settings, depending on the sensitivity of the data. 

 

Differential Privacy Enforcement Levels

The Rhino Health Platform offers four privacy enforcement levels:

  • None; No noise will be added. Suitable for projects where no privacy constraints are required.
  • Low: Single-element metrics (e.g., percentiles) will always have noise added, but aggregate statistics (e.g., mean, standard deviation) will not. Suitable for projects with a moderate privacy requirement while allowing accurate aggregate statistics.
  • Medium: Single-element metrics (e.g., percentiles) will always have noise added, and aggregate statistics (e.g., mean, standard deviation) will have noise added if the unique values they are based on aren't diverse (num_unique_values < k). Suitable for most common projects.
  • High: All values will have some noise added, even if they are sufficiently aggregated. Suitable for projects with a strong privacy requirement, sacrificing some data accuracy for increased privacy.
Metric None Low Medium High
Percentile No noise added Noise added Noise added Noise added

Mean

Standard Deviation

Sum

Count

No noise added No noise added Noise is added if num_unique_values is smaller than the project's k anonymity factor Noise added
Kaplan Meier No noise added Noise is added to the time values, solely to aggregated times which are created by combining time intervals when the number of events falls below the k anonymity factor. For more details, see the Kaplan Meier documentation. Noise is added to the time vector, solely to aggregated times which are created by combining time intervals when the number of events falls below the k anonymity factor. For more details, see the Kaplan Meier documentation. Noise is added to all of the time values.

 

Configuring Differential Privacy

To configure the differential privacy enforcement level for a project:

1. Create a New Project: When creating a new project, select the desired "Differential Privacy Enforcement" setting (None, Low, Medium, High).

2. Existing Projects: Existing projects have a DP enforcement level of "Medium" unless configured otherwise.

Was this article helpful?
0 out of 0 found this helpful

Articles in this section