Fig. 3: A proposed framework for health data privacy in which the primary unit is the task rather than professional role.
From: Addressing contemporary threats in anonymised healthcare data using privacy engineering
Axis I: Task such as care of a given patient, resource analysis, or research. Axis 2: Data required for the specific task, and its progression from start to completion. Axis 3: User(s) who require access. Note that data owners (patients or consumers) should have unlimited rights of access. Axis 4: Length of time for which access is required, such as for acute care, after which it can be restricted. The framework can be used to design data release that, together with privacy-enhancing technologies, can minimize downstream privacy risks.
