Puskaric Miroslav, Gusinow Roy, Górska Anna, Hasenauer Jan
HLRS - High Performance Computing Center Stuttgart, University of Stuttgart, Germany.
Bonn Center for Mathematical Life Sciences, Life & Medical Sciences (LIMES) Institute, University of Bonn, Germany.
Stud Health Technol Inform. 2025 Jun 26;328:505-509. doi: 10.3233/SHTI250771.
Data protection regulations, such as the GDPR, ensure individuals' rights regarding processing of their personal data, including the 'right to be forgotten,' which mandates the opt-out and deletion of personal data from datasets at any stage. Homomorphic encryption enables arithmetic operations on encrypted numerical vectors while keeping the data and intermediate results hidden throughout the analysis process. This paper presents an implementation of the right to be forgotten using homomorphic encryption, designed for a real-world use case involving the collection and storage of clinical data in an international collaboration. We introduce methods for structuring data as collections of encrypted vectors and propose algorithms for privacy-preserving opt-out and verifiable data deletion. These algorithms are implemented and tested in a software prototype, with a performance analysis of their computational efficiency. Our approach provides a framework for patient withdrawal at any stage of a clinical trial, balancing the need for data privacy with the computational constraints of homomorphic encryption by structuring clinical datasets into encrypted vector collections.
数据保护法规,如《通用数据保护条例》(GDPR),确保个人在其个人数据处理方面的权利,包括“被遗忘权”,该权利要求在任何阶段都能选择退出并从数据集中删除个人数据。同态加密能够对加密的数值向量进行算术运算,同时在整个分析过程中保持数据和中间结果的隐藏。本文提出了一种使用同态加密实现被遗忘权的方法,该方法是为一个涉及国际合作中临床数据收集和存储的实际用例而设计的。我们介绍了将数据构造为加密向量集合的方法,并提出了用于隐私保护的选择退出和可验证数据删除的算法。这些算法在一个软件原型中实现并进行了测试,并对其计算效率进行了性能分析。我们的方法为临床试验的任何阶段的患者退出提供了一个框架,通过将临床数据集构造为加密向量集合,在数据隐私需求与同态加密的计算限制之间取得平衡。
