Privacy-Preserving EHR Data Transformation via Geometric Operators: A Human-AI Co-Design Technical Report
This addresses privacy barriers in healthcare data sharing for multi-center studies and AI model development, though it appears incremental as an alternative to existing cryptographic methods.
The paper tackles the problem of sharing electronic health records (EHRs) for clinical research and AI development while preserving privacy, proposing a data transformation framework that creates numeric views maintaining medical semantics and statistical properties while provably breaking direct linkage to patient attributes under a specified threat model, with empirical evaluation showing protection against reconstruction, linkage, membership, and attribute inference attacks.
Electronic health records (EHRs) and other real-world clinical data are essential for clinical research, medical artificial intelligence, and life science, but their sharing is severely limited by privacy, governance, and interoperability constraints. These barriers create persistent data silos that hinder multi-center studies, large-scale model development, and broader biomedical discovery. Existing privacy-preserving approaches, including multi-party computation and related cryptographic techniques, provide strong protection but often introduce substantial computational overhead, reducing the efficiency of large-scale machine learning and foundation-model training. In addition, many such methods make data usable for restricted computation while leaving them effectively invisible to clinicians and researchers, limiting their value in workflows that still require direct inspection, exploratory analysis, and human interpretation. We propose a real-world-data transformation framework for privacy-preserving sharing of structured clinical records. Instead of converting data into opaque representations, our approach constructs transformed numeric views that preserve medical semantics and major statistical properties while, under a clearly specified threat model, provably breaking direct linkage between those views and protected patient-level attributes. Through collaboration between computer scientists and the AI agent \textbf{SciencePal}, acting as a constrained tool inventor under human guidance, we design three transformation operators that are non-reversible within this threat model, together with an additional mixing strategy for high-risk scenarios, supported by theoretical analysis and empirical evaluation under reconstruction, record linkage, membership inference, and attribute inference attacks.