Semi-automated De-identification of German Content Sensitive Reports for Big Data Analytics

 

 Permissions and Reprints

Abstract

Purpose Projects involving collaborations between different institutions require data security via selective de-identification of words or phrases. A semi-automated de-identification tool was developed and evaluated on different types of medical reports natively and after adapting the algorithm to the text structure.

Materials and Methods A semi-automated de-identification tool was developed and evaluated for its sensitivity and specificity in detecting sensitive content in written reports. Data from 4671 pathology reports (4105 + 566 in two different formats), 2804 medical reports, 1008 operation reports, and 6223 radiology reports of 1167 patients suffering from breast cancer were de-identified. The content was itemized into four categories: direct identifiers (name, address), indirect identifiers (date of birth/operation, medical ID, etc.), medical terms, and filler words. The software was tested natively (without training) in order to establish a baseline. The reports were manually edited and the model re-trained for the next test set. After manually editing 25, 50, 100, 250, 500 and if applicable 1000 reports of each type re-training was applied.

Results In the native test, 61.3 % of direct and 80.8 % of the indirect identifiers were detected. The performance (P) increased to 91.4 % (P25), 96.7 % (P50), 99.5 % (P100), 99.6 % (P250), 99.7 % (P500) and 100 % (P1000) for direct identifiers and to 93.2 % (P25), 97.9 % (P50), 97.2 % (P100), 98.9 % (P250), 99.0 % (P500) and 99.3 % (P1000) for indirect identifiers. Without training, 5.3 % of medical terms were falsely flagged as critical data. The performance increased, after training, to 4.0 % (P25), 3.6 % (P50), 4.0 % (P100), 3.7 % (P250), 4.3 % (P500), and 3.1 % (P1000). Roughly 0.1 % of filler words were falsely flagged.

Conclusion Training of the developed de-identification tool continuously improved its performance. Training with roughly 100 edited reports enables reliable detection and labeling of sensitive data in different types of medical reports.

Key Points: 

• Collaborations between different institutions require de-identification of patients’ data

• Software-based de-identification of content-sensitive reports grows in importance as a result of ‘Big data’

• A de-identification software was developed and tested natively and after training

• The proposed de-identification software worked quite reliably, following training with roughly 100 edited reports

• A final check of the texts by an authorized person remains necessary

Citation Format

• Seuss H, Dankerl P, Ihle M et al. Semi-automated De-identification of German Content Sensitive Reports for Big Data Analytics. Fortschr Röntgenstr 2017; 189: 661 – 671

Zusammenfassung

Ziel Projekte bei denen verschiedene Institutionen in Kooperation miteinander stehen, erfordern einen Schutz von Patientendaten durch selektive Deidentifizierung von Wörtern oder Ausdrücken. Eine automatisierte Deidentifikations-Software wurde entwickelt und anhand verschiedener medizinischer Berichte, zuerst ohne und anschließend nach Anpassung des Algorithmus an die Textstruktur, getestet.

Material und Methoden Die Software für Text-Mining und Deidentifizierung wurde in medizinischen Berichten zur Erfassung sensibler Inhalte auf ihre Sensitivität und Spezifität getestet. 4671 pathologische (4105 + 566 in zwei unterschiedlichen Formaten), 2804 medizinische, 1008 operative und 6223 radiologische Berichte von 1167 Patientinnen und Patienten, die an Brustkrebs leiden, wurden deidentifiziert. Der Inhalt wurde in vier Kategorien aufgeschlüsselt: direkte Kennung (Name, Adresse), indirekte Kennung (Geburtsdatum, Operationsdatum, medizinische ID, etc.), medizinische Begriffe und Füllwörter. Die Software wurde nativ getestet (ohne Training), um einen Ausgangswert zu erhalten. Anschließend wurde das Modell an manuell korrigierten Berichten erneut trainiert. Nach der Bearbeitung von 25, 50, 100, 250, 500 und 1000 Berichten eines jeden Typs, wurde ein erneutes Training durchgeführt.

Ergebnisse Nativ wurden 61,3 % der direkten und 80,8 % der indirekten Kennungen nachgewiesen. Nach dem Training erhöhte sich die Leistung (P) auf 91,4 % (P25), 96,7 % (P50), 99,5 % (P100), 99,6 % (P250), 99,7 % (P500) und 100 % (P1000) für direkte Kennungen und 93,2 % (P25), 97,9 % (P50), 97,2 % (P100), 98,9 % (P250), 99,0 % (P500) und 99,3 % (P1000) für indirekte Kennungen. Im Durchschnitt wurden 5,3 % der medizinischen Begriffe als kritische Daten gekennzeichnet, nach dem Training waren es 4,0 % (P25), 3,6 % (P50), 4,0 % (P100), 3,7 % (P250), 4,3 % (P500), 3,1 % (P1000). Etwa 0,1 % der Füllwörter wurden gekennzeichnet.

Schlussfolgerung Das Training der entwickelten Deidentifikations-Software verbessert ihre Performance kontinuierlich. Das Training mit etwa 100 korrigierten Texten ermöglicht eine zuverlässige Detektion und Markierung der sensiblen Daten in unterschiedlichen medizinischen Texten.

Kernaussagen: 

• Wenn Patientendaten zwischen unterschiedlichen Institutionen ausgetauscht werden, müssen diese zuvor deidentifiziert werden

• Die softwarebasierte Deidentifikation von vertraulichen Patientendaten wird durch “Big Data” immer wichtiger

• Eine Deidentifikations-Software wurde entwickelt und im Rohzustand sowie nach manuellem Training getestet

• Nach dem Training mit etwa 100 korrigierten Texten arbeitete der Algorithmus relativ zuverlässig

• Eine abschließende Kontrolle der Texte durch eine autorisierte Person ist dennoch erforderlich

• References

• 1 Edelstein L. The Hippocratic oath, text, translation and interpretation. Baltimore: The Johns Hopkins press; 1943
  Google Scholar
• 2 Nass SJ. Levit LA. Gostin LO. Institute of Medicine (US) Committee on Health Research and the Privacy of Health Information: The HIPAA Privacy Rule. Washington (DC): National Academies Press (US); 2009
  PubMedGoogle Scholar
• 3 U.S. Department of Health & Human Services. Federal Policy for the Protection of Human Subjects (“Common Rule”). 1991
  PubMedGoogle Scholar
• 4 European Parliament, Council of the European Union. Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications). 2002
  PubMedGoogle Scholar
• 5 Neamatullah I. Douglass MM. Lehman LW. et al. Automated de-identification of free-text medical records. BMC medical informatics and decision making 2008; 8: 32
  CrossrefPubMedGoogle Scholar
• 6 Kushida CA. Nichols DA. Jadrnicek R. et al. Strategies for de-identification and anonymization of electronic health record data for use in multicenter research studies. Medical care 2012; 50: S82-S101
  CrossrefPubMedGoogle Scholar
• 7 Sweeney L. Computational disclosure control: a primer on data privacy protection. PhD thesis, Massachusetts Institute of Technology 2001 http://groups.csail.mit.edu/mac/classes/6.805/articles/privacy/sweeney-thesis-draft.pdf . Accessed February 22, 2017
  PubMedGoogle Scholar
• 8 Gupta D. Saul M. Gilbertson J. Evaluation of a deidentification (De-Id) software engine to share pathology reports and clinical documents for research. American journal of clinical pathology 2004; 121: 176-186
  CrossrefPubMedGoogle Scholar
• 9 Lafferty JD. McCallum A. Pereira FCN. Conditional Random Fields: Probabilistic Models for Segmenting and Labeling Sequence Data. Proceedings of the Eighteenth International Conference on Machine Learning. 2001
  PubMedGoogle Scholar
• 10 Thomas SM. Mamlin B. Schadow G. et al. A successful technique for removing names in pathology reports using an augmented search and replace method. Proceedings / AMIA Annual Symposium AMIA Symposium. 2002: 777-781
  PubMedGoogle Scholar
• 11 Toepfer M. Corovic H. Fette G. et al. Fine-grained information extraction from German transthoracic echocardiography reports. BMC medical informatics and decision making 2015; 15: 91
  CrossrefPubMedGoogle Scholar
• 12 Bretschneider C. Zillner S. Hammon M. Identifying pathological findings in German radiology reports using a syntacto-semantic parsing approach. Proceedings of BioNLP 2013; 27-35
  PubMedGoogle Scholar
• 13 Ruch P. Baud RH. Rassinoux AM. et al. Medical document anonymization with a semantic lexicon. Proceedings / AMIA Annual Symposium AMIA Symposium. 2000: 729-733
  PubMedGoogle Scholar
• 14 Douglass M. Clifford GD. Reisner A. et al. Computer-assisted de-identification of free text in the MIMIC II database. Computers in Cardiology 2004; 2004: 341-344
  PubMedGoogle Scholar
• 15 Burnside ES. Sickles EA. Bassett LW. et al. The ACR BI-RADS experience: learning from history. J Am Coll Radiol 2009; 6: 851-860
  CrossrefPubMedGoogle Scholar
• 16 Margolies LR. Pandey G. Horowitz ER. et al. Breast Imaging in the Era of Big Data: Structured Reporting and Data Mining. Am J Roentgenol American journal of roentgenology 2016; 206: 259-264
  PubMedGoogle Scholar
• 17 Hobby JL. Tom BD. Todd C. et al. Communication of doubt and certainty in radiological reports. Br J Radiol 2000; 73: 999-1001
  CrossrefPubMedGoogle Scholar
• 18 Robinson PJ. Radiology's Achilles' heel: error and variation in the interpretation of the Rontgen image. Br J Radiol 1997; 70: 1085-1098
  CrossrefPubMedGoogle Scholar
• 19 Hawkins CM. Hall S. Zhang B. et al. Creation and implementation of department-wide structured reports: an analysis of the impact on error rate in radiology reports. J Digit Imaging 2014; 27: 581-587
  CrossrefPubMedGoogle Scholar
• 20 Durack JC. The value proposition of structured reporting in interventional radiology. Am J Roentgenol American journal of roentgenology 2014; 203: 734-738
  PubMedGoogle Scholar
• 21 Mitchell DG. Bruix J. Sherman M. et al. LI-RADS (Liver Imaging Reporting and Data System): summary, discussion, and consensus of the LI-RADS Management Working Group and future directions. Hepatology (Baltimore, Md) 2015; 61: 1056-1065
  CrossrefPubMedGoogle Scholar
• 22 American College of Radiology. Lung CT Screening Reporting and Data System (Lung-RADS). https://www.acr.org/Quality-Safety/Resources/LungRADS . Accessed February 22, 2017
  PubMedGoogle Scholar
• 23 Barentsz JO. Richenberg J. Clements R. et al. ESUR prostate MR guidelines 2012. Eur Radiol 2012; 22: 746-757
  CrossrefPubMedGoogle Scholar
• 24 Johnson AJ. Chen MY. Swan JS. et al. Cohort study of structured reporting compared with conventional dictation. Radiology 2009; 253: 74-80
  CrossrefPubMedGoogle Scholar