From: daw@cs.berkeley.edu (David Wagner)
To: cypherpunks@toad.com
Message Hash: d29d1738fe153da60ed7d611d7901581520c494b3e8f13e88d9c4a8725ac096c
Message ID: <4onta5$4fb@joseph.cs.berkeley.edu>
Reply To: <v01540b02add1fc6e4658@[193.239.225.200]>
UTC Datetime: 1996-06-01 04:50:41 UTC
Raw Date: Sat, 1 Jun 1996 12:50:41 +0800
From: daw@cs.berkeley.edu (David Wagner)
Date: Sat, 1 Jun 1996 12:50:41 +0800
To: cypherpunks@toad.com
Subject: Re: Statistical analysis of anonymous databases
In-Reply-To: <v01540b02add1fc6e4658@[193.239.225.200]>
Message-ID: <4onta5$4fb@joseph.cs.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain
In article <v01540b02add1fc6e4658@[193.239.225.200]>,
Clay Olbon II <Clay.Olbon@dynetics.com> wrote:
> In medical research (this particular application - there are others I am
> sure) it is desirable to have a large database of individual medical
> histories available to search for correlations, risk factors, etc. The
> problem, of course, is that many individuals want their medical histories
> kept private. It is therefore necessary to maintain a database that is not
> traceable back to individuals. An additional requirement is that people
> must be able to add additional information to their records as it becomes
> available.
How about a simple non-technical solution? Each patient picks a
random pseudonym; the database is keyed off that pseudonym, and the
person's True Name(tm) never appears in the database. Patients
should remember their pseudonym (or write it down); then they can
add information to the database.
Ahh, anonymity.
(Hey, I posted about something exportable-- that should fill my
quota for the year. :-)
Return to June 1996
Return to “daw@cs.berkeley.edu (David Wagner)”