ACS develops data sharing framework
The Australian Computer Society (ACS) has developed a new technique for more safely and securely sharing data between entities without compromising individuals’ privacy.
In a new report released at the Akolade Australian Data Summit, the professional association detailed a technique developed by the ACS Data Sharing Committee, led by the NSW Chief Data Scientist, Dr Ian Oppermann.
The committee, which also has members from state and federal governments as well as industry representatives such as Standards Australia, the CSIRO and Microsoft, spent more than two years evaluating data sharing standards, practices and challenges.
The new report is designed to act as a framework for addressing the complexity of data sharing, Oppermann said.
“We think getting this right is crucial for the future of Australian ICT. The benefits of data sharing are immense, but the risks are high. This is a way to enjoy the benefits while managing the risks,” he said.
The framework includes components based on identifying and defining personal information in datasets, establishing guidelines for safe data and personal information handling, and implementing data protection policies.
It also details an adoptable technique for anonymising data in a way that is designed to prevent re-identification and preserve individual privacy.
“Governments understand the benefit of releasing de-identified data to support research and to help drive industry. However, when important datasets are being considered for release, the concern is always the thought of what other datasets are out there and whether they could be combined,” Oppermann said.
“When the medical benefits dataset was released in 2016, with individual records de-identified, all was fine until that data met other data. For example, if you knew that a particular individual broke their arm in Canterbury in 2014, then you could cross-reference that with the medical dataset and be able to link a de-identified medical record with an individual.”
The report proposes a method to address this risk by adopting a standardised technique to ensure data is kept as safe as needed while still being usable for the purposes intended.
The underlying framework used in the report is based on a further developed version of the ‘Five Safes’ data analytics framework proposed in the 2017 ACS paper on data sharing.
The Five Safes framework is based on the dimensions of safe people, safe projects, safe setting (or controls on the way data is accessed), safe data and safe outputs (referring to the residual risk involved in publishing sensitive data).
The Australian Cyber Security Centre has released updated information outlining steps that can be...
Cybercriminals are now actively exploiting an unpatched vulnerability in Cisco software that...
Cyber attackers' average dwell time increased last year, with most cyber attackers aiming to...