The US Department of Health and Human Services (HHS) began publishing Linked Data in 2011 as part of an ongoing effort to inform the public and stimulate new health care applications. The Digital Enterprise Research Institute (DERI) is recognized as one of the leading international web science research institutes interlinking technologies, information and people to advance business and benefit society. In the US, the President's Council of Advisors on Science and Technology (PCAST) published a report on Health IT that imagines new scenarios and recommends new capabilities for interacting with health data. At DERI, innovative ontology and software implementations demonstrate how users can create and manage fine-grained privacy preferences that restrict or grant access to their Linked Data This session will give an overview of the HHS/DERI collaboration to implement 'data element access services' towards the realization of patient controlled privacy. • US Department of Health and Human Services • PCAST Health Information Technology Report • Digital Enterprise Research Institute • Privacy Preference Ontology and Manager • Puelia and Linked Data API http://semtechbizsf2012.semanticweb.com/sessionPop.cfm?confid=65&proposalid=4539

1. Digital Enterprise Research Institute www.deri.ie
Towards Patient Controlled
Privacy
SemTechBiz 2012 - San Francisco Tuesday 5th June 2012
Owen Sacco
owen.sacco@deri.org

2. Digital Enterprise Research Institute www.deri.ie
Located at the National University of Ireland, Galway
Leading Semantic Web Research Institute
Enabling Networked Knowledge
Approx 140 members from 30+ nations

3. Digital Enterprise Research Institute www.deri.ie
US Government’s principal agency for:
☤ Protecting the Health of all Americans
Enabling Networked Knowledge
☤ Providing all essential Human Services

4. Digital Enterprise Research Institute www.deri.ie
HEALTH
AND
HUMAN
SERVICES
DOMAIN
IT
PROGRAM
MANAGEMENT
OFFICE
Promote
the
advancement
of
the
Health,
Safety,
and
Well-­‐Being
of
the
American
People
HHS IT Asset Discovery Application
HADA
Enabling Networked Knowledge

5. HEALTH
AND
HUMAN
SERVICES
DOMAIN
IT
PROGRAM
MANAGEMENT
OFFICE
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge

6. HEALTH
AND
HUMAN
SERVICES
DOMAIN
IT
PROGRAM
MANAGEMENT
OFFICE
Digital Enterprise Research Institute www.deri.ie
Currently, data about HHS IT Investments exists:
In different In different With different
systems data models levels of access
Enabling Networked Knowledge

7. HEALTH
AND
HUMAN
SERVICES
DOMAIN
IT
PROGRAM
MANAGEMENT
OFFICE
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge

8. HEALTH
AND
HUMAN
SERVICES
DOMAIN
IT
PROGRAM
MANAGEMENT
OFFICE
Digital Enterprise Research Institute www.deri.ie
HADA aims to provide intelligent:
Aggregation of this data to support information discovery
Interoperability amongst the different systems
Fine-grained Access Control
Using Semantic Web principles
Enabling Networked Knowledge

9. HEALTH
AND
HUMAN
SERVICES
DOMAIN
IT
PROGRAM
MANAGEMENT
OFFICE
Digital Enterprise Research Institute www.deri.ie
Public Data
WWW
Docs EPLC and
Enterprise other docs
Repositories Data
IT asset information are
pre-aggregated from
multiple data sources
Which are stored
Semantic Database in a database
Access rules are checked to
grant or restrict access to
the IT Investment Cost Data Access Rules
Who can see what?
She searches for
If she has access,
Web Application
a specific IT the
she can view
Enabling Networked Knowledge
Investment cost
Investment cost

10. HEALTH
AND
HUMAN
SERVICES
DOMAIN
IT
PROGRAM
MANAGEMENT
OFFICE
Digital Enterprise Research Institute www.deri.ie
Presentation
and
Navigation
of Content Presentation Layer
Enforcement
of Privacy Privacy Preference Manager
Policies
Privacy Preferences Repositories Privacy Layer
Semantic Database
Semantic
Model
Transformation
Existing Ontologies Semantic Transformation
(e.g. FEA) and Synthesis Semantic Layer
Extracted
instance data XML XML XML XML XML
in XML format Content Extraction
Layer
System Content Extraction Metadata Extraction and Manual Clarification
Code Docs Etc.
Instance data
Enabling Networked Knowledge
CPIC Repositories EA Repositories Code, Documentation, Etc. Repositories Data Layer

11. HEALTH
AND
HUMAN
SERVICES
DOMAIN
IT
PROGRAM
MANAGEMENT
OFFICE
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge

12. HEALTH
AND
HUMAN
SERVICES
DOMAIN
IT
PROGRAM
MANAGEMENT
OFFICE
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge

13. HEALTH
AND
HUMAN
SERVICES
DOMAIN
IT
PROGRAM
MANAGEMENT
OFFICE
Digital Enterprise Research Institute www.deri.ie
Publishing Linked Data using the Linked Data API
• A RESTful API over RDF graphs
• Acts as a proxy over SPARQL endpoints
• Easy-to-process representations of resources
Indexing and searching RDF data using SIREn
“A Lucene plugin to efficiently index and query
RDF, as well as any textual document with an
arbitrary amount of metadata fields”
Storing RDF data using Sesame over MySQL
Enabling Networked Knowledge

14. HEALTH
AND
HUMAN
SERVICES
DOMAIN
IT
PROGRAM
MANAGEMENT
OFFICE
Digital Enterprise Research Institute www.deri.ie
Role based access and fine grained access
Subject Predicate Object Context
Rules
based Where the data HADA hasName “HHS IT Asset HEAR
on… comes from Context Discovery
Application”
HADA hasAcronym “HADA” HEAR
What the data is
about Subject HADA hasCost $12345 CPIC
HADA hasIPAddress 107.20.137.21 HEAR
0
What the data is HADA belongsTo HHS HEAR
describing Predicate
HADA hasLabel “Health and ITDashboard
Human
Properties of the Services
Asset
data itself Object Discovery
Application”
Any combination of HADA hasAcronym “HADA” ITDashboard
the above
More than one rule can be applied to each
data element Enabling Networked Knowledge

15. Privacy Preference Ontology
Digital Enterprise Research Institute www.deri.ie
ppo:PrivacyPreference ppo:hasAccessSpace ppo:AccessSpace ppo:hasAccessQuery
This
rdfs:Literal
rdfs:Literal represents a
SPARQL
query as a
String.
ppo:appliesToResource ppo:appliesToStatement ppo:appliesToNamedGraph ppo:hasCondition
ppo:hasAccess
rdfs:Resource rdf:Statement trix:Graph ppo:Condition
acl:Access
ppo:resourceAsSubject ppo:resourceAsObject ppo:classAsSubject ppo:classAsObject ppo:hasLiteral ppo:hasProperty
rdfs:Resource rdfs:Resource rdfs:Class rdfs:Class rdfs:Literal rdf:Property
Applies To Conditions Access Test Queries Access Control Privileges
Namespace: http://vocab.deri.ie/ppo# Enabling Networked Knowledge
Ref.: O.Sacco and A.Passant. A Privacy Preference Ontology (PPO) for Linked Data. LDOW 2011.

16. Privacy Preference Ontology
Digital Enterprise Research Institute www.deri.ie
PREFIX ppo: <http://vocab.deri.ie/ppo#> .
PREFIX hada: <http://hprod.dyndns.org/> .
hada:pp1 a ppo:PrivacyPreference;
ppo:appliesToResource
<http://hprod.dyndns.org/hada/Investment/90000001>;
ppo:hasAccess acl:Read;
ppo:hasAccessSpace
[ ppo:hasAccessQuery
"ASK {?x foaf:topic_interest
<http://hprod.dyndns.org/hada/vocab/Asset>}"].
Namespace: http://vocab.deri.ie/ppo# Enabling Networked Knowledge
Ref.: O.Sacco and A.Passant. A Privacy Preference Ontology (PPO) for Linked Data. LDOW 2011.

17. Privacy Preference Ontology
Digital Enterprise Research Institute www.deri.ie
Privacy Preference
ppo:appliesToResource ppo:hasAccessQuery
ppo:hasAccess
90000001 acl:Read Who is interested
in Asset
Namespace: http://vocab.deri.ie/ppo# Enabling Networked Knowledge
Ref.: O.Sacco and A.Passant. A Privacy Preference Ontology (PPO) for Linked Data. LDOW 2011.

18. Privacy Preference Manager
Digital Enterprise Research Institute www.deri.ie
Privacy Preference Manager provides:
User
• Creating privacy preferences
• Enforcing privacy preferences
Privacy Preference
Manager
Privacy Preferences
Repositories
SPARQL Endpoint
Enabling Networked Knowledge
RDF Documents

19. Enforcing Privacy Policies
Digital Enterprise Research Institute www.deri.ie
John SPARQL Endpoint
John’s Profile
RDF Documents
Logs In
John’s RDF Profile
Request
Request RDF DATA
Privacy Preference
RDF Data Retriever Manager
& Parser
Query Access Query Result
RDF Data
Request Query
Privacy Preferences
Privacy
Enforcer
Filtered Privacy Preferences
RDF Data Preference
Privacy Preferences
Creator
Enabling Networked Knowledge

20. Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge

21. Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge

22. Towards Patient Controlled Privacy
Digital Enterprise Research Institute www.deri.ie
HHS is exploring to use on healthdata.gov:
• Linked Data API for publishing Linked Data
• Privacy Preference Framework to provide the Patient
to control third party access to his/her health data
Interface Interface
Alex John
Privacy Preference Privacy Preference
Manager Manager
Privacy Preferences
Privacy Preferences
SPARQL Endpoint SPARQL Endpoint
Enabling Networked Knowledge
RDF Documents RDF Documents

23. Links
Digital Enterprise Research Institute www.deri.ie
n HADA: http://hprod.dyndns.org/
n Linked Data API: http://code.google.com/p/linked-data-api/
n SIREn: http://siren.sindice.com/
n Sesame: http://www.openrdf.org/
n PPO Namespace URI: http://vocab.deri.ie/ppo#
n PPM Screencasts:
¨ Creating Privacy Preferences: http://bit.ly/p0N1Vi
¨ Viewing Filtered Triples: http://bit.ly/qiAdxT
n Email: owen.sacco@deri.org
Enabling Networked Knowledge