Audit: ACCOUNTABILITY MECHANISMS

Lead Institution: Carnegie Mellon University

Project Leader: Anupam Datta

Research Progress

  • Abstract

    Effective enforcement of laws and policies requires expending resources to prevent and detect offenders, as well as appropriate punishment schemes to deter violators. In particular, enforcement of privacy laws and policies in modern health care organizations that hold large volumes of personal information relies heavily on internal audit mechanisms. The goal of this project is to develop models and mechanisms for accountable data governance that can provide operational guidance to organizations on how to allocate their budget to best manage privacy risks (through audit and punishments) as well as help evaluate effectiveness of public policy interventions in promoting privacy-respecting behavior (e.g., HHS audits, data breach disclosure laws).

  • Focus of the research/Market need for this project

    Human auditors cannot manually inspect all accesses made to medical records. Audit tools in the health care market flag potential violations based on various heuristics, but do not provide a systematic ranking of these violations based on risk. This project addresses this market need by developing models and mechanisms that can provide operational guidance to better manage privacy risks.

  • Project Aims/Goals

    The goal of this project is to develop models and mechanisms for accountable data governance that can provide operational guidance to organizations on how to allocate their budget to best manage privacy risks (through audit and punishments) as well as help evaluate effectiveness of public policy interventions in promoting privacy-respecting behavior (e.g., HHS audits, data breach disclosure laws).

  • Key Conclusions/Significant Findings/Milestones Reached

    We designed a set of models and algorithms for risk management in health care organizations in settings where the adversary’s incentives are known (e.g., gain from medical identity theft etc.) [3,4] and settings in which the adversary’s incentives are not known [1,2,5]. We used the models to predict effectiveness of public policy interventions, in particular, external audits (e.g., mandated by HHS) and data breach notification laws [3]. Additional work building on [3,4] is needed before these algorithms are ready for use in practice. Specifically, we suggest follow up studies on evaluating public policy interventions building on the model in [3] and practical audit resource allocation mechanisms built on [4].

  • Materials Available for Other Investigators/interested parties

    All models and algorithms are available in publications at the SI’s web site: http://www.andrew.cmu.edu/user/danupam/privacy.html

  • Market entry strategies

    We are now working on an audit model and efficient algorithms for computing audit strategies that cleanly generalize prior work on “security games” by Tambe et al at USC. One of the reasons for pursuing this direction is that it can lead us to audit algorithms that are efficient enough to be used in practice. The line of work by Tambe et al. has produced a set of security patrol scheduling mechanisms that have been deployed at LAX airport to prescribe patrolling schedules, as well as for scheduling air marshals on planes and coast guard patrols. We have had conversations with a startup from that group that is interested in developing related commercial audit technology for health care organizations.

Bibliography
Adaptive Regret Minimization in Bounded-Memory Games
Jeremiah Blocki, Nicolas Christin, Anupam Datta, and Arunesh Sinha
Proceedings of 4th Conference on Decision and Game Theory for Security, November 2013

Audit Games
Jeremiah Blocki, Nicolas Christin, Anupam Datta, Ariel D. Procaccia, and Arunesh Sinha
Proceedings of 23rd International Joint Conference on Artificial Intelligence, August 2013

Audit Mechanisms for Provable Risk Management and Accountable Data Governance
Jeremiah Blocki, Nicolas Christin, Anupam Datta, and Arunesh Sinha
Proceedings of 3rd Conference on Decision and Game Theory for Security, November 2012

Regret Minimizing Audits: A Learning-Theoretic Basis for Privacy Protection
Jeremiah Blocki, Nicolas Christin, Anupam Datta, and Arunesh Sinha
Proceedings of 24th IEEE Computer Security Foundations Symposium, June 2011

Audit Mechanisms for Privacy Protection in Healthcare Environments
Jeremiah Blocki, Nicolas Christin, Anupam Datta, and Arunesh Sinha
Position Paper. 2nd USENIX Workshop on Health Security and Privacy, August 2011