A RESTful interface to pseudonymization services in modern web applications

Martin Lablans¹, Andreas Borg², Frank Ückert³

Affiliations

¹ Institute of Medical Biostatistics, Epidemiology and Informatics, University Medical Center of the Johannes Gutenberg University Mainz, Obere Zahlbacher Straße 69, Mainz, 55131, Germany. lablans@uni-mainz.de.
² Institute of Medical Biostatistics, Epidemiology and Informatics, University Medical Center of the Johannes Gutenberg University Mainz, Obere Zahlbacher Straße 69, Mainz, 55131, Germany. borga@uni-mainz.de.
³ Institute of Medical Biostatistics, Epidemiology and Informatics, University Medical Center of the Johannes Gutenberg University Mainz, Obere Zahlbacher Straße 69, Mainz, 55131, Germany. ueckert@uni-mainz.de.

PMID: 25656224
PMCID: PMC4350982
DOI: 10.1186/s12911-014-0123-5

A RESTful interface to pseudonymization services in modern web applications

Martin Lablans et al. BMC Med Inform Decis Mak. 2015.

. 2015 Feb 7:15:2.

doi: 10.1186/s12911-014-0123-5.

Authors

Martin Lablans¹, Andreas Borg², Frank Ückert³

Affiliations

¹ Institute of Medical Biostatistics, Epidemiology and Informatics, University Medical Center of the Johannes Gutenberg University Mainz, Obere Zahlbacher Straße 69, Mainz, 55131, Germany. lablans@uni-mainz.de.
² Institute of Medical Biostatistics, Epidemiology and Informatics, University Medical Center of the Johannes Gutenberg University Mainz, Obere Zahlbacher Straße 69, Mainz, 55131, Germany. borga@uni-mainz.de.
³ Institute of Medical Biostatistics, Epidemiology and Informatics, University Medical Center of the Johannes Gutenberg University Mainz, Obere Zahlbacher Straße 69, Mainz, 55131, Germany. ueckert@uni-mainz.de.

PMID: 25656224
PMCID: PMC4350982
DOI: 10.1186/s12911-014-0123-5

Abstract

Background: Medical research networks rely on record linkage and pseudonymization to determine which records from different sources relate to the same patient. To establish informational separation of powers, the required identifying data are redirected to a trusted third party that has, in turn, no access to medical data. This pseudonymization service receives identifying data, compares them with a list of already reported patient records and replies with a (new or existing) pseudonym. We found existing solutions to be technically outdated, complex to implement or not suitable for internet-based research infrastructures. In this article, we propose a new RESTful pseudonymization interface tailored for use in web applications accessed by modern web browsers.

Methods: The interface is modelled as a resource-oriented architecture, which is based on the representational state transfer (REST) architectural style. We translated typical use-cases into resources to be manipulated with well-known HTTP verbs. Patients can be re-identified in real-time by authorized users' web browsers using temporary identifiers. We encourage the use of PID strings for pseudonyms and the EpiLink algorithm for record linkage. As a proof of concept, we developed a Java Servlet as reference implementation.

Results: The following resources have been identified: Sessions allow data associated with a client to be stored beyond a single request while still maintaining statelessness. Tokens authorize for a specified action and thus allow the delegation of authentication. Patients are identified by one or more pseudonyms and carry identifying fields. Relying on HTTP calls alone, the interface is firewall-friendly. The reference implementation has proven to be production stable.

Conclusion: The RESTful pseudonymization interface fits the requirements of web-based scenarios and allows building applications that make pseudonymization transparent to the user using ordinary web technology. The open-source reference implementation implements the web interface as well as a scientifically grounded algorithm to generate non-speaking pseudonyms.

PubMed Disclaimer

Figures

**Figure 1**
**Example communication between user, web browser, MDAT server and pseudonymization service (IDAT server).**

**Figure 2**
**Components of the Mainzelliste reference implementation.** The arrows indicate in which direction components of the application access each other. See section ‘Reference implementation’ for a description of the components and their relations.

See this image and copyright information in PMC

References

1. Fielding RT. Architectural styles and the design of network-based software architectures. PhD thesis, University of California; 2000.
1. Richardson L, Ruby S. Restful Web Services. Sebastopol, CA: O’Reilly; 2007.
1. Fielding RT. REST APIs Must Be Hypertext-driven. http://roy.gbiv.com/untangled/2008/rest-apis-must-be-hypertext-driven. Accessed 17 Apr 2014.
1. Reng C-M, Pommerening K, Specker C, Debold P. Generische Lösungen zum Datenschutz Für die Forschungsnetze in der Medizin: Datenschutz und Medizinische Forschung Sind Vereinbar. Berlin: Medizinisch Wissenschaftliche Verlagsgesellschaft; 2006.
1. Spitzer M, Ullrich T, Ückert F. Securing a web-based teleradiology platform according to german law and “best practices”. Stud Health Technol Inform. 2009;150:730–4. - PubMed

Publication types

Actions

MeSH terms

Actions
Actions
Actions
Actions
Actions

LinkOut - more resources

Full Text Sources
Other Literature Sources
- The Lens - Patent Citations Database
- scite Smart Citations
Research Materials
- NCI CPTC Antibody Characterization Program

Save citation to file

Email citation

Add to Collections

Add to My Bibliography

Your saved search

Create a file for external citation management software

Your RSS Feed

A RESTful interface to pseudonymization services in modern web applications

Affiliations

A RESTful interface to pseudonymization services in modern web applications

Authors

Affiliations

Abstract

Figures

References

Publication types

MeSH terms

LinkOut - more resources

Full Text Sources

Other Literature Sources

Research Materials