DSAP: Data Sharing Agreement Privacy Ontology

Abstract

Medical researchers utilize data sharing agreements (DSA) to communicate privacy policies that govern the treatment of data in their collaboration. Expression of privacy policies in DSAs have been achieved through the use of natural and policy languages. However, ambiguity in natural language and rigidness in policy languages make them unsuitable for use in collaborative medical research. Our goal is to develop an unambiguous and flexible form of expression of privacy policies for collaborative medical research. In this thesis, we developed a DSA Privacy Ontology to express privacy policies in medical research. Our ontology was designed with hierarchy structure, lightweight in expressivity, closed world assumption in interpretation, and the reuse of other ontologies. The design allows our ontology to be flexible and extensible. Being flexible allows our ontology to express different types of privacy policies. Being extensible allows our ontology to be mapped to other linkable ontologies without the need to change our existing ontology. We demonstrate that our ontology is capable of supporting the DSA in a collaborative research data sharing scenario through providing the appropriate vocabulary and structure to log privacy events in a linked data based audit log. Furthermore, through querying the audit log, we can answer privacy competency questions relevant to medical researchers.