Limitations of Differential Privacy and Homomorphic Encryption for Clinical Data Collaboration

The article discusses the limitations of differential privacy (DP) and homomorphic encryption (HE) for protecting patient data during inter-hospital collaboration. It highlights issues like the fast depletion of the privacy budget, the tradeoff between utility and privacy, and the requirement for data movement even with DP and HE.

Details

The article explains that differential privacy (DP) and homomorphic encryption (HE) are commonly proposed techniques to enable cross-institution collaboration on clinical data without exposing individual patient records. However, the author argues that these approaches have fundamental limitations that make them unsuitable for real-world clinical settings. DP provides a privacy budget that is quickly depleted by iterative queries, and the noise required to achieve meaningful privacy levels overwhelms the signal for rare disease populations. HE, on the other hand, has prohibitively high computational overhead and key management challenges that create trust dependencies. Crucially, both DP and HE still require patient data to leave the hospital and be transmitted to a central aggregator or computation site, exposing it during transit even if it is protected at the final destination. The author suggests that a fundamentally different approach, the Quadratic Intelligence Swarm (QIS) protocol, may be a more effective solution by routing only validated outcome deltas between hospitals instead of raw patient data.