A data-driven approach to choosing privacy parameters for clinical trial data sharing under differential privacy

Objectives Clinical trial data sharing is crucial for promoting transparency and collaborative efforts in medical research. Differential privacy (DP) is a formal statistical technique for anonymizing shared data that balances privacy of individual records and accuracy of replicated results through a "privacy budget" parameter, epsilon. DP is considered the state of the art in privacy-protected data publication and is underutilized in clinical trial data sharing. This study is focused on identifying epsilon values for the sharing of clinical trial data. Materials and Methods We analyzed 2 clinical trial datasets with privacy budget epsilon ranging from 0.01 to 10. Smaller values of epsilon entail adding greater amounts of random noise, with better privacy as a result. Comparison of rates, odds ratios, means, and mean differences between the original clinical trial datasets and the empirical distribution of the DP estimator was performed. Results The DP rate closely approximated the original rate of 6.5% when epsilon > 1. The DP odds ratio closely aligned with the original odds ratio of 0.689 when epsilon >= 3. The DP mean closely approximated the original mean of 164.64 when epsilon >= 1. As epsilon increased to 5, both the minimum and maximum DP means converged toward the original mean. Discussion There is no consensus on how to choose the privacy budget epsilon. The definition of DP does not specify the required level of privacy, and there is no established formula for determining epsilon. Conclusion Our findings suggest that the application of DP holds promise in the context of sharing clinical trial data.