Producing Excessive-Constancy and Privateness-Preserving Artificial Digital Well being Data – Google AI Weblog

Evaluation of Digital Well being Data (EHR) has an amazing potential for enhancing affected person care, quantitatively measuring efficiency of scientific practices, and facilitating scientific analysis. Statistical estimation and machine studying (ML) fashions educated on EHR knowledge can be utilized to foretell the chance of varied ailments (corresponding to diabetes), observe affected person wellness, and predict how sufferers reply to particular medication. For such fashions, researchers and practitioners want entry to EHR knowledge. Nevertheless, it may be difficult to leverage EHR knowledge whereas making certain knowledge privateness and conforming to affected person confidentiality rules (corresponding to HIPAA).

Standard strategies to anonymize knowledge (e.g., de-identification) are sometimes tedious and expensive. Furthermore, they’ll distort necessary options from the unique dataset, lowering the utility of the info considerably; they can be prone to privateness assaults. Alternatively, an strategy primarily based on producing artificial knowledge can keep each necessary dataset options and privateness.

To that finish, we suggest a novel generative modeling framework in “EHR-Secure: Producing Excessive-Constancy and Privateness-Preserving Artificial Digital Well being Data“. With the modern methodology in EHR-Secure, we present that artificial knowledge can fulfill two key properties: (i) excessive constancy (i.e., they’re helpful for the duty of curiosity, corresponding to having related downstream efficiency when a diagnostic mannequin is educated on them), (ii) meet sure privateness measures (i.e., they don’t reveal any actual affected person’s id). Our state-of-the-art outcomes stem from novel approaches for encoding/decoding options, normalizing complicated distributions, conditioning adversarial coaching, and representing lacking knowledge.

Producing artificial knowledge from the unique knowledge with EHR-Secure.

Challenges of Producing Sensible Artificial EHR Knowledge

There are a number of basic challenges to producing artificial EHR knowledge. EHR knowledge include heterogeneous options with completely different traits and distributions. There may be numerical options (e.g., blood stress) and categorical options with many or two classes (e.g., medical codes, mortality consequence). A few of these could also be static (i.e., not various in the course of the modeling window), whereas others are time-varying, corresponding to common or sporadic lab measurements. Distributions may come from completely different households — categorical distributions may be extremely non-uniform (e.g., for under-represented teams) and numerical distributions may be extremely skewed (e.g., a small proportion of values being very giant whereas the overwhelming majority are small). Relying on a affected person’s situation, the variety of visits may range drastically — some sufferers go to a clinic solely as soon as whereas some go to tons of of instances, resulting in a variance in sequence lengths that’s usually a lot increased in comparison with different time-series knowledge. There generally is a excessive ratio of lacking options throughout completely different sufferers and time steps, as not all lab measurements or different enter knowledge are collected.

Examples of actual EHR knowledge: temporal numerical options (higher) and temporal categorical options (decrease).

EHR-Secure: Artificial EHR Knowledge Technology Framework

EHR-Secure consists of sequential encoder-decoder structure and generative adversarial networks (GANs), depicted within the determine beneath. As a result of EHR knowledge are heterogeneous (as described above), direct modeling of uncooked EHR knowledge is difficult for GANs. To avoid this, we suggest using a sequential encoder-decoder structure, to study the mapping from the uncooked EHR knowledge to the latent representations, and vice versa.

Block diagram of EHR-Secure framework.

Whereas studying the mapping, esoteric distributions of numerical and categorical options pose an excellent problem. For instance, some values or numerical ranges may dominate the distribution, however the functionality of modeling uncommon circumstances is crucial. The proposed characteristic mapping and stochastic normalization (reworking unique characteristic distributions into uniform distributions with out data loss) are key to dealing with such knowledge by changing to distributions for which the coaching of encoder-decoder and GAN are extra steady (particulars may be discovered within the paper). The mapped latent representations, generated by the encoder, are then used for GAN coaching. After coaching each the encoder-decoder framework and GANs, EHR-Secure can generate artificial heterogeneous EHR knowledge from any enter, for which we feed randomly sampled vectors. Observe that solely the educated generator and decoders are used for producing artificial knowledge.


We concentrate on two real-world EHR datasets to showcase the EHR-Secure framework, MIMIC-III and eICU. Each are inpatient datasets that include various lengths of sequences and embody a number of numerical and categorical options with lacking elements.

Constancy Outcomes

The constancy metrics concentrate on the standard of synthetically generated knowledge by measuring the realisticness of the artificial knowledge. Greater constancy implies that it’s tougher to distinguish between artificial and actual knowledge. We consider the constancy of artificial knowledge when it comes to a number of quantitative and qualitative analyses.


Having related protection and avoiding under-representation of sure knowledge regimes are each necessary for artificial knowledge era. Because the beneath t-SNE analyses present, the protection of the artificial knowledge (blue) may be very related with the unique knowledge (crimson). With membership inference metrics (can be launched within the privateness part), we additionally confirm that EHR-Secure doesn’t simply memorize the unique practice knowledge.

t-SNE analyses on temporal and static knowledge on MIMIC-III (higher) and eICU (decrease) datasets.

Statistical Similarity

We offer quantitative comparisons of statistical similarity between unique and artificial knowledge for every characteristic. Most statistics are well-aligned between unique and artificial knowledge — for instance a measure of the KS statistics, i.e,. the utmost distinction within the cumulative distribution perform (CDF) between the unique and the artificial knowledge, are principally decrease than 0.03. Extra detailed tables may be discovered within the paper. The determine beneath exemplifies the CDF graphs for unique vs. artificial knowledge for 3 options — general they appear very shut normally.

CDF graphs of two options between unique and artificial EHR knowledge. Left: Imply Airway Strain. Proper: Minute Quantity Alarm.


As a result of some of the necessary use circumstances of artificial knowledge is enabling ML improvements, we concentrate on the constancy metric that measures the flexibility of fashions educated on artificial knowledge to make correct predictions on actual knowledge. We evaluate such mannequin efficiency to an equal mannequin educated with actual knowledge. Related mannequin efficiency would point out that the artificial knowledge captures the related informative content material for the duty. As one of many necessary potential use circumstances of EHR, we concentrate on the mortality prediction job. We think about 4 completely different predictive fashions: Gradient Boosting Tree Ensemble (GBDT), Random Forest (RF), Logistic Regression (LR), Gated Recurrent Models (GRU).

Mortality prediction efficiency with the mannequin educated on actual vs. artificial knowledge. Left: MIMIC-III. Proper: eICU.

Within the determine above we see that in most eventualities, coaching on artificial vs. actual knowledge are extremely related when it comes to Space Underneath Receiver Working Traits Curve (AUC). On MIMIC-III, the most effective mannequin (GBDT) on artificial knowledge is just 2.6% worse than the most effective mannequin on actual knowledge; whereas on eICU, the most effective mannequin (RF) on artificial knowledge is just 0.9% worse.

Privateness Outcomes

We think about three completely different privateness assaults to quantify the robustness of the artificial knowledge with respect to privateness.

  • Membership inference assault: An adversary predicts whether or not a identified topic was a gift within the coaching knowledge used for coaching the artificial knowledge mannequin.
  • Re-identification assault: The adversary explores the chance of some options being re-identified utilizing artificial knowledge and matching to the coaching knowledge.
  • Attribute inference assault: The adversary predicts the worth of delicate options utilizing artificial knowledge.
Privateness threat analysis throughout three privateness metrics: membership-inference (top-left), re-identification (top-right), and attribute inference (backside). The perfect worth of privateness threat for membership inference is random guessing (0.5). For re-identification, the best case is to interchange the artificial knowledge with disjoint holdout unique knowledge.

The determine above summarizes the outcomes together with the best achievable worth for every metric. We observe that the privateness metrics are very near the best in all circumstances. The danger of understanding whether or not a pattern of the unique knowledge is a member used for coaching the mannequin may be very near random guessing; it additionally verifies that EHR-Secure doesn’t simply memorize the unique practice knowledge. For the attribute inference assault, we concentrate on the prediction job of inferring particular attributes (e.g., gender, faith, and marital standing) from different attributes. We evaluate prediction accuracy when coaching a classifier with actual knowledge in opposition to the identical classifier educated with artificial knowledge. As a result of the EHR-Secure bars are all decrease, the outcomes display that entry to artificial knowledge doesn’t result in increased prediction efficiency on particular options as in comparison with entry to the unique knowledge.

Comparability to Different Strategies

We evaluate EHR-Secure to alternate options (TimeGAN, RC-GAN, C-RNN-GAN) proposed for time-series artificial knowledge era. As proven beneath, EHR-Secure considerably outperforms every.

Downstream job efficiency (AUC) compared to alternate options.


We suggest a novel generative modeling framework, EHR-Secure, that may generate extremely lifelike artificial EHR knowledge which might be sturdy to privateness assaults. EHR-Secure relies on generative adversarial networks utilized to the encoded uncooked knowledge. We introduce a number of improvements within the structure and coaching mechanisms which might be motivated by the important thing challenges of EHR knowledge. These improvements are key to our outcomes that present almost-identical properties with actual knowledge (when desired downstream capabilities are thought of) with almost-ideal privateness preservation. An necessary future course is generative modeling functionality for multimodal knowledge, together with textual content and picture, as fashionable EHR knowledge may include each.


We gratefully acknowledge the contributions of Michel Mizrahi, Nahid Farhady Ghalaty, Thomas Jarvinen, Ashwin S. Ravi, Peter Brune, Fanyu Kong, Dave Anderson, George Lee, Arie Meir, Farhana Bandukwala, Elli Kanal, and Tomas Pfister.

Leave a Reply