Abstract: Systems, methods and non-transitory computer readable media for ownership determination in privacy firewalls are provided. A request of a user to perform an action for creating a new data collection using source data collections may be received. In response to the user not having permission to view at least part of at least one of the source data collections and the user not being an owner of the at least one of the source data collections, it may be determined that the user is not an owner of the new data collection, and in response to the user being at least an owner of the data collection or having permission to view the entire data collection for all source data collections, it may be determined that the user is an owner of the new data collection.

Abstract: Systems, methods and non-transitory computer readable media for controlling access in privacy firewalls are provided. A request to access a content of an element may be received, the content of the element may include a first portion and a second portion, the first portion may include identifiable information and the second portion may include no identifiable information. A permission record corresponding to the element may be accessed. In response to a first value in the permission record, access may be provided to the content of the element, including access to the first and second portions, and in response to a second value in the permission record, partial access may be provided to the content of the element, the partial access may include access to the second portion and may exclude access to the first portion.

Abstract: Systems, methods and non-transitory computer readable media for detecting identified information in privacy firewalls are provided. A repeating field in a data collection may be analyzed to determine whether the field is likely to include information that identifies particular individuals. An access request of a user may be received. A permission record associated with the user may be accessed. In response to the field being likely to include information that identifies particular individuals and a first value in the permission record, access to the field may be denied, in response to the field not being likely to include information that identifies particular individuals and the first value in the permission record, access to the field may be provided, and in response to a second value in the permission record, access to the field may be provided.

Abstract: Systems, methods and non-transitory computer readable media for determining permissions in privacy firewalls are provided. At least part of a content of a data collection may be analyzed to determine a subject matter. A permission corresponding to the data collection and at least one user may be determined based on the subject matter. A request of the at least one user to access at least part of the data collection may be received. In response to a first determined permission, the requested access to the at least part of the data collection may be provided, and in response to a second determined permission, the request may be denied.

Abstract: Systems, methods and non-transitory computer readable media for detecting identified information in privacy firewalls are provided. A repeating field in a data collection may be analyzed to determine whether the field is likely to include information that identifies particular individuals. An access request of a user may be received. A permission record associated with the user may be accessed. In response to the field being likely to include information that identifies particular individuals and a first value in the permission record, access to the field may be denied, in response to the field not being likely to include information that identifies particular individuals and the first value in the permission record, access to the field may be provided, and in response to a second value in the permission record, access to the field may be provided.

Abstract: Systems, methods and non-transitory computer readable media for assigning confidence to data de-identification are provided. A data collection may be accessed to generate a de-identified copy of the data collection. A confidence level that the generated de-identified copy does not include identified information may be determined. In response to a first value of the confidence level, providing particular information based on the de-identified copy of the data collection to a first entity and to a second entity. In response to a second value of the confidence level, providing the particular information to the first entity and forgoing providing the particular information to the second entity.

Abstract: Systems, methods and non-transitory computer readable media for estimating residual privacy loss after data de-identification are provided. A data collection may be accessed to generate a de-identified copy of the data collection. A first amount of residual identified information of a first type of residual identified information in the generated de-identified copy may be determined. A second amount of residual identified information of a second type of residual identified information in the generated de-identified copy may be determined. A usage policy for the generated de-identified copy may be selected based on the first amount of residual identified information and the second amount of residual identified information in the generated de-identified copy. The selected usage policy may be implemented.

Abstract: Systems, methods and non-transitory computer readable media for hybrid differential privacy are provided. Queries associated with medical data may be received. The medical data may be accessed to determine a possible response to queries. Privacy loss levels associated with the possible responses may be determined. Confidence levels for the determinations of the privacy loss levels may be determined. Based on the privacy loss level and the confidence level corresponding to a particular possible response, it may be determine whether to provide the particular possible response, to avoid providing the particular possible response, or to involve manual review in a determination of whether to provide or to avoid providing the particular possible response.

Abstract: Systems, methods and non-transitory computer readable media for detecting identified information in privacy firewalls are provided. A repeating field in a data collection may be analyzed to determine whether the field is likely to include information that identifies particular individuals. An access request of a user may be received. A permission record associated with the user may be accessed. In response to the field being likely to include information that identifies particular individuals and a first value in the permission record, access to the field may be denied, in response to the field not being likely to include information that identifies particular individuals and the first value in the permission record, access to the field may be provided, and in response to a second value in the permission record, access to the field may be provided.

Abstract: Systems, methods and non-transitory computer readable media for determining permissions in privacy firewalls are provided. At least part of a content of a data collection may be analyzed to determine a subject matter. A permission corresponding to the data collection and at least one user may be determined based on the subject matter. A request of the at least one user to access at least part of the data collection may be received. In response to a first determined permission, the requested access to the at least part of the data collection may be provided, and in response to a second determined permission, the request may be denied.

Abstract: Systems, methods and non-transitory computer readable media for ownership determination in privacy firewalls are provided. A request of a user to perform an action for creating a new data collection using source data collections may be received. In response to the user not having permission to view at least part of at least one of the source data collections and the user not being an owner of the at least one of the source data collections, it may be determined that the user is not an owner of the new data collection, and in response to the user being at least an owner of the data collection or having permission to view the entire data collection for all source data collections, it may be determined that the user is an owner of the new data collection.

Abstract: Systems, methods and non-transitory computer readable media for controlling access in privacy firewalls are provided. A request to access a content of an element may be received, the content of the element may include a first portion and a second portion, the first portion may include identifiable information and the second portion may include no identifiable information. A permission record corresponding to the element may be accessed. In response to a first value in the permission record, access may be provided to the content of the element, including access to the first and second portions, and in response to a second value in the permission record, partial access may be provided to the content of the element, the partial access may include access to the second portion and may exclude access to the first portion.

Abstract: A method and apparatus for automatic execution of actions over a web page are provided. The method include receiving a request from a client node to execute at least one action in a webpage; analyzing the webpage to identify at least one interactive platform accessible by the webpage; extracting at least one step from the webpage required in order to execute the at least one action within the at least one interactive platform; generating, based on the at least one extracted step, a designated application programming interface (DAPI) for executing the at least one action within the at least one interactive platform; and providing to the client node a standard application programming interface (API) that enables interaction with the DAPI.