538 – Modeling Time: Methods for Longitudinal, Time-Series, and Censored Data
Query-based PUF for Disclosure-safe Remote Analysis from Medicare Claims Microdata
Avi Singh
NORC at the University of Chicago
Joshua M. Borton
NORC at the University of Chicago
Micheal Davern
NORC at the University of Chicago
Y. Lin
NORC at University of Chicago
Remote analysis servers (RAS) with output treatment of user queries, as an alternative to traditional input-treated PUFs, is an active research area. Success of RAS depends on protection from differencing attacks via repeated queries. We describe a new application of a recently proposed method of query-based (Q) PUF to Medicare claims data which is safe from differencing attacks. In Q-PUF, the user cannot arbitrarily define analysis domains but is required to choose from a checklist of pre-screened variables. The method is termed Q-PUF, despite being an output treatment, because the data producer controls the type and scope of allowed analytic variables just as with PUFs. There are three components of Q-PUF: first, construct a checklist of analysis domains that are deemed adequately large to provide estimating functions of corresponding parameters and safe for analysis; second, provide an interface for users to communicate with the microdata via queries; third, additional restrictions specific to analysis output. If needed the domain checklist may be updated. For Medicare claims data, we provide empirical examples of common interest including descriptive and model-based inference.