Text documents play significant roles in decision making and scientific research. Under federal regulations, documents (e.g., pathology records) containing personally identifiable information cannot be shared freely, unless properly sanitized. Generally speaking, document sanitization consists of finding and hiding personally identifiable information. The first task has received much attention from the research community, but the main strategy for the second task has been to simply remove personal identifiers and very sensitive information (e.g., diseases and treatment). It is not hard to see that if important information (e.g., diagnoses and personal medical histories) is completely removed from pathology records, these records are no longer readable, and even worse, they no longer contain sufficient information for research purposes. Observe that the sensitive information "tuberculosis" can be replaced with the less sensitive term "infectious disease". That is, instead of simply removing sensitive terms, these terms can be hidden by more general but semantically related terms to protect sensitive information, without unnecessarily degrading the amount of information contained in the document. Based on this observation, the main contribution of this paper is to provide a novel information theoretic approach to text sanitization, and develop efficient heuristics to sanitize text documents.

Meeting Name

International Conference on Computational Science and Engineering, 2009


Computer Science


United States. Air Force. Office of Scientific Research
National Science Foundation (U.S.)

Keywords and Phrases

Data Privacy; Information Dissemination; Medical Administrative Data Processing

Document Type

Article - Conference proceedings

Document Version

Final Version

File Type





© 2009 Institute of Electrical and Electronics Engineers (IEEE), All rights reserved.

Publication Date

01 Aug 2009