BME2133: Medical Data Privacy and Ethics in the Age of Artificial Intelligence (Schedule)

Syllabus

Who / When / Where
Instructor: Zhiyu Wan
Teaching Assistant: Yuhang Guo
Semester: Spring 2025
Time: Wednesdays (Odd Week) & Fridays, 15:00-15:45, 15:55-16:40
Location: SIST Building 1 Area A, Room 108

Schedule

(Note: This schedule is tentative and subject to change.)

Week	Chapter	Teaching Contents	Reading	Assignment
Week 1, Wednesday Feb 19, 15:00-16:40 Lecture 1 (PDF)	I. Course Introduction and Overview of Data Privacy and Ethics (a)	Course Introduction The Role of Medical Data in the Age of AI. Concept of data privacy and its importance.	/
Week 1, Friday Feb 21, 15:00-16:40 Lecture 2 (PDF)	I. Course Introduction and Overview of Data Privacy and Ethics (b)	Concept of ethics and morality and their importance.	(Optional: 1.《信息科学技术伦理与道德》Chs.8-10. 2.《工程伦理》Ch.12. 3.《信息科学技术伦理与道德》Chs.3&4.)
	I. Course Introduction and Overview of Data Privacy and Ethics (c)	AI ethics: machine morality and ethics, automation, and employment.
Week 2, Friday Feb 28, 15:00-16:40 Lecture 3 (PDF)	II. Ethical Issues in Biomedical Research and Informatics	Research ethics: ethical guidelines for human and animal experiments and scientific research. Life sciences ethics: controversies arising from reproductive technology, genetic technology, stem cell research, etc. Information security and privacy issues: personal data breaches, surveillance technology, facial recognition.	1. Price WN, Cohen IG. Privacy in the age of medical big data. Nature medicine. 2019 Jan;25(1):37-43. https://www.nature.com/articles/s41591-018-0272-7 (Optional: 2.《工程伦理》Ch.10. 3.《信息科学技术伦理与道德》Chs.5&7. 4. S. Warren and L. Brandeis. The right to privacy. Harvard Law Review. 1890; V. IV, No. 5. http://faculty.uml.edu/sgallagher/Brandeisprivacy.htm )
Week 3, Wednesday March 5, 15:00-16:40 Lecture 4 (PDF)	III. Ethical Issues in Data Sharing and Medical AI (a)	Medical ethics issues: abortion, euthanasia, public health issues, and medical ethics concerning special populations (infants, adolescents, psychiatric patients, etc.).	(Optional: 1. McGraw D, Dempsey JX, Harris L, Goldman J. Privacy as an enabler, not an impediment: building trust into health information exchange. Health affairs. 2009 Mar;28(2):416-27. http://content.healthaffairs.org/content/28/2/416.full.pdf+html 2. 《Ethics of medical AI》pp.55-87. 3. WMA. Medical Ethics Manual (3rd Ed). 2015.)
Week 3, Friday March 7, 15:00-16:40 Lecture 5 (PDF)	III. Ethical Issues in Data Sharing and Medical AI (b)	In-class quiz 1. Data ethics: From principle to practice Data governance and data lifecycle management.	1. Malin B, Benitez K, Masys D. Never too old for anonymity: a statistical standard for demographic data sharing via the HIPAA Privacy Rule. Journal of the American Medical Informatics Association. 2011 Jan 1;18(1):3-10. https://doi.org/10.1136/jamia.2010.004622 (Optional: 2. U.S. Department of Health and Human Services. Summary of the Privacy Rule of the Health Information Portability and Accountability Act (HIPAA). http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/index.html 3. 《Ethics and data science》)
	III. Ethical Issues in Data Sharing and Medical AI (c)	Importance of biomedical data sharing and privacy challenges.
Week 4, Friday March 14, 15:00-16:40 Lecture 6 (PDF)	III. Ethical Issues in Data Sharing and Medical AI (d)	Algorithmic fairness and bias issues in medical AI.	1. Xu J, Xiao Y, Wang WH, Ning Y, Shenkman EA, Bian J, Wang F. Algorithmic fairness in computational medicine. EBioMedicine. 2022 Oct 1;84. https://www.thelancet.com/pdfs/journals/ebiom/PIIS2352-3964(22)00432-7.pdf (Optional: 2. Kearns M, Roth A. The ethical algorithm: The science of socially aware algorithm design. Oxford University Press; 2019 Oct 4. Ch.2. 3. 《Ethics of medical AI》pp. 117-132. 4. Dunkelau J, Leuschel M. Fairness-aware machine learning: An extensive overview. 2019. https://stups.hhu-hosting.de/downloads/pdf/fairness-survey.pdf)
Week 5, Wednesday March 19, 15:00-16:40 Lecture 7 (PDF)	III. Ethical Issues in Data Sharing and Medical AI (e)	Transparency and interpretability in medical AI.	(Optional: 1. Molnar, Christoph. Interpretable machine learning. 2020. (Ch. 5) https://christophm.github.io/interpretable-ml-book/ 2. Lundberg, S. M., & Lee, S. I. A unified approach to interpreting model predictions. NeurIPS. 2017 (Original SHAP paper).)
Week 5, Friday March 21, 15:00-16:40 Lecture 8 (PDF)	IV. Legal and Regulatory Frameworks (a)	The impact of international laws and regulations like HIPAA and GDPR on biomedical data.	(Optional: 1. 《信息科学技术伦理与道德》Chs.5.2.)
	IV. Legal and Regulatory Frameworks (b)(c)	China’s data security law and personal information protection law. Compliance requirements for medical data sharing.
Week 6, Friday March 28, 15:00-16:40 Lecture 9 (PDF)	V. Characteristics and Privacy Risks of Biomedical Data I (a)	In-class quiz 2. Characteristics and privacy risks of electronic health records.	1. Sweeney L. Simple Demographics Often Identify People Uniquely. Carnegie Mellon University, Data Privacy Working Paper 3. Pittsburgh 2000. https://dataprivacylab.org/projects/identifiability/paper1.pdf (Optional: 2. Golle P. Revisiting the uniqueness of simple demographics in the US population. In Proceedings of the 5th ACM Workshop on Privacy in Electronic Society 2006 Oct 30 (pp. 77-80). https://doi.org/10.1145/1179601.117961)
Week 7, Wednesday April 2, 15:00-16:40 Lecture 10 (PDF)	V. Characteristics and Privacy Risks of Biomedical Data I (b)	Introduction to Genomic sequencing and Genome-Wide Association Study (Guest Lecturer: Junmei Xu from BGI Group) Lecture 10 Guest Characteristics and privacy risks of genomic data.	(Optional: 1.《Responsible Genomic Data Sharing Challenges and Approaches》Chs.1&4)
Week 7, Friday April 4, 15:00-16:40	Qingming Festival holiday (No class)	/	/
	Qingming Festival holiday (No class)	/
Week 8, Friday April 11, 15:00-16:40 Lecture 11 (PDF)	V. Characteristics and Privacy Risks of Biomedical Data I (c)(d) VI. Characteristics and Privacy Risks of Biomedical Data II (a)	Main attack models: re-identification attacks, membership inference attacks, and reconstruction attacks.	1. Sankararaman S, Obozinski G, Jordan MI, Halperin E. Genomic privacy and limits of individual detection in a pool. Nature genetics. 2009 Sep;41(9):965-7. (Optional: 2. Homer N, Szelinger S, Redman M, Duggan D, Tembe W, Muehling J, Pearson JV, Stephan DA, Nelson SF, Craig DW. Resolving individuals contributing trace amounts of DNA to highly complex mixtures using high-density SNP genotyping microarrays. PLoS genetics. 2008 Aug 29;4(8):e1000167. 3. 《Responsible Genomic Data Sharing Challenges and Approaches》Ch.3.)
Week 9, Wednesday April 16, 15:00-16:40 Lecture 12 (PDF)	VI. Characteristics and Privacy Risks of Biomedical Data II (b)(c)	Privacy Risk Assessment Methods. Characteristics and privacy risks of natural language medical data. Characteristics and privacy risks of medical image data. Case studies on breaches of different types of medical data.	/
Week 9, Friday April 18, 15:00-16:40 Lecture 13 (PDF)	VII. Common Privacy Protection Techniques for Medical Data I (a)	data privacy protection techniques: pseudonymization, K-anonymization.	1. Sweeney L. k-anonymity: A model for protecting privacy. International journal of uncertainty, fuzziness and knowledge-based systems. 2002 Oct;10(05):557-70. https://www.worldscientific.com/doi/epdf/10.1142/S0218488502001648 (Optional: 2. Dankar FK, El Emam K. A method for evaluating marketer re-identification risk. InProceedings of the 2010 EDBT/ICDT Workshops 2010 Mar 22 (pp. 1-10). 3. Newton EM, Sweeney L, Malin B. Preserving privacy by de-identifying face images. IEEE transactions on Knowledge and Data Engineering. 2005 Jan 10;17(2):232-43.)	HW #1 Posted
	VII. Common Privacy Protection Techniques for Medical Data I (b)	Other data privacy protection techniques.
Week 10, Friday April 25, 15:00-16:40 Lecture 14 (PDF)	VII. Common Privacy Protection Techniques for Medical Data I (c)	Game-theoretic models for optimized privacy protection. Start selecting topics for the course project.	1. Wan Z, Vorobeychik Y, Xia W, Clayton EW, Kantarcioglu M, Malin B. Expanding access to large-scale genomic data while promoting privacy: a game theoretic approach. The American Journal of Human Genetics. 2017 Feb 2;100(2):316-22. https://www.cell.com/action/showPdf?pii=S0002-9297%2816%2930526-2 (Optional: 2. Wan Z, Vorobeychik Y, Xia W, Clayton EW, Kantarcioglu M, Ganta R, Heatherly R, Malin BA. A game theoretic framework for analyzing re-identification risk. PloS one. 2015 Mar 25;10(3):e0120592. https://journals.plos.org/plosone/article/file?id=10.1371/journal.pone.0120592&type=printable 3. Wan Z, Vorobeychik Y, Xia W, Liu Y, Wooders M, Guo J, Yin Z, Clayton EW, Kantarcioglu M, Malin BA. Using game theory to thwart multistage privacy intrusions when sharing data. Science Advances. 2021 Dec 10;7(50):eabe9986. https://www.science.org/doi/pdf/10.1126/sciadv.abe9986)
Week 11, Wednesday April 30, 15:00-16:40 Lecture 15 (PDF)	VIII. Common Privacy Protection Techniques for Medical Data II	Basic principles and applications of differential privacy. Access control and audit techniques. End selecting topics for the course project.	1. Dwork C. Differential privacy. In International colloquium on automata, languages, and programming 2006 Jul 10 (pp. 1-12). Berlin, Heidelberg: Springer Berlin Heidelberg. https://www.comp.nus.edu.sg/~tankl/cs5322/readings/dwork.pdf (Optional: 2. Clifton C, Tassa T. On syntactic anonymity and differential privacy. Transactions on Data Privacy. 2013 Aug 22;6(2):161-83. http://www.tdp.cat/issues11/tdp.a124a13.pdf 3. Schlegelmilch J, Steffens U. Role mining with ORCA. In Proceedings of the tenth ACM symposium on Access control models and technologies 2005 Jun 1 (pp. 168-176). https://dl.acm.org/doi/pdf/10.1145/1063979.1064008)
Week 11, Friday May 2, 15:00-16:40	Labor Day holiday (No class)	/	/
	Labor Day holiday (No class)	/
Week 12, Friday May 9, 15:00-16:40 Lecture 16 (PDF)	IX. Common Privacy Protection Techniques for Medical Data III	Basics of cryptography. Methods and Applications of homomorphic encryption technologies for privacy-preserving computing in medicine. Methods and Applications of secure multi-party computation technologies for privacy-preserving computing in medicine.	1. Kantarcioglu M, Jiang W, Liu Y, Malin B. A cryptographic approach to securely share and query genomic sequences. IEEE Transactions on information technology in biomedicine. 2008 Sep 3;12(5):606-17. https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=4358920 (Optional: 2. Jha S, Kruger L, Shmatikov V. Towards practical privacy for genomic computation. In 2008 IEEE Symposium on Security and Privacy (sp 2008) 2008 May 18 (pp. 216-230). IEEE. https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=4531155 3.《Responsible Genomic Data Sharing Challenges and Approaches》Chs.5&6.)	Project Description (1 page) Due at 15:00 on May 9 (Friday) HW #1 Due at 15:00 on May 9 (Friday)
Week 13, Wednesday May 14, 15:00-16:40 Lecture 17 (PDF)	X. Advances in Frontier Technologies and Future Trends in Medical Data Privacy Protection I (a)(b)	Methods and Applications of federated learning models in privacy protection. Methods and Applications of synthetic data generation techniques in privacy protection.	1. N/A (Optional: 2. Li T, Sahu AK, Talwalkar A, Smith V. Federated learning: Challenges, methods, and future directions. IEEE signal processing magazine. 2020 May 1;37(3):50-60. https://doi.org/10.1109/MSP.2020.2975749 3. Yan C, Yan Y, Wan Z, Zhang Z, Omberg L, Guinney J, Mooney SD, Malin BA. A multifaceted benchmarking of synthetic electronic health record generation models. Nature communications. 2022 Dec 9;13(1):7609. https://doi.org/10.1038/s41467-022-35295-1)	HW #2 Posted
Week 13, Friday May 16, 15:00-16:40	X. Advances in Frontier Technologies and Future Trends in Medical Data Privacy Protection I (c)	Methods and Applications of encrypted hardware technologies for privacy-preserving computing in medicine. (Guest Lecturer: Xuanle Ren, Ph.D.) Lecture 18 Guest	TBD	Project Proposal Due at 23:59 on May 18 (Sunday)
	Presentation	Presentations of team project proposals.
Week 14, Friday May 23, 15:00-16:40 Lecture 19 (PDF)	XI. Advances in Frontier Technologies and Future Trends in Medical Data Privacy Protection II	The potential of blockchain technology in medical data privacy. Digital implementation of patient informed consent. Future trends in medical data privacy research.	TBD (Optional: 1. De Sutter E, Zaçe D, Boccia S, Di Pietro ML, Geerts D, Borry P, Huys I. Implementation of electronic informed consent in biomedical research and stakeholders’ perspectives: systematic review. Journal of medical Internet research. 2020 Oct 8;22(10):e19129.)
Week 15, Wednesday May 28, 15:00-16:40 Lecture 20 (PDF)	XII. Privacy and Ethical Issues in Cutting-Edge AI Technologies for Healthcare I (a)	Introduction to large language models and generative AI. Applications of large language models and generative AI in medicine.	1. Wiest IC, Leßmann ME, Wolf F, Ferber D, Treeck MV, Zhu J, Ebert MP, Westphalen CB, Wermke M, Kather JN. Deidentifying Medical Documents with Local, Privacy-Preserving Large Language Models: The LLM-Anonymizer. NEJM AI. 2025 Mar 27;2(4):AIdbp2400537. https://ai.nejm.org/doi/pdf/10.1056/AIdbp2400537 (Optional: 2. Das BC, Amini MH, Wu Y. Security and privacy challenges of large language models: A survey. ACM Computing Surveys. 2025 Feb 10;57(6):1-39.)	HW #2 Due at 15:00 on May 28 (Wednesday) HW #3 Posted
Week 15, Friday May 30, 15:00-16:40 Lecture 21 (PDF)	XII. Privacy and Ethical Issues in Cutting-Edge AI Technologies for Healthcare I (b)(c)	Privacy risk issues of large language models.	/
	XIII. Privacy and Ethical Issues in Cutting-Edge AI Technologies for Healthcare II	Fairness issues of large language models. Other ethical issues of large language models. Solutions to ethical issues of large language models and future directions.	/
Week 16, Friday June 6, 15:00-16:40	XVI. Course Project Presentation	Group presentations and feedback.	/	HW #3 Due at 23:59 on June 13 (Friday) Final Project Report (Research Paper) Due at 23:59 on June 13 (Friday)