Inferensys

Glossary

Federated Record Linkage

The privacy-preserving process of identifying and linking records that correspond to the same individual across disparate, decentralized databases without revealing the individual's identity to the linking party.
Data scientist building training data pipeline on laptop, data preprocessing visible, technical workspace.
PRIVACY-PRESERVING ENTITY RESOLUTION

What is Federated Record Linkage?

Federated Record Linkage is the privacy-preserving process of identifying and linking records that correspond to the same individual across disparate, decentralized databases without revealing the individual's identity to the linking party.

Federated Record Linkage (FRL) is a privacy-preserving entity resolution technique that identifies records belonging to the same real-world individual across multiple independent databases without any party revealing its raw, sensitive identifiers. Unlike traditional record linkage, which requires a trusted third party to centralize and compare personally identifiable information, FRL employs cryptographic protocols—such as Bloom filter encoding and secure multi-party computation—to compute similarity metrics on masked or encrypted representations of the data. This ensures that only matched record pairs are disclosed, while non-matching records and the underlying plaintext values remain completely opaque to all participating organizations.

In healthcare and clinical research networks, FRL is critical for constructing comprehensive patient journeys across hospitals, registries, and claims databases without violating regulations like HIPAA or GDPR. The process typically involves a two-party or multi-party protocol where each site independently standardizes and encodes quasi-identifiers—such as names, dates of birth, and addresses—into irreversible, distance-preserving tokens. A linkage unit then performs a private comparison, often using homomorphic encryption or secure set intersection protocols, to probabilistically classify record pairs as matches, non-matches, or potential matches for clerical review, all while maintaining a formal cryptographic guarantee against data leakage.

PRIVACY-PRESERVING ENTITY RESOLUTION

Key Features of Federated Record Linkage

Federated Record Linkage (FRL) enables the identification of records belonging to the same individual across multiple databases without exposing personally identifiable information (PII) to any party. It combines private comparison protocols, blocking techniques, and cryptographic encoding to solve the entity resolution problem in a decentralized manner.

01

Privacy-Preserving Comparison

The core mechanism that allows two parties to determine if their records match without revealing the underlying data. This is typically achieved through private set intersection (PSI) or homomorphic encryption protocols.

  • Bloom filter encoding: Records are hashed into bit arrays, allowing approximate matching via set overlap metrics like Dice coefficient or Jaccard similarity
  • Phonetic encoding: Strings are transformed into phonetic representations (Soundex, Double Metaphone) before encryption to handle typographical errors
  • Reference value comparison: Instead of comparing raw values, parties compare encrypted tokens derived from agreed-upon reference tables

The comparison function operates entirely on encoded data, ensuring that even if the protocol is intercepted, no plaintext PII is exposed.

Dice coefficient
Common similarity metric
02

Blocking for Scalability

Comparing every record pair across databases is computationally infeasible. Blocking reduces the search space by grouping records into candidate blocks using quasi-identifiers before cryptographic comparison.

  • Phonetic blocking: Uses Soundex or NYSIIS encodings of names to group similar-sounding records
  • Locality-Sensitive Hashing (LSH): Hashes records so that similar inputs map to the same bucket with high probability
  • Sorted neighborhood: Records are sorted by a blocking key, and a sliding window compares only adjacent records

Effective blocking dramatically reduces the number of expensive cryptographic comparisons while maintaining high recall of true matches.

99%+
Reduction in comparisons
03

Linkage Without a Trusted Third Party

Traditional record linkage relies on a central trusted party to perform matching. FRL eliminates this dependency through decentralized protocols where no single entity sees both datasets.

  • Two-party protocol: Each data custodian encodes their records independently and exchanges only encrypted representations
  • Three-party protocol with untrusted linker: A third party performs the matching on encrypted data but cannot decrypt the results
  • Multi-party linkage: Extends to scenarios where records are distributed across many institutions, such as a network of hospitals linking patient cohorts

This architecture is critical for compliance with regulations like HIPAA and GDPR, where data cannot leave institutional boundaries.

Zero
Plaintext data exposure
04

Encoding Strategies for Accuracy

The choice of encoding method directly impacts linkage quality. Records must be transformed into privacy-preserving representations that preserve similarity while resisting cryptanalysis.

  • Bloom filter encoding: Maps q-gram sets of attribute values into bit vectors. The Dice coefficient between two Bloom filters approximates the true string similarity
  • Tabulation min-hash: Generates compact signatures that preserve Jaccard similarity between sets of features
  • Field-level hashing: Applies salted cryptographic hash functions (SHA-256) to individual fields, enabling exact matching only

Encoding must balance linkage accuracy against privacy guarantees. Bloom filters with appropriate parameters can resist frequency-based attacks while maintaining high match quality.

Bloom filter
Most common encoding
05

Classification and Clustering of Matches

Once encrypted similarities are computed, FRL systems must classify record pairs as matches or non-matches without human review of plaintext data.

  • Threshold-based classification: Pairs exceeding a predefined similarity threshold are declared matches
  • Supervised classification: Trained on labeled match/non-match pairs from a subset of data where ground truth is available
  • Hierarchical clustering: Groups records into clusters representing unique individuals, resolving transitive matches across multiple databases
  • Active learning: Iteratively queries domain experts on high-uncertainty pairs to refine the classification model

The classification step must handle the inherent uncertainty of working with encoded data, where similarity metrics are approximations of true string distances.

Hierarchical
Preferred clustering method
06

Adversarial Attack Resistance

FRL protocols must be hardened against adversaries who may attempt to re-identify individuals from encoded data or manipulate the linkage process.

  • Frequency attacks: An adversary with knowledge of plaintext value distributions can attempt to map Bloom filter bit patterns back to original values. Countermeasures include salting, random bit flips, and differential privacy noise injection
  • Collusion resistance: Protocols must remain secure even if a subset of participating parties collude
  • Sybil attacks: Malicious entities may inject fabricated records to create false links. Rate limiting and institutional authentication mitigate this risk
  • Output privacy: Even the final linkage results may leak information. Secure multiparty computation ensures only authorized parties learn the match outcomes
Differential privacy
Key defense mechanism
PRIVACY-PRESERVING PATIENT MATCHING

Frequently Asked Questions

Clear answers to the most common technical and operational questions about linking patient records across institutions without exposing protected health information.

Federated Record Linkage (FRL) is a privacy-preserving computational process that identifies and links records corresponding to the same individual across multiple decentralized databases without any party revealing its raw identifying data to the others. The process works by having each data custodian independently encode their records' identifying attributes—such as names, dates of birth, and addresses—into irreversible, privacy-preserving representations called Bloom filters or cryptographic tokens. These encoded representations are then compared using specialized similarity metrics like Dice coefficient or Jaccard similarity to probabilistically determine matches. Crucially, the original plaintext identifiers never leave their source institution, and the encoded representations cannot be inverted to recover the original data, satisfying both HIPAA and GDPR requirements for cross-institutional clinical research and public health surveillance.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.