This study systematically evaluates the impact of differential privacy (DP) on the statistical utility of Cox proportional hazards models. Across multiple clinical datasets, it compares input perturbation strategies—perturbing only covariates, all inputs, or using a discrete-time formulation—with output perturbation based on dfbeta sensitivity, under varying privacy budgets (ε), employing data-driven clipping bounds to establish practical lower bounds on utility degradation. Results show that under standard privacy budgets (ε ≤ 1), approximately 90% of significant covariates lose statistical significance and predictive performance degrades to near-random levels. Perturbing covariates alone yields the best utility among DP mechanisms. Output perturbation requires ε ≥ 5 to approach non-private baseline performance, while recovering statistical significance typically demands ε ≥ 30–60. This work provides the first comprehensive quantification of the utility–privacy trade-offs for DP in survival analysis with Cox models.

Differential privacy (DP) is a mathematical framework that guarantees individual privacy; however, systematic evaluation of its impact on statistical utility in survival analyses remains limited. In this study, we systematically evaluated the impact of DP mechanisms (Laplace mechanism and Randomized Response) with data-driven clipping bounds on the Cox proportional hazards model, using 5 clinical datasets ($n = 168$--$6{,}524$), 15 levels of $\varepsilon$ (0.1--1000), and $B = 1{,}000$ Monte Carlo iterations. The data-driven clipping bounds used here are observed min/max and therefore do not provide formal $\varepsilon$-DP guarantees; the results represent an optimistic lower bound on utility degradation under formal DP. We compared three types of input perturbations (covariates only, all inputs, and the discrete-time model) with output perturbations (dfbeta-based sensitivity), using loss of significance rate (LSR), C-index, and coefficient bias as metrics. At standard DP levels ($\varepsilon \leq 1$), approximately 90% (90--94%) of the significant covariates lost significance, even in the largest dataset ($n = 6{,}524$), and the predictive performance approached random levels (test C-index $\approx 0.5$) under many conditions. Among the input perturbation approaches, perturbing only covariates preserved the risk-set structure and achieved the best recovery, whereas output perturbation (dfbeta-based sensitivity) maintained near-baseline performance at $\varepsilon \geq 5$. At $n \approx 3{,}000$, the significance recovered rapidly at $\varepsilon = 3$--10; however, in practice, $\varepsilon \geq 10$ (for predictive performance) to $\varepsilon \geq 30$--60 (for significance preservation) is required. In the moderate-to-high $\varepsilon$ range, false-positive rates increased for variables whose baseline $p$-values were near the significance threshold.