Personalized Medicine, Personalized Health Research Project funded by the Strategic Focus Area Personalized Health and Related Technologies (PHRT) of the ETH Board between April 2018 and December 2021.

Privacy and Security in P4 Medicine

P4 (Predictive, Preventive, Personalized and Participatory) medicine is called to revolutionize healthcare by providing better diagnoses and targeted preventive and therapeutic measures. However, to accelerate its adoption and maximize its potential, clinical and research data on large numbers of individuals must be efficiently shared between all stakeholders. The advent of quantum computers and the privacy risks stemming from disclosing medical data raise serious concerns, have become a barrier that can hold back the advances in P4 medicine if effective privacy preserving technologies are not adopted to enable quantum-resistant privacy-conscious medical data sharing. The evolution of the regulation towards further guarantees (e.g., HIPAA in USA and the new GDPR in EU) reflects this urgent need. Pairing privacy-conscious data sharing with recent advances in the field of *omics and, in particular, in high-throughput sequencing technology, leads to an explosive growth in the amounts of available data; this big data scale can usually not be handled with current hospital computing facilities, hence the need for elastic computing resources that can cope with huge amounts of data in a secure and privacy-aware infrastructure, supporting data processing and sharing.

Project Main Results

DPPH was meant to address the main scalability, privacy, security and ethical challenges of data sharing for enabling effective P4 medicine, by defining an optimal balance between usability, scalability and data protection, and deploying an appropriate set of computing tools to make it happen. The project resulted in a platform composed of software packages that seamlessly enable clinical and genomic data sharing and exploitation across a federation of medical institutions, hospitals and research laboratories across Switzerland in a scalable, secure, responsible and privacy-conscious way, and that can seamlessly integrate widespread cohort exploration tools (e.g., i2b2 and TranSMART).
 
In particular, DPPH produced a prototype called MedCo, the first operational system that makes sensitive medical-data processable for research in a simple, privacy-conscious and secure way. Further information about MedCo, its full documentation and its source code can be found at: https://medco.epfl.ch

DPPH also produced a comprehensive software library, called Lattigo, that implements lattice-cryptography primitives supporting quantum-resistant homomorphic encryption.

Lattigo is fully written in Golang with no external dependencies, and it aims at enabling fast prototyping of secure-multiparty computation solutions based on multiparty homomorphic cryptosystems, by harnessing Golang’s natural concurrency model.

Lattigo is open-source, and its codebase and documentation can be found here: https://github.com/ldsec/lattigo

Finally, DPPH performed a holistic requirements analysis of the medical data sharing ecosystem, from the standpoint of legal and medical stakeholders. Another notable result is a comprehensive ethical analysis of distributed platforms for medical data sharing through qualitative research.