dpph | Data Protection In Personalized Health

Personalized Medicine, Personalized Health Research Project funded by the Strategic Focus Area Personalized Health and Related Technologies (PHRT) of the ETH Board.

Privacy and Security in P4 Medicine

P4 (Predictive, Preventive, Personalized and Participatory) medicine is called to revolutionize healthcare by providing better diagnoses and targeted preventive and therapeutic measures. However, to accelerate its adoption and maximize its potential, clinical and research data on large numbers of individuals must be efficiently shared between all stakeholders. The advent of quantum computers and the privacy risks stemming from disclosing medical data raise serious concerns, and have become a barrier that can hold back the advances in P4 medicine if effective privacy preserving technologies are not adopted to enable quantum-resistant privacy-conscious medical data sharing. The evolution of the regulation towards further guarantees (e.g., HIPAA in USA and the new GDPR in EU) reflects this urgent need.

Pairing privacy-conscious data sharing with recent advances in the field of *omics and, in particular, in high-throughput sequencing technology, leads to an explosive growth in the amounts of available data; this big data scale can usually not be handled with current hospital computing facilities, hence the need for elastic computing resources that can cope with huge amounts of data in a secure and privacy-aware infrastructure, supporting data processing and sharing.

Project Mission

DPPH seeks to address the main scalability, privacy, security and ethical challenges of data sharing for enabling effective P4 medicine, by defining an optimal balance between usability, scalability and data protection, and deploying an appropriate set of computing tools to make it happen. The target result of the project will be a platform composed of software packages that seamlessly enable clinical and genomic data sharing and exploitation across a federation of medical institutions, hospitals and research laboratories across Switzerland in a scalable, secure, responsible and privacy-conscious way, and that can seamlessly integrate widespread cohort exploration tools (e.g., i2b2 and TranSMART).

Read the Abstract

Main Results

DPPH has already produced a preliminary prototype called MedCo, the first operational system that makes sensitive medical-data available for research in a simple, privacy-conscious and secure way.

MedCo applies the privacy-enhancing techniques developed in DPPH to enable hundreds of clinical sites to collectively protect their data and to securely share them with investigators, without single points of failure.

MedCo is open-source and easy to deploy, thanks to Docker technology. Further information about MedCo, its full documentation and its source code can be found at the project page: https://medco.epfl.ch

DPPH has also produced a comprehensive software library, called Lattigo, that implements lattice-cryptography primitives supporting quantum-resistant homomorphic encryption.

Lattigo is fully written in Golang with no external dependencies, and it aims at enabling fast prototyping of secure-multiparty computation solutions based on multiparty homomorphic cryptosystems, by harnessing Golang’s natural concurrency model.

Lattigo is open-source, and its codebase and documentation can be found here: https://github.com/ldsec/lattigo