Technique for secure processing of patient data

Technique for secure processing of patient data
Credit: Radboud University

Thanks to a technique developed by Radboud University large-scale research involving patient data can be done without threat to either the security of the information or the privacy of the patients. This technique will be used for a new, large-scale study of Parkinson's disease.

Collecting and analysing medical data on a large scale is an increasingly important research tool in understanding illnesses. To quickly arrive at new insights and avoid double work, it is important that international researchers work together to use and enrich one another's data. Such studies often involve sensitive patient information. Patients must be confident that their privacy will be safeguarded and their data securely stored in line with upcoming European regulations on privacy, known as the strictest in the world.

To make this possible, Professor Bart Jacobs and Professor Eric Verheul, both computer scientists at Radboud University, have developed the Polymorphic Encryption and Pseudonymisation (PEP) technique. The PEP technique realises this goal by pseudonymising and encrypting data in such a way that the data cannot be accessed even by the party who stores the data. Moreover, access to the data is strictly regulated and monitored. The PEP technique makes it possible to analyse data from a study while ensuring that a patient's privacy is safeguarded.

One of the first applications of the PEP technique is a study of Parkinson's that was initiated by Radboud University. In this study, 650 people with Parkinson's will be monitored for two years by means of, among other things, portable measuring equipment (wearables). Thanks to the PEP technique, the research data collected in the Netherlands can be shared in pseudonymised form with top researchers throughout the world.

Public investment in privacy

"In the context of international medical research, personal information is worth its weight in gold. So it's important for the government to invest in an infrastructure that guarantees the protection of this information," said Bart Jacobs, Professor of Digital Security at Radboud University. "Especially to ensure that people will remain willing to participate in future studies of this sort." Radboud University and Radboud university medical center are investing €920,000 in the development of the PEP software. The Province of Gelderland is contributing €750,000. The software will be made available as open source so that other parties may also use it.

Bart Jacobs is optimistic about the future of the PEP system. "The study of Parkinson's should demonstrate the usefulness of PEP. With this showcase as an example, PEP could grow to become the international standard for storing and exchanging privacy-sensitive ." The first reactions from the field are positive, Jacobs concluded.

In short, Polymorphic Encryption and Pseudonymisation works as follows:

  • the managers of the data cannot access the data
  • participants in the study decide for each study if they want to allow their data to be used
  • researchers who use the data are given a unique key
  • the participants have a different pseudonym for each researcher. This prevents researchers from using another route to access that they are not allowed to see.

Explore further

Health apps and the sharing of information with third parties

More information: For more information, see eprint.iacr.org/2016/411
Provided by Radboud University
Citation: Technique for secure processing of patient data (2016, September 30) retrieved 4 April 2020 from https://phys.org/news/2016-09-technique-patient.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.
7 shares

Feedback to editors

User comments