Skip to main content

European Security in Health Data Exchange

Periodic Reporting for period 2 - SHiELD (European Security in Health Data Exchange)

Reporting period: 2018-07-01 to 2019-12-31

The main problem addressed by SHiELD is to enhance security and regulatory aspects of health data exchange in cross border scenarios. European healtcare systems interconnected throughout the OpenNCP platform must ensure security of the exchanged health data, and the compliance with regulations such as GDPR. This main problem is tackled from different perspectives such as the analysis these scenarios, the design and development of the OpenNCP platform, and, finally, from the runtime perspective.

The Article 45 of the Treaty on the Functioning of the European Union entitles the right of free movements to European citizens. In addition, EU citizens have the right to access healthcare in any EU country and to be reimbursed for care abroad by their home country based on the Directive 2011/24/EU on patients’ rights in cross-border healthcare. Therefore, EU countries must provide the way to access/provide health data among countries under specific circumstances. This project is dealing with several rights such as free movement for the people across European borders, and compliance with regulations such as GDPR.

SHiELD aims to create an open and extendable security architecture supported by security mechanisms and privacy by design modelling and analysis tools to provide systematic protection for the storage and exchange of health data across European borders, subject to control by the data subjects, compatible with existing regulatory frameworks, ensuring the privacy, availability and correctness of the data while improving trust of patients in the security of their data and its use to address their needs.
This general objective is broken down into objectives:
(O1) Systematic protection of health data against threats and cyber-attacks. SHiELD provides support to designers for analysing the possible threats to and vulnerabilities of the data, and support the design of valid measures to protect the data which are compatible with different architectures and with the regulatory requirements in the different jurisdictions in which the (cross-border) end to- end system is operating.
(O2) Definition of a common architecture for secure exchange of health data across European borders. European patients shall improve their access to their health data and health assistance across Europe. This platform is based on the OpenNCP platform which is improved and several functionalities are developed for enhancing security and regulatory aspects.
(O3) Assurance of the protection and privacy of the health data exchange. While data is exchanged among the different Member States, it is needed to ensure that appropriate measures are taken before, during and after data is exchanged to make sure the data is protected, secured and adheres to privacy regulation.
(O4) To understand the legal/regulatory requirements in each member state, which are only partly aligned by previous EU directives and regulations and provide recommendations to regulators for the development of new/improved regulations.
(O5) Validation of SHiELD in different pilots across three Member States: SHiELD Key Results will be tested and piloted in a series of use cases demonstrating the secure storage of data, secure data exchange across borders or between health care and commercial (e.g. lifestyle) services, and management of potential threats that can occur in both cases.
(O6) Dissemination of SHiELD results: to promote adoption of the SHiELD privacy by design approach, secure data exchange architecture, and security and privacy technologies, as well as building trust in users of health services.
During this period we have successfully completed the following milestones:
• MS1 Project plan, Quality plan, Exploitation, dissemination, communication and networking plan, Webpage and initial marketing material. Initial definition of the social, technical and scenarios requirements (M6).
• MS2 Architecture design and first release of the use case requirements and scenarios definition (M12): The OpenNCP architecture is analysed from a security point of view. Security modelling and analysis tools are outlined. Detailed specification of initial use cases (scenarios) are completed.
• MS3 Initial prototypes of main SHiELD tools and architecture solution (M18). Security verification tests developed. Initial schema modelling and analysis tools are implemented. Initial security by design knowledge base is available. Initial validation application is carried out based on the software available
The main achievements for this period are summarized as follows:
•Security modelling tools (system modeler): General improvement of the tools, implemented risk calculation, added compliance functionality
•Security knowledge base
•Secure design patterns: analysis of patterns within the OpenNCP source code
•Use case specification
•Privacy by design analysis
•Validation of the knowledge base and the system modeler
•Webportal connected to the OpenNCP

The main innovations of SHiELD for this period can be summarized as follows:
•Compliance checking capability
•Risk calculation as a means of ordering threats
•Mobile Device tampering technology
•Identify sensitive information as required by the GDPR regulation
•Improve consent management as required by the GDPR regulation
•Exchange of PDF documents among OpenNCPs.
•Integrated view of ehealth records from different countries of the same patient ( a single report)
SHiELD project is based on OpenNCP architecture currently supported and developed by the eHealth DSI Technical Community. This platform is being continuously developed and improved. SHiELD project has been involved as an external contributor and we are extending this platform with privacy by design (offline modelling and analysis tools) and data protection and privacy tools such as consent management and data hiding tools. From a regulatory point of view, we have used as reference the GDPR. In addition, we have defined use case scenarios where different hospitals are using the approach defined.

The expected results (Key Results-KR) by the end of the project are:
KR01: Knowledge base of generic security issues that may affect a system
KR02: Tool that provides an automated analysis of data structures in order to identify sensitive elements that may be vulnerable to specific threats.
KR03: Security requirements identification tool
KR04: SHiELD open architecture and open secure interoperability
KR05: SHiELD (Sec)DevOps tool.
KR06: Data protection mechanisms
KR07: Privacy protection mechanisms
KR08: Legal recommendations report.
KR09: Pilots
KR10: Best practices
KR11: Publications.
KR12: Take up opportunities

From the impact point of view, the use cases in SHiELD will encourage the transmission of clinical data across European borders with enhanced mechanisms for ensuring security and privacy of health data. From a technical perspective, security analysis approaches are defined and used for enhancing the OpenNCP platform. From a regulatory perspective, SHiELD provides some experiences applying the GDPR and to learn from this experiences.
SHiELD logo
SHIELD general overv