Periodic Reporting for period 2 - SERUMS (Securing Medical Data in Smart Patient-Centric Healthcare Systems)
Okres sprawozdawczy: 2020-07-01 do 2021-12-31
In order to achieve high quality healthcare provision, it is increasingly important to collect highly confidential and personal medical data that has been obtained from a variety of sources, including personal medical devices and to share this through a variety of means, including public networks and other systems whose security cannot be implicitly trusted. Patients rightly expect full privacy, except where permission has been explicitly given, but they equally expect to be provided with the best possible medical treatment.
Evidence suggests that integrating home-based healthcare into a holistic treatment plan is more cost effective, reduces travel-associated risks and costs, and increases the quality of healthcare provision, by allowing the incorporation of more frequent home-, work- and environment-based monitoring and testing into medical diagnostics. There is thus a strong and urgent demand to deliver better, more efficient and more effective healthcare solutions that can achieve excellent patient-centric healthcare provision, while also complying with increasingly strict regulations on the use and sharing of patient data.
This provision needs to be multi-site, crossing traditional physical and professional boundaries of hospitals, health centres, home and workplace, and even national borders. It needs to engage hospitals, medical practitioners, consultants and other specialists, as well as incorporating patient-provided data that is produced by personal monitoring devices, healthcare apps, environmental monitoring etc. This creates huge pressures.
The goal of Serums is to put patients at the centre of future healthcare provision, enhancing their personal care, and maximising the quality of treatment that they can receive, while ensuring trust in the security and privacy of their confidential medical data.
Evidence suggests that integrating home-based healthcare into a holistic treatment plan is more cost effective, reduces travel-associated risks and costs, and increases the quality of healthcare provision, by allowing the incorporation of more frequent home-, work- and environment-based monitoring and testing into medical diagnostics. There is thus a strong and urgent demand to deliver better, more efficient and more effective healthcare solutions that can achieve excellent patient-centric healthcare provision, while also complying with increasingly strict regulations on the use and sharing of patient data.
This provision needs to be multi-site, crossing traditional physical and professional boundaries of hospitals, health centres, home and workplace, and even national borders. It needs to engage hospitals, medical practitioners, consultants and other specialists, as well as incorporating patient-provided data that is produced by personal monitoring devices, healthcare apps, environmental monitoring etc. This creates huge pressures.
The goal of Serums is to put patients at the centre of future healthcare provision, enhancing their personal care, and maximising the quality of treatment that they can receive, while ensuring trust in the security and privacy of their confidential medical data.
Work done during the reporting period (months 19-36) includes reaching our success criteria (SC):
SC9 Developed refined privacy-preserving distributed deep-learning analytics methods.
SC10 Produced refined versions of smart patient record access methods and data lake, refined data masking and semantic-preserving encryption techniques and refined authentication methodology.
SC11 Produced and tested the refined version of the Smart Health Centre System and defined final format for smart patient records.
SC12 Developed and evaluated refined versions of the use cases.
SC9 Developed refined privacy-preserving distributed deep-learning analytics methods.
SC10 Produced refined versions of smart patient record access methods and data lake, refined data masking and semantic-preserving encryption techniques and refined authentication methodology.
SC11 Produced and tested the refined version of the Smart Health Centre System and defined final format for smart patient records.
SC12 Developed and evaluated refined versions of the use cases.
We have developed novel privacy-preserving learning techniques that have a solid theoretical foundation. We expect until the end of the project to evaluate them on our SERUMS fabricated data sets, and refine the learning techniques as required. This will be a very important result as the predominance of big data analytics and the dangers of information leakage are very present. This work was started in this period but will be completed in the final 6 months of the project (beyond the present period).
In this period, we have improved the data fabrication process and its validation to make sure the quality of the fabrication makes the data undistinguishable from real data. This is fundamental as a technique, and will enable us to use our system entirely without compromising its security and privacy. This will generate data sets that are realistic and can be used for the purposes of research in a number of areas. We achieved good results in this area, and were able to make use of a rich dataset to improve and evaluate our technology.
We have developed new authentication mechanisms that can be adapted to suit the abilities and the needs of the users, considering not just young users used to technology, but the elderly and frail that may find some aspects of technology harder to deal with. The picture-passwords being developed aim to enhance the diversity of needs and abilities and help users. Our evaluation through the use case partners throughout the project have allowed us to refine our approaches further.
The final evaluation will be made in the last 6 months of the project and any final changes to our technology will be a consequence of the results achieved then.
The smart patient record and the use of the data lake has been used in the project as a mechanism to deal with very diverse data with different provenance. This is essential for our project and a realistic healthcare system that should be able to share medical records across systems in Europe.
Solutions that need to be secure and can be audited include our approach with blockchain. We have completed the set of access rules required for our context which we believe can handle different local legislation and also conform with GDPR at all times.
In this period, we have improved the data fabrication process and its validation to make sure the quality of the fabrication makes the data undistinguishable from real data. This is fundamental as a technique, and will enable us to use our system entirely without compromising its security and privacy. This will generate data sets that are realistic and can be used for the purposes of research in a number of areas. We achieved good results in this area, and were able to make use of a rich dataset to improve and evaluate our technology.
We have developed new authentication mechanisms that can be adapted to suit the abilities and the needs of the users, considering not just young users used to technology, but the elderly and frail that may find some aspects of technology harder to deal with. The picture-passwords being developed aim to enhance the diversity of needs and abilities and help users. Our evaluation through the use case partners throughout the project have allowed us to refine our approaches further.
The final evaluation will be made in the last 6 months of the project and any final changes to our technology will be a consequence of the results achieved then.
The smart patient record and the use of the data lake has been used in the project as a mechanism to deal with very diverse data with different provenance. This is essential for our project and a realistic healthcare system that should be able to share medical records across systems in Europe.
Solutions that need to be secure and can be audited include our approach with blockchain. We have completed the set of access rules required for our context which we believe can handle different local legislation and also conform with GDPR at all times.