Trust the System
Auditing Privacy- preserving Medical Data Analysis in a Distributed Manner
J. S. van Assen (TU Delft - Electrical Engineering, Mathematics and Computer Science)
Z Erkin – Mentor (TU Delft - Cyber Security)
Megha Khosla – Graduation committee member (TU Delft - Multimedia Computing)
More Info
expand_more
Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.
Abstract
Recent developments in the capability and availability of small internet of things devices has meant that networked medical devices, like networked implants and wearable monitors, have become more widespread. This data is invaluable for solving pressing global healthcare concerns, like eectively monitoring and treating heart patients. The European Union has announced plans to create an international collaborative network for sharing medical data. However, such a system will have to overcome some major unsolved issues regarding security and privacy. Citizens surveys have stressed the im-portance of privacy protection and transparency in recipients. Governments have appointed administrative bodies tasked with supervising the processing of personal data, or assuring healthcare quality. However, medical health-care providers have signalled concern with unrestricted governmental access to patient data. In this thesis, we propose a system for auditable medical data sharing compatible with privacy-preserving technologies. We demon-strate a method to securely generate encryption keys which are recoverable using an audit key.
We combine this with distributed key generation to cre-ate a board of trusted members, with each a share of the audit key. Board members can work together to collaboratively audit communication between healthcare providers and medical researchers. We demonstrate that the key generation is secure and ecient. We show that auditability is guaranteed under the assumptions that at least one of the communicating parties is hon-est. Our system bridges the gap between privacy-preserving medical data analysis and governing capabilities by assuring auditability without handing this power over to a single party. In real world scenarios, this system can be used to create international level of data sharing, as is explored for the European Health Data Space. The data inspection can be combined with already existing legislative power to detect fraudulent behavior and perform physical audits when required. The system can be extended to facilitate reproducible medical research.