Use sensitive patient data securely with compliance through cryptography

11 November 2023

Studies on various topics, such as sleep habits, the effects of certain diseases or sports, and brain research, utilize clinically sensitive patient data. Many of these studies require first-party access to databases for data manipulation – even though they only need the results of database queries.

The key challenge in processing patient data

In recent years, sleep medicine, brain research, and other domains have experienced a surge in interest in machine and deep learning-related research. These cutting-edge projects involve clinically sensitive data, sparking discussions on multiple fronts. A key challenge is finding the right balance between research openness, privacy concerns, and data security. This is a tricky task, to say the least. Research projects must adhere to the FAIR data principles. These are about ensuring that the data is findable, accessible, interoperable, and reusable. At the same time, researchers also must comply with the stringent General Data Protection Regulation (GDPR) of 2016/679.

The primary challenge is that GDPR places a strong emphasis on data privacy, necessitating explicit consent from individuals for data usage. While crucial for protecting individuals’ rights and privacy, this requirement sometimes conflicts with the openness and accessibility advocated by FAIR principles. Researchers often face a dilemma, aiming to make data findable and accessible while ensuring strict privacy compliance. Strict security protocols impede collaborative research as institutions can’t exchange data.

What is the reaction of the medical community?

Navigating this terrain isn’t easy. GDPR compliance can seem burdensome, especially for observational data. The balancing act involves making data available for advancements while safeguarding individuals’ privacy and maintaining the highest data security standards. It’s a tough challenge. The International Network of Privacy Law Professionals argues thatscientific research should not be unduly held back by data protection interests and legislation.” The reality is that medical researchers are hindered by GDPR, and the debate continues at both the European Union and member state levels. In this evolving landscape, researchers and institutions continually strive to adapt to meet these challenges. The ultimate goal is to harness the power of data-driven insights without compromising ethical standards—a journey of innovation and responsibility where medical research seeks to improve lives while respecting individuals’ privacy and data security.

Use sensitive patient data without consent

Confidential Cloud emerges as a game-changer in this scenario, providing a secure environment for managing and sharing sensitive data. It ensures data remains protected while remaining accessible for research purposes. Confidential Cloud enables harnessing the power of data without requiring patient consent, all without contradicting GDPR regulations.



2023: more business, more challenges, more success to celebrate

2023: more business, more challenges, more success to celebrate

And just like that, in a blink of an eye, we have found ourselves at the end of yet another year. 2023 meant a lot to CanaryBit: it brought more business and challenges but also set the ground for growth for several years ahead. Let's rewind the year before it ends...

Preparing for DORA – a new challenge for financial entities

Preparing for DORA – a new challenge for financial entities

Preparations underway The Digital Operational Resilience Act (DORA), establishes the European Union’s new regulatory framework for the management of digital risks in financial markets. You can get a PDF of the regulation from the EU commission website. It entered into...

Standardising Confidential Computing

Standardising Confidential Computing

Trusted Execution Environments have been around for a while now and keep evolving. As support for confidential computing is included in more commodity platform, standardising this approach is becoming increasingly important to accelerate updake. This is part one of a...