MedCo: Enabling the Secure and Privacy-Preserving Exploration of Distributed Clinical and *Omics Cohorts in the Swiss Personalized Health Network – PHRT
MedCo: Enabling the Secure and Privacy-Preserving Exploration of Distributed Clinical and *Omics Cohorts in the Swiss Personalized Health Network
MedCo (https://medco.epfl.ch/) is the first operational system that makes sensitive medical data available for research in a simple, private and secure way. MedCo enables researchers to search for individuals that correspond to given clinical and genetic criteria all the while preserving individuals’ privacy with strong end-to-end homomorphic encryption. MedCo has been co-developed by EPFL and CHUV and this infrastructure development project focuses at bringing MedCo from its current academic prototype version to a production-ready and hospital-compliant version in order to be deployed and used in the Swiss Personalized Health Network.
Despite its great potential, the current version of the MedCo prototype is still immature for being deployed and used in an operational clinical environment at Swiss hospitals. The goal of this project is very practical: bringing MedCo from its current academic prototype version into a production-ready version to be deployed and used in the Swiss Personalized Health Network.
The proposed project addresses a main challenge to further develop personalized health research, namely providing a mechanism to share sensitive and identifying health data (e.g., *omics data) across several medical institutions in a totally privacy-preserving and secure way. To ease its adoption at clinical sites, MedCo supports the APIs and data models of the i2b2 (Informatics for Integrating Biology and Bedside) framework and features an intuitive and modern user interface. Hospitals that already use i2b2 or similar tools can easily deploy MedCo on top of their existing infrastructure.
The increasing number of health-data breaches is creating a complicated environment for medical-data sharing and, consequently, for medical progress. Therefore, the development of new solutions that can reassure clinical sites by enabling privacy-preserving sharing of sensitive medical data in compliance with stringent regulations (e.g., HIPAA, GDPR) is now more urgent than ever. To address this issue, EPFL and CHUV have jointly developed the first prototype of MedCo, an open-source privacy-preserving distributed system that integrates current cohort explorers and provides strong security and privacy guarantees such as trust decentralization, end-to-end data protection, auditability and differential privacy. To achieve these guarantees, MedCo relies on sophisticated privacy-enhancing technologies such as secure multi-party computation, homomorphic encryption and result obfuscation. So far, MedCo has been tested on a simulated and controlled academic environment. Results show impressive performance. The query runtime is comparable to the ones of state-of-the-art cohort explorers (e.g., i2b2) that do not provide any protection guarantees besides basic access control.
Patents / Startups
D Froelicher, M Misbach, JR Troncoso-Pastoriza, JL Raisaro, JP Hubaux MedCo2: Privacy-Preserving Cohort Exploration and Analysis, Studies in health technology and informatics 270, 317-321, 2020
J. Scheibner, JL. Raisaro, JR. Troncoso-Pastoriza, M. Ienca, J. Fellay, E. Vayena, and J-P. Hubaux, Revolutionizing Medical Data Sharing Using Advanced Privacy Enhancing Technologies: Technical, Legal and Ethical Synthesis. Journal of Medical Internet Research, 2021, (arXiv preprint arXiv:2010.14445)
J. Scheibner, M. Ienca, S. Kechagia, JR. Troncoso-Pastoriza, JL. Raisaro, J-P. Hubaux, and E. Vayena, Data Protection and Ethics Requirements for Multisite Research with Health Data: A Comparative Examination of Legislative Governance Frameworks and the Role of Data Protection Technologies. Journal of Law and the Biosciences, 2020
JL. Raisaro, F. Marino, J. Troncoso-Pastoriza, …,, JP. Hubaux, SCOR: A secure international informatics infrastructure to investigate COVID-19, Journal of the American Medical Informatics Association (AMIA), 27.11 (2020): 1721-1726.
JL. Raisaro, JR. Troncoso-Pastoriza, S. Pradervand, M. Cuendet, M. Misbach, J. Sa, F. Marino, N. Freundler, N. Rosat, D. Cavin, A. Leichtle. SPHN/PHRT-MedCo in Action: Empowering the Swiss Molecular Tumor Board with Privacy-Preserving and Real-Time Patient Discovery, Studies in health technology and informatics. 2020 Jun 1;270:1161-2
Patents / Startups
Prof. Dr. Jean-Pierre Hubaux
School of Computer and Communication Sciences, École Polytechnique Fédérale de Lausanne (EPFL)
Nicolas Rosat, Direction of Information Systems, Lausanne University Hospital (CHUV)