39C3: How to calculate securely on clinical data internationally

With the electronic patient record, medical registries, and other sources, large amounts of sensitive health data are to be made usable for research. For this purpose, the Research Data Center Health (Forschungdatenzentrum Gesundheit) is being established at the national level at the Federal Institute for Drugs and Medical Devices (Bundesinstitut für Arzneimittel und Medizinprodukte, BfArM), whose data will prospectively become part of the European Health Data Space (EHDS).

At the same time, it is becoming increasingly apparent that classic protection mechanisms such as pseudonymization, anonymization, or pure aggregation are not sufficient: even from published statistics, individual health information can potentially be reconstructed.

An alternative approach is described in a study published in npj Digital Medicine: Under the title "Privacy-friendly evaluation of patient data with secure multiparty computation in a European pilot study", researchers have, for the first time, evaluated patient data from a clinical study across countries using Secure Multiparty Computation (SMPC) – without exchanging data between the participating institutions.

The study was conducted at the University Hospital of Ludwig Maximilian University in Munich (LMU Munich) and at the Policlinico Universitario Fondazione Agostino Gemelli in Rome. In total, data from 48 cancer patients who were treated with targeted, high-dose radiation for adrenal metastases were included. 24 datasets each remained physically in Munich and Rome; for the joint analysis, they were encrypted and entered into a Secure Multiparty Computing environment. Neither the participating clinics nor the researchers analyzing the data could view the raw data of the other side – only the jointly calculated results were visible.

In addition to the medical results – high local tumor control rate, low toxicity, and a median overall survival of 19 months – the methodological proof is primarily the focus: the study shows that cross-border clinical research is possible within the European legal framework without centrally collecting or sharing sensitive patient data. The organizational and legal effort was high, but the actual calculations were fast and efficient.

The fact that the topic interests not only medicine but also the tech and civil society is also shown by Hendrik Ballhausen from LMU Munich presenting the Secure Multiparty Computation approach at the 39th Chaos Communication Congress (39C3). We spoke with him about the study and why Secure Multiparty Computation can be an answer to current data protection debates.

Data protection in healthcare is much discussed – especially now with regard to the European Health Data Space and the particularly sensitive data accumulating with it. Why is now a good time to present your study at 39C3?

The trend is towards building large, centralized databases. This is very attractive for science, politics, and business. But there are also disadvantages: large databases easily become targets for attacks, and they shift the balance away from those to whom we owe the data: patients and scientists. We want to show an alternative approach: cooperation and research are also possible without sharing data. This not only serves data protection but is also a piece of lived federalism and makes our infrastructures more resilient.

For the first time, we jointly evaluated a clinical study across European borders – between Munich and Rome – without either side seeing the other's data. The calculations ran encrypted via a Secure Multiparty Computing environment. After a pilot test in Germany in 2019, this is now the first use of this technology in the European Health Data Space.

Critics often say: data protection slows down research. Is that true?

We hear that often. But the consequence cannot be that data protection has to go. With our approach, we are showing precisely that: both are possible. And there are even situations where cooperation becomes possible in the first place when protection interests are preserved.

In practice, the additional technical effort was manageable. Contracts, ethics approvals, and documentation took time. These would have been necessary for classic data exchange as well. So the additional technical effort is less than many think.

It is repeatedly warned that even anonymized or aggregated data can be reconstructed. How do you assess that?

These warnings are primarily justified with very small case numbers, for example with rare diseases. SMPC takes a different path: the data is not merged in the first place. There is no point at which anyone can see a complete dataset – not even the researchers.

What role does control by the data holders play in this?

A very large one. With SMPC, the data holders – clinics or, prospectively, patients – must actively agree when a new evaluation is to take place. It is technically impossible to "simply reuse" the data. Anyone who no longer participates, their data is out. This enormously strengthens self-determination. We want to redefine the role of the actors in the system – away from passive data providers towards active participants. Today, these are the university hospitals that have to defend their role. Tomorrow, it could be citizens who, in the spirit of citizen science, will themselves decide who they provide what data to and for what purpose.

Is this a model for the EHDS or the Research Data Centre Health?

At least a possible building block. Currently, there is a strong focus on central data storage and anonymization. Our approach shows that decentralized research is also possible – data-minimizing and GDPR-compliant. This could become very relevant, especially for rare diseases or particularly sensitive data. And ultimately, this is also in line with politics – today, data is generated in hospitals and "belongs" to state institutions. But we need to offer a way to handle data in the future that we otherwise wouldn't see at all – data from wearables, for example. We only get these if we act as equals and build trust.

Why hasn't it caught on yet?

The method is considered particularly secure and powerful by experts – mathematical security and completeness proofs have existed since the 1980s. But it is also considered particularly complex and difficult to implement in practice. Accessibility for non-experts is definitely an issue that we addressed in the project. Apart from that, there are now very good, practically applicable software solutions.

All that is needed is a use case where the advantages outweigh the disadvantages – as here in clinical research with sensitive patient data. We deliberately relied on an established industrial solution and developed middleware for it so that medical researchers without cryptography expertise can also work with it.

What happens next?

We have shown that it works technically and organizationally. We are happy to contribute this expertise. Whether and how it continues depends primarily on political will. Modern data protection, made in Germany, and medical research are not a contradiction.

(mack)