Aller au contenu principal

Medical Challenge : Security of medical infrastructures

This challenge concerns the security and resilience of healthcare infrastructures, such as hospitals and medical laboratories, incorporating measures specific to this field, such as compliance with the RGPD and the implementation of data anonymisation and pseudonymisation processes. This risk is all the more worrying given the interconnected nature of the healthcare system, the often disparate IT architectures, and the high sensitivity of medical data.

The aim will be to work with our experts to explore and propose innovative solutions to ensure data confidentiality.
 

Using various techniques, such as pseudonymisation, emerging technologies like blockchain, homomorphic cryptography, etc. to ensure data confidentiality at every stage (from collection to analysis) in line with the GDPR and security standards. Ideally, reinforced by transparent and secure management of patient consent, monitoring and controlling access to sensitive data.

Here are a few potential suggestions (not exhaustive):

  • Pseudonymisation techniques

    • Implementation of correspondence tables stored securely, with access restricted to authorised persons only.

    • Implementation of logging and tracking mechanisms to monitor access to and use of the mapping table, in order to detect any suspicious or unauthorised activity.

    • Integrity of correspondence tables to maintain continuity of operations and avoid any loss of data

    • Integrity checks to detect any unauthorised alteration, maintain continuity of operations and avoid any loss of data.

    • Use of the private blockchain to create a decentralised and secure register of correspondence tables, offering traceability and integrity of sensitive data

  • Consent

    • Right to confidentiality and security

    • Confidence in the data collection and storage process

    • Control over the use of data (ensuring that data is not used outside the limits defined by consent)

  • Differential privacy

    • Noise is added to the data in a controlled manner to ensure that the results obtained from the data cannot be used to identify specific individuals.

    • This can be used in statistical analyses to protect the confidentiality of the data while still allowing meaningful results to be obtained.

  • Homomorphic cryptography 

    • Calculations on encrypted data without the need to decrypt it, preserving data confidentiality throughout the analysis process.

    • This technique is particularly useful for the secure processing of sensitive data

    • Tokenisation

      • Replacement of sensitive data with a unique token or identifier, which can be used to reference the original data in a mapping table.

  • Deletion and aggregation methods

    • Deletion of sensitive data or grouping/aggregation of data to reduce the risk of re-identification.

Responsable(s) du grand défi

Formulaire entreprise


Je suis intéressé d'être informé des résultats des recherches sur ce défi
Je suis intéressé de participer à un groupe de travail résultats des recherches sur ce défi (réunion/audio conférence 2 fois par an)
CAPTCHA
14 + 4 =
Trouvez la solution de ce problème mathématique simple et saisissez le résultat. Par exemple, pour 1 + 3, saisissez 4.
Cette question sert à vérifier si vous êtes un visiteur humain ou non afin d'éviter les soumissions de pourriel (spam) automatisées.