By Pat Bumpus | December 13, 2022 | spotlight

Fully Homomorphic Encryption (FHE) in Healthcare: Secure data sharing for medical research and patient care.

Image of Dr. Vineet Chadha, FHE Engineering Manager, Cornami, Inc.

Big Data in Medicine

Big data and data analytics are transforming the way we manage, analyze, and leverage the vast amounts of data associated with and generated from multiple application sectors. One of these sectors is the healthcare industry, which is working to significantly improve disease diagnostics, clinical research, as well as patient care and outcomes.

The data associated with the healthcare industry often includes research and patient care data. Not surprisingly, the healthcare industry produces and is responsible for the safekeeping of immense amounts of data.

Big data, as it applies to the healthcare industry refers to the enormous amount of patient data generated by the adoption of devices and technologies that collect patient information and manage patient records.

This is driven largely by, but not limited to, the rapid development and adoption of IoMT (internet of medical things) devices, e.g., connected medical devices, data collection, and computing both at the edge and in the cloud.

What’s to be done with all this data?

Big data in healthcare benefits both patients and providers. Patient data can be used to identify and/or predict risks to individuals or communities and develop better and more targeted treatment plans. Staffing and operations data can be used to analyze trends for forecasting patient admissions and predictive staff scheduling for peak or slow periods. Data sharing can foster research and innovation that reduce time-to-market for new prescription medications and medical devices, as well as tracking risks and side effects to increase patients’ safety and reduce liability. Insurance companies can leverage medical data to detect and prevent crimes and insurance fraud while making claims processes faster and more streamlined.

Artificial Intelligence (AI) and Machine Learning (ML) are key technologies being leveraged for the analysis of Big data. According to Optum, Health care leaders believe practical benefits of AI and ML in healthcare include improving patient outcomes, achieving health equity goals, automating workflows, and gaining tangible cost savings. The report states top three potential improvements in patient outcomes are Virtual patient care (41%), Diagnosis and predicting outcomes (40%), and medical image interpretation (36%). In addition, 72% of healthcare executives trust Al to support nonclinical, administrative processes to allow clinicians more time for patient care.

Source: 4th Annual Optum Survey on AI in Health Care, 2021

According to a report from Business Insider, there are 21 key areas where medical data can be applied to affect research, patient care, patient outcomes, and healthcare management…

  1. Improved patient predictions
  2. Electronic health records (EHRs)
  3. Real-time alerting
  4. Enhancing patient engagement
  5. Prevent opioid abuse in the US
  6. Informed strategic planning
  7. Cure cancer with health data
  8. Predictive analytics in healthcare
  9. Reduce fraud & enhance security
  10. Improve telemedicine
  11. Enhancing medical imaging
  12. Prevent unnecessary ER visits
  13. Staffing & personnel management
  14. Learning & development
  15. Risk & disease management
  16. Suicide and self-harm prevention=
  17. Supply chain management
  18. Develop therapies & innovations
  19. Help manage mass diseases
  20. Improve prescription processes
  21. Prevent human error

Source: B. Calzon: Business Intelligence, Jun 2nd 2022

For healthcare data to be useful and actionable, it must be accessed and analyzed. Without proper protections, this can be at best, risky and costly; at worst it can result in privacy breaches of millions of patients, loss of valuable data, regulatory penalties for not adhering to HIPAA and other regulatory guidelines, and significant loss of business and revenue.

So, what’s the problem?

The biggest obstacle to effectively using big data in the medical field is how that data is spread out across sometimes dozens of separate entities; how it is governed by different countries, states, or jurisdictions, how it is managed and protected by hospitals, and their internal and external administrative organizations. The cohesive integration of these data sources would be physically, practically, and technically nearly impossible. The only practical solution for such distributed data sources is to make them sharable. One way of sharing sensitive data is through an encryption mechanism that lets users encrypt data and share it with a third party for analysis.

While sensitive data is encrypted when sharing, processing the data requires delegating that data to an untrusted source and operating on it after it is decrypted. In other words, current encryption schemes to protect data only do so while that data is at rest or in transit. The challenge arises when we try to perform analysis or query functions on that encrypted data and currently in healthcare applications, we cannot without decrypting the data. The moment the data is exposed, employees, contractors, hackers, and 3rd parties can steal or misappropriate that data.

This is where FHE comes in

FHE or Fully Homomorphic Encryption was originally developed at Stanford University by Craig Gentry to enable computing on encrypted data sets, keeping the underlying confidential data secure. Gentry’s scheme uses lattice-based cryptography, addition, and multiplication operations on ciphertexts, introducing noise, and bootstrapping, ultimately resulting in the indecipherable ciphertext which can only be decrypted by the party that owns the data.

Patient health records are digital records of a patient’s medical history kept by hospitals or health care providers. Patient health records are typically stored in data centers for storage and processing. Before doing computations on data, traditional encryption techniques decrypt the data in its original form. As a result, sensitive medical information is vulnerable and exposed to potential compromise. Homomorphic encryption can protect sensitive information by allowing data to be processed in an encrypted form such that only encrypted data is accessible to service providers.

Fully homomorphic encryption enables analytical functions to be performed on encrypted data yielding encrypted results as if the functions were being performed in plaintext.

A real-world example

Consider the example of the medical or pharmaceutical researcher that wants to analyze statistics on the efficacy of a new procedure or drug on a specific demographic or segment of patients. The hospital that owns the medical records is unable to share them due to privacy regulations. The solution is to use FHE encryption on this sensitive data so that it can remain secure during the analysis.

Why is FHE Important?

FHE enables computation on encrypted data without exposing any information about the underlying data. In short, a party can encrypt input data, while another party, that does not have access to the decryption key, can perform computation on the encrypted data. The final result is also encrypted, and it can be unencrypted only by the party that possesses a unique key. Thus, data can remain encrypted and obfuscated while it is processed, enabling useful analytical output results to be obtained securely even if the data resides in untrusted environments.

FHE allows end-to-end protection of research data, patient data, administrative data, sensor data, intellectual property (IP), patient and organizational financial or accounting data, personally identifiable information (PII), protected health information (PHI), regulatory data, or business and operational insights.

Privacy and data security become achievable goals with FHE, allowing for a wide range of services to become accessible while maintaining full confidentiality of the data, the application, and service results.

More from Impact Venture Capital

Image of a cyborg communicating the concept of innovative technology.
Impact Leads CORNAMI Financing

Got A Big Idea?

Tell us more about your project.

We receive a lot of pitch decks, so it may take us a little while to get back to you if we think that there might be a fit. We hope to see you soon!