Article
Confidential computing as a game changer: new horizons in healthcare research under the Health Data Utilisation Act (Gesundheitsdatennutzungsgesetz – GDNG)
Search Medline for
Authors
-
Luisa Camacho
- VITIS Healthcare Group, Köln, Deutschland; Symedics GmbH, Köln, Deutschland
-
Uwe Lührig
- Symedics GmbH, Köln, Deutschland
-
Josephine Heinz
- Wissenschaftliches Institut der Niedergelassenen Ärztinnen und Ärzte für Hämatologie und Medizinische Onkologie (WINHO GmbH), Köln, Deutschland
-
Philipp Kachel
- IDG Institut für digitale Gesundheitsdaten RLP, Mainz, Deutschland
-
Anna Kron
- Network Genomic Medicine, Köln, Deutschland
-
Florian Kron
- VITIS Healthcare Group, Köln, Deutschland; Department I of Internal Medicine, Köln, Deutschland; Faculty of Medicine and University Hospital Cologne, Centre for Integrated Oncology (CIO ABCD), Köln, Deutschland
-
Holger Gothe
- Wissenschaftliches Institut der Niedergelassenen Ärztinnen und Ärzte für Hämatologie und Medizinische Onkologie (WINHO GmbH), Köln, Deutschland; UMIT TIROL – University for Health Sciences and Technology, Institute of Public Health, Medical Decision Making and Health Technology Assessment, Department of Public Health, Health Services Research and Health Technology Assessment, Hall in Tirol, Österreich; Medizinische Fakultät “Carl Gustav Carus”, TU Dresden, Deutschland
| Published: | September 10, 2024 |
|---|
Outline
Text
Background: Record linkage and functioning data integration form a decisive basis for the processing of health care-related issues. The time required to generate a database is considerable in many research projects. However, thanks to new technologies and the changed legal situation brought about by the GDNG, new possibilities for data generation have emerged. The concept presented here utilises the implementation of record linkage procedures to seamlessly merge clinical data from different care sectors and sources in order to better research holistic patient care in oncology along the patient journey. A particular focus is on the application of confidential computing, which aims to protect data during processing by encrypting it in a secure execution environment (Trusted Execution Environment, TEE). This fulfils various requirements of the Act on the Use of Health Data for Research Purposes and the Further Development of the Healthcare System (GDNG), particularly with regard to data protection and data security. Furthermore, barriers in the merging of patient data from different sectors will be identified and recommendations for action derived from this. The entire process of the record linkage procedure will be illustrated using a practical use case.
Objective: The main objective of the project is to create an interoperable data infrastructure and improve the availability and accessibility of high-quality patient data. State-of-the-art technologies such as confidential computing will be utilised to ensure the security and efficiency of data integration. Our hypothesis is that the use of confidential computing will improve the quality and availability of patient data and advance cross-sectoral oncological care research.
Methods: Following the cross-sector standardisation of the hashing process for patient data, a Data Clean Room (DCR) is used. This provides a secure environment for analysing uploaded patient data without mutual access to the respective raw data of the parties involved. Within the DCR, the data is analysed in encrypted form, which ensures additional security. This analysis process fulfils the requirements of the GDNG for the processing of health data, particularly in terms of data protection and security, and ensures the confidentiality of patient data throughout the data analysis. This method allows valuable insights to be gained from patient data without jeopardising it, which is particularly useful in healthcare research and, for example, in the development of new treatment methods.
Implication for research and/or (healthcare) practice: In addition to the time saved through automated record linkage and the cross-sector integration of patient data from various sources, the concept of confidential computing presented in the form of a DCR harbours enormous potential for medical research and healthcare practice.
