KONFIDO

Introduction

KONFIDO is a H2020 project that aims to leverage proven tools and procedures, as well as novel approaches and cutting-edge technology, in view of creating a scalable and holistic paradigm for secure inner- and cross-border exchange, storage and overall handling of healthcare data in a legal and ethical way both at national and European levels.

The KONFIDO project aims to advance the state-of-the-art of eHealth technology with respect to the four key dimensions of digital security: data preservation, data access and modification, data exchange and interoperability and compliance.

Who is the project designed for?

KONFIDO is in principle a framework-oriented project; a holistic and systemic approach in the sense that it covers the interoperable management and secure exchange of healthcare/patient data in Pan-European level, taking into account the current and future technical progress and relevant achievements.

The KONFIDO project is mainly designed for citizens/patients and healthcare professionals who lack knowledge about the full benefits of eHealth and its implications, being unaware of how the technologies work and how data can be handled. Therefore, securing data exchanges and increasing awareness of eHealth benefits are key factors for a wider acceptance in eHealth solutions.

End-users and healthcare professionals are actively involved in the project requirement analysis, the design and implementation of the KONFIDO pilots, as well as the systematic and escalating dissemination activities of the project. Government, public authorities and healthcare providers will also benefit from the reduced cost from breaches of health-related data, the improved eHealth security policies and the interoperability at EU level.

How is your project benefitting the end-user?

KONFIDO’s implementation approach is based upon six technology pillars:

1. The new security extensions provided by some of the main CPU vendors;
2. Physical Unclonable Function (PUF)-based security solutions that are based on photonic technologies;
3. Homomorphic encryption mechanisms;
4. Customized extensions of the selected Security Information and Event Management (SIEM) solutions;
5. A set of disruptive logging and auditing mechanisms developed in other technology sectors – such as blockchain – and transferred to the healthcare domain;
6. A customized eIDAS-compliant eID implementation.

The expected impact of the KONFIDO project is summarized below:

• Better acceptance of eHealth solutions among patients;
• Encouraging Member States to widen the use of eHealth;
• Ensuring the right of patients to cross-border healthcare;
• Supporting the development of European legal and operational standards for cross-border data exchange and patient privacy protection;
• Better protection against unauthorized use of personal data, breach of confidentiality and cybercrime;
• Increasing the awareness of stakeholders, private and public ones, on the current level of data security;
• Definition of clear architectures that will promote interoperability between eHealth solutions;
• Advancement of available information security and privacy technologies, being one of the first reference implementations to integrate a series of solutions proposed by EU projects (OpenNCP, STORK/eIDAS etc.).

Please briefly describe the results your project achieved so far

The key results of KONFIDO project so far are summarised below:

• Creation of a guidance report for the processing of health-related data in the European Union, focusing on legal and policy obstacles and solutions at EU level and national level in the three pilot countries (Denmark, Italy, Spain).
• Release of a gap analysis for interoperable eHealth solutions at a systemic level, focused on security and privacy mechanisms developed in various projects and initiatives.
• Organisation of two (2) end-user workshops targeting key stakeholders in the eHealth sector in Europe, as well as two (2) end-user surveys, one targeting healthcare professionals, health IT stuff and health authorities and another targeting patients/citizens.
• Design of the KONFIDO modular architecture that consists of several complementary security-enhancing technologies.
• Design and initial implementation of the six technological components:
  • Intel’s SGX environment integration in OpenNCP;
  • A Physical Unclonable Function module based on photonic technologies;
  • An interface for Fully Homomorphic Encryption and its integration with OpenNCP;
  • A customised SIEM consisting of multiple federated monitoring nodes;
  • A blockchain-based logging mechanism and a blockchain-based informed consent mechanism;
  • An eIDAS-compliant eID for OpenNCP.

What are the next steps for your project?

KONFIDO interim prototypes of the individual components will be ready by May 2018, while the first integrated KONFIDO prototype will be ready in October 2018.

The first pilot round in Italy, Spain and Denmark will take place between November and December 2018, involving end-users from these countries. The different National Infrastructures in each country pose interesting challenges for KONFIDO.

During the pilot, the KONFIDO team will measure the security improvement of OpenNCP (i.e. the European framework for cross-border eHealth data exchanges) with the application of KONFIDO.