A PEP-talk for personalised healthcare.

Polymorphic Encryption and Pseudonymisation for Personalised Healthcare yes, that’s right PEP for short. One might win a game of Scrabble with it. But the truth is it is a very serious matter. Where more is security an important issue than in (y)our health(care)data?

Lucien Engelen

Director of REshape

Polymorphic Encryption and Pseudonymisation for Personalised Healthcare yes, that’s right PEP for short. One might win a game of Scrabble with it. But the truth is, it’s a very serious matter. Where more is security an important issue than in (y)our health(care) data?

My colleague researchers, in computer security and privacy, at Radboud University have developed an innovative cryptographic methodology for privacy-friendly personalised healthcare. It is based on what is called Polymorphic Encryption and Pseudonymisation, abbreviated as PEP. This PEP framework can securely handle at the same time :

(a) identifyable medical data for the diagnosis and treatment of individual patients,
(b) pseudonymised patient data for large scale medical research, and(c) patient data from multiple sources, including in particular(wearable) self-measurement devices and apps.

Hence this PEP approachis ideally suited for combining personalised care and statistical (bigdata) medical research. It is a prime example of data protection by design and default, as demanded in the tough new European General Data Protection Regulation(GDPR).

One of the security researcher involved, Prof. Bart Jacobs says: “stop whining about the GDPR and look at what modern crypto can do for you”. With techniques like PEP one can ensure high levels of trust so that patients are willing to make their medical data available for research purposes.

The researchers have written an extensive whitepaper about PEP, explaining the relevant ideas both for technical and non-technicalaudiences. The paper is available at: http://eprint.iacr.org/2016/411 be ware only for real techies 😉

Currently, the PEP framework is being implemented and developed into an open standard, supported by open source software. It will be tested in a real-life medical research project at our Radboud University Medical Center. The researchers are open to cooperate with anyone inthe sector who is serious about patient data protection and medical research.

On a sidenote one could learn more about Prof. Bart Jacobs and his vision from his talk at TEDxRadboudU i organised on behalf of our University in 2013.