Published March 27, 2025 | Version v1
Project deliverable Open

HealthData@EU Pilot - Deliverable 8.3 Recommendations on application of privacy enhancing technologies, data security and node compute capabilities

Creators

Contributors

  • 1. ROR icon Biobanking and Biomolecular Resources Research Infrastructure Consortium
  • 2. BBMRI-ERIC
  • 3. ROR icon Masaryk University

Description

This deliverable, D8.3, is part of Work Package 8 (WP8) of the HealthData@EU Pilot, a project that concluded on December 31, 2024. The HealthData@EU Pilot aimed to test the implementation of the European Health Data Space (EHDS) infrastructure for the secondary use of health data, supporting research, innovation, policymaking, and regulatory activities.

Objective

D8.3 provides recommendations on the application of Privacy Enhancing Technologies (PETs), data security measures, and compute capabilities. It builds on insights from the five use cases (UCs) of the pilot, assessing different approaches to data access, privacy protection, and computing requirements.

Approach

The analysis follows the HealthData@EU Data Life Cycle, as defined in the TEHDAS Joint Action, and includes:

  • Privacy Enhancing Technologies (PETs) and data security:
    • Overview of threats and risks.
    • Prevention and mitigation strategies.
    • Implementation of security measures in each use case.
  • Federated and centralised data access models:
    • All use cases employed federated analysis, with variations between “Data visiting” and “Federated analysis by proxy analyst.”
    • The ECDC use case piloted additional scenarios, including centralised pooled analysis and federated querying (aligned with EHDS Article 69).
  • Compute capabilities:
    • Hardware and software requirements gathered from use cases.
    • Consideration of EHDS requirements for applicants to specify computational resources needed for data access.

Key Findings

  • Diverse PETs adoption across use cases, with different security measures based on data sensitivity and processing needs.
  • Varying approaches to federated and centralised data access, with implications for security and performance.
  • Challenges in ensuring robust data security, particularly in cross-border collaborations.
  • Computational resource requirements differ depending on the size and complexity of the datasets involved.

Files

D8.3 Recommendations on application of privacy enhancing technologies, data security and node compute capabilities (2).pdf

Files (2.8 MB)

Additional details

Dates

Accepted
2025-03-14