Making Healthcare More Secure with Intel SGX

Image from Pixabay

Healthcare is a basic human right—something that every person in the world needs in some way in order to live a productive, satisfying life. Every day, people around the world visit doctors, submit to lab and diagnostic testing, undergo procedures and surgeries, ingest prescribed pharmaceuticals, take part in treatments and therapies, and engage with healthcare providers in countless ways.

Healthcare is also an area of great sensitivity and privacy, so it is important to protect healthcare data from unauthorized access or compromise. Intel understands the value of healthcare and medical research and why it is vital for healthcare providers and individuals to be able to freely access and exchange relevant information securely.

The healthcare industry is undergoing its own transformation efforts, continually digitizing at an alarming rate. As such, healthcare providers need to be equipped with the right technology to manage and protect the data they are collecting. The industry can look towards implementing solutions such as Intel Software Guard Extensions (Intel SGX), which is at the heart of securing and protecting crucial healthcare data across a variety of scenarios.

Streamline and Accelerate Clinical Drug Trial Process

The ability to develop and test new drugs and bring them to market safely relies on real-world data—including electronic health records—to streamline clinical trials. Gathering real-world data is challenging, though, because HIPAA and other regulations mandate that queries, data, applications, and test results must be encrypted at rest, while in motion, and while in use.

Looking to hardware security can help with this balancing act of gathering data and keeping it secure. Addressing data security concerns at the hardware level can establish a trusted computing environment for healthcare providers that ensures data privacy. Information can be shared and validated efficiently, getting doctors, patients and all those in need the therapies they require.

Leidos and Fortanix are doing just this. By leveraging Intel SGX, they are able to deliver services and enable real-time sharing of critical data while maintaining compliance with strict patient and industry data privacy requirements. Intel SGX allows developers to partition sensitive information into Trusted Execution Environments (TEEs)—areas in memory on the processor that protect data while in use and only allow access by authorized code.

Protect Electronic Patient Records

Electronic patient health records benefit both patients and healthcare providers. A digital file that stores all medical records as well as information on diagnoses, exams, test results, and treatments simplifies collaboration between primary healthcare providers and specialists and empowers individual patients to play an active role in their own care. It also contains private information that must be secured.

As healthcare businesses increasingly “go digital,” they’ll need to ensure they are complying with current regulations that exist. For example, the German government has verified Intel SGX for compliance with strict regulations regarding storage and processing of electronic patient records. Transmitted information is encrypted and decoded within a TEE to increase the security of application code and data.

While securing this data should always be top of mind for those in the healthcare space today, ensuring that businesses remain compliant is critical. Not only will this help keep patient data secure and private, but it will also help providers avoid potential fines and lawsuits.

Enable Medical Device Innovations

Technology is being used in increasingly creative and innovative ways to enhance healthcare and improve outcomes for patients. Yet this development and certification of innovative new medical device technologies often requires access to patient data.

The UCSF BeeKeeperAI project utilizes the hardware-enhanced security of Intel SGX to accelerate validation of a device’s data and algorithms in order to improve both patient care and privacy. Intel SGX allows the platform to provide a zero trust environment designed to protect both the intellectual property of an algorithm and the privacy of healthcare data. The algorithm interacts with a specifically curated dataset, while the underlying data remains in control of the healthcare institution providing it at all times.

With the healthcare space constantly evolving and new technologies being introduced every day, it can be hard to keep up with the pace of innovation. Employing hardware-based security and leveraging a zero trust strategy is critical in continuing efforts to keep data secure while also remaining innovative.

AI for Imaging and Diagnosis

Ultrasonic imaging diagnosis and analysis are widely used and play a crucial part of healthcare diagnosis and treatment. These are yet another example of innovations in the field that require access to sensitive data. Traditionally, imaging examination has relied heavily on manual and inefficient analysis, but Demetics Medical Technology—with the help of Intel SGX—is employing artificial intelligence (AI) to increase efficiency and accuracy. Demetics developed the AI-SONIC computer-aided diagnosis system for ultrasonic imaging, which uses Intel SGX to protect its medical AI algorithms and intellectual property.

Healthcare is a constantly evolving frontier. Cutting edge technology is helping to speed up analysis, improve accuracy of diagnosis, and streamline treatment and patient care. As organizations around the world develop and adopt new solutions, technologies like Intel SGX play a crucial role in protecting patient data and enabling proprietary and sensitive data to be used securely.

Tony Bradley: I have a passion for technology and gadgets--with a focus on Microsoft and security--and a desire to help others understand how technology can affect or improve their lives. I also love spending time with my wife, 7 kids, 4 dogs, 7 cats, a pot-bellied pig, and sulcata tortoise, and I like to think I enjoy reading and golf even though I never find time for either. You can contact me directly at tony@xpective.net. For more from me, you can follow me on Threads, Facebook, Instagram and LinkedIn.

View Comments (0)

Related Post