data protection in the healthcare sector, cybersecurity
© Megaflopp

Data protection in the healthcare sector is an increasing cybersecurity concern: What will happen next with the regulation of this industry?

In fact, there is an increasing need to exchange and share patients’ health related information among different countries in order to provide better health services to citizens. The European Commission is committed to this approach, and they launched an initiative promoting the exchange of health records among European countries. This initiative is being carried out under the eHealth Digital Service Infrastructure (DSI) Operations2 from the European Commission.

The eHealth DSI (eHDSI) is the initial deployment and operation of services for cross-border health data exchange under the Connecting Europe Facility (CEF). The aim of this platform is to connect different national health systems by using standards1 to exchange eHealth record’s patient data, among other data. In addition, there are several European research projects focused on improving this kind of platforms. This is the case of the SHiELD (European Security in Health Data Exchange) project, which will unlock the value of health data to European Citizens and businesses by overcoming security and regulatory challenges that today prevent this data being exchanged with those who need it.

An example of storyboard

An Italian citizen travelling in Spain incurs a stroke and has been taken to the nearest Spanish hospital. During Emergency medical services (EMS) while first aid is giving to the patient in need, the coordination centre informs the EMS in which hospital the patient should be taken. At the same time, a message is sent to a workstation located in the emergency department of the hospital involved to alert the first-aid unit. As soon as the
message is received a medical team is created in order to be ready for the stroke assistance. To this purpose, different physicians are summoned such as emergency physicians, neurologists, neuroradiologists, and so on.

In order to ensure the best assistance, the medical staff wish to check a patient’s Electronic Health Records (HER) to know his medical history (e.g. epSOS patient summary). This is fundamental, not only to discover possible illnesses or chronic conditions but also to ensure that the patient does not suffer from allergies to drugs; also if the patient has a chronic treatment that should be relevant to know in order to be able to perform therapeutic management as efficient as possible. Therefore, we need to exchange securely eHealth records among different member states.

SHiELD contributions and objectives

SHiELD aims to create an open and extendable security architecture (OpenNCP) supported by security mechanisms and privacy by design modelling and analysis tools to
provide systematic protection for the storage and exchange of health data across European borders, subject to control by the data subjects, compatible with existing regulatory frameworks, ensuring the privacy, availability and correctness of the data while improving the trust of patients in the security of their data and its use to address their needs3.

This objective will be realised through the achievement of the following objectives (O) and Key Results (KR) by the end of the project, namely:

(O1) Systematic protection of health data against threats and cyber-attacks: This objective is focused on identifying generic security issues by using the System Modeller. In this sense, SHiELD identifies an initial knowledge base containing generic security threats (e.g. remote exploits, software bugs, unauthorised local access), threats in mobile devices environments, and some threats stemming from the use cases themselves.

The main key results stemming from this objective are:

  • KR01: Knowledge base of generic security issues that may affect a system: the resulting knowledge base contains threats that can be found in the three trials.
  • KR02: Tool that provides an automated analysis of data structures in order to identify sensitive elements that may be vulnerable to specific threats
  • KR03: Security requirements identification tool: Privacy by design models and tools

(O2) Definition of a common architecture for the secure exchange of health data across European borders. This project is tightly related to the epSOS project and therefore the architecture is similar to this project. In fact, we are using the OpenNCP source code and we are enhancing the security and privacy by allowing the use of different tools such as the consent management among others.

The main key results stemming from this objective are:

  • KR04: SHiELD open architecture and open secure interoperability API: OpenNCP architecture has been studied and integration points have been identified. SHiELD partners have participated in OpenNCP bootcamps and we have developed a running web portal for running the pilots which facilitate the interchange of patients’ data.
  • KR05: SHiELD (Sec)DevOps tool: a secured DevOps approach has been identified in order to ease the instalments of OpenNCP based architectures. Security checks have been injected into the DevOps approach.

(O3) Assurance of the protection and privacy of the health data exchange. Data and privacy protection mechanisms have been identified within the scope of the SHiELD project. Taking into account this context, a diverse set of tools have been outlined and prototyped.

The main key results stemming from this objective are:

  • KR06: Data protection mechanisms: Some approaches have been developed in this sense. For example, ICMetric approach is used for enhancing mobile devices security. This approach enables the ability to detect tampering.
  • KR07: Privacy protection mechanisms: Concerning privacy, we have developed an approach for identifying sensitive data within databases, and a first prototype is released. Anonymisation mechanisms are used for protecting personal information, and to be compliant with the GDPR.

(O4) To understand the legal/regulatory requirements in each member state, which are only partly aligned by previous EU directives and regulations and provide recommendations to regulators for the development of new/improved regulations.

The main key result stemming from this objective is:

  • KR08: Legal recommendations report: This key result includes and covers the legal EU data protection principles such as data minimisation, plus technical privacy measures such as pseudonymisation in response to the specific privacy impact caused by automatic health data exchange. In this context, SHiELD analyses the OpenNCP architecture and its impact in the SHiELD scenarios.

(O5) Validation of SHiELD in different pilots across three Member States.

The main key results stemming from this objective are:

  • KR09: Pilots: SHiELD technologies are validated within different pilots involving different member states.
  • KR10: Best practices: SHiELD offers eHealth providers a management system covering the security elements of the knowledge base and threat modelling tools (O1), interoperability API and tool (O2), security controls and privacy mechanisms (O3), and legal data protection guidance (O4). The management system will explain to the European eHealth providers how to implement the security elements in a systematic way, in order to give them a competitive edge in the market environment.

(O6) Dissemination of SHiELD results. The main key results are promoted in publications, OpenNCP bootcamps, cyberwatching events, and several workshops.


1) Karima Bourquard, Franck Le Gall, and Philippe Cousin. 2015. Standards for Interoperability in Digital Health: Selection and Implementation in an eHealth Project. In Requirements Engineering for Digital Health, Samuel A. Fricker, Christoph Thümmler and Anastasius Gavras (eds.). Springer International Publishing, Cham, 95–115. DOI:
2) European Commission. eHealth DSI Operations. Retrieved July 29, 2018 from
3) Xabier Larrucea, Izaskun Santamaria, and Ricardo Colomo-Palacios. 2019. Assessing source code vulnerabilities in a cloud-based system for health systems: OpenNCP. IET Software 13, 3 (June 2019), 195–202. DOI:


*Please note: This is a commercial profile

Contributor Profile

Project Leader
Tecnalia Research & Innovation
Phone: (+34) 664104903
Website: Visit Website


Please enter your comment!
Please enter your name here