Data sharing for acute care of stroke patients by AMC

The challenges

Stroke is a condition where poor blood flow in the brain results in cell death. This can lead to a part of the brain not functioning properly, with signs and symptoms appearing soon after the stroke has occurred. Time is critical in acute stroke care: within a very small timeframe of emergency treatment, health professionals need to identify the type of stroke and its severity, decide upon the most appropriate treatment, transport the patient to the adequate care centre, and perform the required intervention. The acute treatment of stroke generates and requires a large amount of data that needs to be shared among the health professionals along the whole process. Such data also represent valuable sources of evidence for medical research afterwards. Cloud infrastructures offer an attractive solution for sharing such data, but their sensitive character, raises privacy and safety issues.

The demonstrator

The acute care demonstrator adopts the ASCLEPIOS security framework for implementing data sharing applications on cloud infrastructures. The demonstrator is led by the Amsterdam University Medical Centres, University of Amsterdam (AMC), and explores two data sharing scenarios that safeguard the privacy of patients: hyper-acute care and medical research.

The hyper-acute care scenario implements a cloud-based electronic medical record (EMR) system that is secure and preserves patient privacy using modern access control and encryption mechanisms. Access to the EMR is controlled using policies and encryption schemes to dynamically grant and revoke authorisation to access patient information during the hyper-acute phase. Access control policies that leverage context-aware attributes are implemented using the Attribute-based Access Control (ABAC) component of ASCLEPIOS. The EMR is stored on the cloud using the Symmetric Searchable Encryption (SSE) scheme, which provides an additional data protection layer. All data requests are logged automatically and exploited via the ASCLEPIOS Privacy Analytics Module (APAM) component to provide data processing transparency for the patient and monitoring means for the data controllers, addressing compliance with the General Data Protection Regulation (GDPR) enforced in Europe.

Figure 1. The proposed scheme for the research scenario: research dataset sharing on the left and privacy-preserving analytics on the right.

The research scenario enables reusing EMR data for research purposes with high control of what is shared (which fields of the EMR) and with whom (authorized groups of researchers). The EMRs of patients that consented with their data being reused for research are extracted from the cloud storage and anonymized. They are then re-encrypted using the SSE scheme to enable fine-grained control of access to different parts of the EMR. ABAC policies are used to grant access to the research data only for authorized researchers. Special analytics functions leverage the ASCLEPIOS Functional Encryption component for performing privacy-preserving computations on the research data.


The demonstrator illustrates the benefits of adopting the ASCLEPIOS framework to implement secure data sharing that potentially improves the quality of acute care for stroke and unlocks the potential of medical data reuse for research purposes.

Figure 2. Flow diagram of communication between users and the ASCLEPIOS framework

Healthcare teams that need to respond to cases of hyper-acute care can get access to the medical record of patients through the advanced access control mechanisms of ASCLEPIOS, without delays that could be possibly fatal, and at the same time without compromising the security of the data. At the same time, the ASCLEPIOS privacy analytics provide warrants of the legitimate access and use of data. These logs and warrants are available to the patients, who are now in control of who has accessed their data, when, and for what purpose.

Regarding the research-oriented benefits of ASCLEPIOS, the researchers who have the right attributes can access the keys and encrypted data, and perform calculations or apply functions over them without the need to decrypt them. Thus, the privacy of patients – a major concern that hinders medical data sharing for research – is safeguarded.