
Confidential computing: The security that helps accelerate medical breakthroughs
It's becoming a critical component in creating the algorithms that will guide health care into the future.
Breakthroughs in health care begin in the research lab, where the solid protection of the patient data used to develop sophisticated clinical algorithms is as essential as the Hippocratic Oath.
One of the most meaningful ways to protect this sensitive information is a leading-edge approach called confidential computing, which is fast becoming an essential part of multiparty medical research where information is shared.
Confidential computing creates a new and orthogonal privileged domain that is separate from the one controlled by the OS or Hypervisor. The approach protects sensitive applications and data from being compromised or tampered with at runtime by processing them in an isolated trusted execution environment (TEE), often referred to as a "secure enclave." The TEE isolates the data and code in a secure region of the CPU memory to prevent unauthorized access.
Why is this important? Decision-making in health care begins by analyzing reams of clinically meaningful data from which research insights are developed. For example, if you have atrial fibrillation, medical personnel can use the CHADS-VASc atrial fibrillation risk score calculator to estimate the risk of developing a stroke and therefore guide preventative or prescriptive treatment.
The more data, the greater the ability of artificial intelligence and machine learning inferencing to draw meaningful conclusions based on that data. These methods scan vast datasets across a wide array of organizations, including hospitals and health systems, to build unbiased and reliable clinical algorithms that represent a broad spectrum of patients. Throughout the process, health care organizations must protect patient privacy. Confidential computing allows each health care organization to share the results of machine learning inferencing on combined data sets without exposing the contents of the data sets to each contributing organization. Moreover, the TEE renders sensitive information invisible to host operating systems, cloud provider administrators and external attackers.
This demonstrates the amazing potential of confidential computing. It enables researchers to stay on the leading edge of discovery.
In health care, patient data is subject to stringent privacy laws and regulatory requirements. The 2020 HIMSS Healthcare Cybersecurity Survey noted that health care organizations "need to make cybersecurity a fiscal, technical, and operational priority." The study further emphasized that "patient lives depend upon the confidentiality, integrity, and availability of data."
The hardware-rooted confidential computing approach enables multiple groups to share their data without exposing their application or data. This type of security "could be key to accelerating multiparty analysis and algorithm training, while helping to keep data protected and private," said Anil Rao, vice president of data center security at Intel.
Accelerating medical progress
Many believe that AI is going to revolutionize health care, from clinical applications in areas such as imaging and diagnostics to workflow optimization in hospitals to the use of health apps to assess an individual's symptoms.
The ability of these technologies to analyze data and identify trends quickly and accurately has made them an important weapon in tackling critical health care challenges. The University of California San Francisco, for instance, announced in October that its Center for Digital Health Innovation had formed a collaboration with Fortanix, Intel and Microsoft Azure to establish a platform that will be used to develop clinical algorithms that help identify those who need a blood transfusion in an emergency room.
To come up with a reliable algorithm, they needed to gather and crunch a lot of data from many sources. Together with UCSF's BeeKeeperAI privacy-preserving analytics, the platform will leverage the confidential computing capabilities of Fortanix Confidential Computing Enclave Manager, Intel's Software Guard Extensions hardware-based security capabilities and Microsoft Azure's confidential computing infrastructure to provide a "zero-trust" environment that protects both the intellectual property of an algorithm and the privacy of health care data.
It's an important assurance. "Validation and security of AI algorithms is a major concern prior to their implementation into clinical practice," according to Dr. Rachael Callcut, CDHI's director of data science. "Bringing together these technologies creates an unprecedented opportunity to accelerate AI deployment in real-world settings."
The confidential computing technology protects the privacy of patient data by enabling a specific algorithm to interact with a specifically curated data set which remains, at all times, in the control of the health care institution that developed it. "When researchers create innovative algorithms that can improve patient outcomes, we want them to be able to have cloud infrastructure they can count on to achieve this goal and protect the privacy of personal data," said Scott Woodgate, senior director of security at Microsoft.
That combination can speed the development of critical medical services. In the past, this sort of clinical research "was time-consuming and expensive," said Dr. Michael Blum, associate vice chancellor for informatics and executive director of the CDHI. "Much of the cost and expense was driven by the data acquisition, preparation and annotation activities. With this new technology, we expect to markedly reduce the time and cost while also addressing data security concerns."
That could lead to life-changing medical breakthroughs. "This demonstrates the amazing potential of confidential computing," added Rao. "It enables researchers to stay on the leading edge of discovery."
Learn more about confidential computing: