Abstract
To improve the treatment of many diseases, continuous monitoring of the patient at home with the ability of doctors to interact with individual cases demands an increasing number of medical devices connected to the cloud. To support the doctor’s duties, such devices may benefit from AI-based diagnosis routines. In order for such devices to be approved and placed on the market, they need to comply with various legal, regulatory, economic, and social requirements. An integral part of these requirements is the protection of the patients’ data.
In this paper, based on a current use case, we describe a workflow on how to identify risks and address their mitigations. To this end, we recall the relevant legal, regulatory, economic, and social data protection requirements. We pursue our findings on a Homecare OCT device that is intended to be used by elderly patients on a daily basis, by taking images of their eyes and sending them for further analysis to a cloud- and AI-based system. The patient’s ophthalmologist gets notified for further dedicated treatment depending on the result. We then compare the Homecare OCT device with a clinical OCT System in regard to various risks to patient data which arise when a medical system is used outside of a secure hospital environment.
To perform the risk management, we describe (i) the architecture of both systems, (ii) analyze their data flow, (iii) discuss several vectors of attack, (iv) propose ways to mitigate the risks, and (v) discuss the handling of potential data breaches.
This work has been conducted in the project “ICT programme” which was supported by the European Union through the European Social Fund.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Apte, R.S.: Age-related macular degeneration. N. Engl. J. Med. 385(6), 539–547 (2021)
Bende, P., Vovk, O., Caraveo, D., Pechmann, L., Leucker, M.: A case study on data protection for a cloud- and AI-based homecare medical device. In: Lamo, Y., Rutle, A. (eds.) The International Health Data Workshop HEDA 2022. CEUR Workshop Proceedings (CEUR-WS.org) (2022)
BMWI: orientierungshilfe zum gesundheitsdatenschutz (2018). https://www.bmwi.de/Redaktion/DE/Downloads/M-O/orientierungshilfe-gesundheitsdatenschutz.pdf?__blob=publicationFile &v=16. Accessed 15 Feb 2022
Consulting, M.: GSPR: general safety and performance requirements for medical devices in the EU (2023). https://mdrc-consulting.com/gspr-en/. Accessed 09 May 2023
Datenschutz-Grundverordnung: verordnung (eu) 2016/679 des europäischen parlaments und des rates zum schutz natürlicher personen bei der verarbeitung personenbezogener daten, zum freien datenverkehr und zur aufhebung der richtlinie 95/46/eg (datenschutz-grundverordnung) (2016). https://eur-lex.europa.eu/eli/reg/2016/679/oj?locale=de. Accessed 16 Feb 2022
Domenech, M.C., Comunello, E., Wangham, M.S.: Identity management in e-health: a case study of web of things application using OpenID connect. In: 2014 IEEE 16th International Conference on e-Health Networking, Applications and Services (Healthcom), pp. 219–224 (2014)
Eidel, O.: Template: risk management plan and risk acceptance matrix (2020). https://openregulatory.com/risk-management-plan-risk-acceptance-matrix-template-iso-14971/. Accessed 26 Apr 2023
ENISA: pseudonymisation techniques and best practices (2019). https://www.enisa.europa.eu/publications/pseudonymisation-techniques-and-best-practices. Accessed 11 Feb 2022
European Commission: article 29 working party opinion 05/2014 on anonymisation techniques (2014)
Fujimoto, J.G., Pitris, C., Boppart, S.A., Brezinski, M.E.: Optical coherence tomography: an emerging technology for biomedical imaging and optical biopsy. Neoplasia 2(1–2), 9–25 (2000)
GDPR: regulation (eu) 2016/ 679 of the European parliament and of the council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing directive 95/46/ec (2016). https://eur-lex.europa.eu/eli/reg/2016/679/oj. Accessed 01 Feb 2022
Gurfinkel, A.: Fault, error, and failure (2019). https://ece.uwaterloo.ca/~agurfink/stqam.w19/assets/pdf/W01P2-FaultErrorFailure.pdf. Accessed 01 May 2023
Hardt, D.: The oauth 2.0 authorization framework. RFC 6749, RFC Editor (2012). https://www.rfc-editor.org/rfc/rfc6749.txt
Hwang, J., Aziz, A., Sung, N., Ahmad, A., Gall, F.L., Song, J.: AUTOCON-IoT: automated and scalable online conformance testing for IoT applications. IEEE Access 8, 43111–43121 (2020)
IBM: IBM report: Compromised employee accounts led to most expensive data breaches over past year (2020). https://newsroom.ibm.com/2020-07-29-IBM-Report-Compromised-Employee-Accounts-Led-to-Most-Expensive-Data-Breaches-Over-Past-Year. Accessed 24 Mar 2022
IEEE: Standard glossary of software engineering terminology. IEEE Std 610.12-1990, pp. 1–84 (1990). https://doi.org/10.1109/IEEESTD.1990.101064
Interessengemeinschaft der Benannten Stellen für Medizinprodukte in Deutschland: questionnaire artificial intelligence in medical devices (2022). https://www.ig-nb.de/veroeffentlichungen/. Accessed 09 May 2023
ISO/IEC 27001: Information security management systems requirements. International Organization for Standardization, Vernier, Geneva, Switzerland (2022). https://www.iso.org/standard/27001
Johner, C.: ISO 14971 and risk management (2015). https://www.johner-institute.com/articles/risk-management-iso-14971/. Accessed 29 Mar 2022
Johner, C.: Risk assessment, risk acceptance matrix (2015). https://www.johner-institute.com/articles/risk-management-iso-14971/risk-acceptance/. Accessed 26 Apr 2023
Johner, C.: Datenschutz im gesundheitswesen bei medizinischen daten (2020). https://www.johner-institut.de/blog/regulatory-affairs/datenschutz-bei-medizinischen-daten/. Accessed 25 Mar 2022
Kumar, M., Rossbory, M., Moser, B.A., Freudenthaler, B.: Deriving an optimal noise adding mechanism for privacy-preserving machine learning. In: Anderst-Kotsis, G., et al. (eds.) DEXA 2019. CCIS, vol. 1062, pp. 108–118. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-27684-3_15
Lewis, J.E.: Web single sign-on authentication using SAML. IJCSI Int. J. Comput. Sci. Issues 2 (2009)
Lodderstedt, T., Bradley, J., Labunets, A., Fett, D.: OAuth 2.0 security best current practice. Internet-Draft draft-ietf-oauth-security-topics-19, Internet Engineering Task Force (2021). https://datatracker.ietf.org/doc/html/draft-ietf-oauth-security-topics-19
Medical Device Coordination Group: Guidance on cybersecurity for medical devices (2020). https://health.ec.europa.eu/system/files/2022-01/md_cybersecurity_en.pdf. Accessed 09 May 2023
Naik, N., Jenkins, P.: Securing digital identities in the cloud by selecting an apposite federated identity management from SAML, OAuth and OpenID connect. In: 2017 11th International Conference on Research Challenges in Information Science (RCIS), pp. 163–174 (2017)
Okada, M., Kandasamy, R., Chong, E.W.T., McGuiness, M.B., Guymer, R.H.: The treat-and-extend injection regimen versus alternate dosing strategies in age-related macular degeneration: a systematic review and meta-analysis. Am. J. Ophthalmol. 192, 184–197 (2018)
Qiu, H., Qiu, M., Liu, M., Memmi, G.: Secure health data sharing for medical cyber-physical systems for the healthcare 4.0. IEEE J. Biomed. Health Inf. 24(9), 2499–2505 (2020)
Rigaki, M., Garcia, S.: A survey of privacy attacks in machine learning. CoRR abs/2007.07646 https://arxiv.org/abs/2007.07646 (2020)
Rigaki, M., Garcia, S.: A Survey of privacy attacks in machine learning. arXiv:2007.07646 (2021)
Sabaliauskaite, G., Adepu, S.: Integrating six-step model with information flow diagrams for comprehensive analysis of cyber-physical system safety and security. In: 2017 IEEE 18th International Symposium on High Assurance Systems Engineering (HASE), pp. 41–48 (2017)
Sakimura, N., Bradley, J., Jones, M., de Medeiros, B., Mortimore, C.: OpenID connect 1.0 specification (2014). https://openid.net/specs/openid-connect-core-1_0.html. Accessed 30 Mar 2022
Schneeberger, D., Stöger, K., Holzinger, A.: The European legal framework for medical AI. In: International Cross-Domain Conference for Machine Learning and Knowledge Extraction, pp. 209–226 (2020)
Seeck, A.: Post-market surveillance und Überwachung der produkte im markt (2022). https://www.johner-institut.de/blog/regulatory-affairs/post-market-surveillance/. Accessed 17 Nov 2022
Seifermann, S., Heinrich, R., Werle, D., Reussner, R.: Detecting violations of access control and information flow policies in data flow diagrams. J. Syst. Softw. 184, 111138 (2022)
Sloane, E.B., J. Silva, R.: Chapter 83 - artificial intelligence in medical devices and clinical decision support systems. In: Iadanza, E. (ed.) Clinical Engineering Handbook (Second Edition), pp. 556–568. Academic Press, second edition edn. (2020)
Union, E.: Regulation (eu) 2017/745 of the European parliament and of the council of 5 April 2017 on medical devices, amending directive 2001/83/ec, regulation (ec) no 178/2002 and regulation (ec) no 1223/2009 and repealing council directives 90/385/eec and 93/42/eec (text with eea relevance. ) (2017). https://lexparency.org/eu/32017R0745/. Accessed 17 Nov 2022
Vovk, O., Piho, G., Ross, P.: Anonymization methods of structured health care data: a literature review. In: Attiogbé, C., Ben Yahia, S. (eds.) MEDI 2021. LNCS, vol. 12732, pp. 175–189. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-78428-7_14
Zhou, S., et al.: A retrospective study on the effectiveness of artificial intelligence-based clinical decision support system (AI-CDSS) to improve the incidence of hospital-related venous thromboembolism (VTE). Ann. Transl. Med. 9(6), 491 (2021)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer-Verlag GmbH, DE, part of Springer Nature
About this chapter
Cite this chapter
Bende, P., Vovk, O., Caraveo, D., Pechmann, L., Leucker, M. (2024). A Case Study on Data Protection for a Cloud- and AI-Based Homecare Medical Device. In: Koutny, M., Bergenthum, R., Ciardo, G. (eds) Transactions on Petri Nets and Other Models of Concurrency XVII. Lecture Notes in Computer Science(), vol 14150. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-68191-6_6
Download citation
DOI: https://doi.org/10.1007/978-3-662-68191-6_6
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-68190-9
Online ISBN: 978-3-662-68191-6
eBook Packages: Computer ScienceComputer Science (R0)