VaultDB: A Real-World Pilot of Secure Multi-Party Computation within a Clinical Research Network
share
Electronic health records represent a rich and growing source of clinical data for research. Privacy, regulatory, and institutional concerns limit the speed and ease of data sharing in this context. We introduce VaultDB, a framework for securely computing SQL queries over the union of private data from two or more sources. VaultDB evaluates queries using secure multiparty computation: cryptographic protocols that securely evaluate a function such that the only information revealed from running them is the query answer. We describe the development of a HIPAA-compliant version of this framework using the Chicago Area Patient Centered Outcomes Research Network (CAPriCORN), a multi-institutional clinical research network that spans the electronic health records of nearly 13M patients over hundreds of clinics and hospitals in the Chicago metropolitan area. Our results from deploying this technology at three health systems within this network demonstrate its efficiency and scalability to conduct multiparty clinical research analyses without moving patient records from their site of origin.
READ FULL TEXT