Use Case 3 Healthcare

Cybersecurity for Healthcare Identities

Healthcare
Healthcare digital technology and cybersecurity
Partner Organization

Hospital do Espírito Santo Évora (HES) in Évora, Portugal, serves as the primary and largest healthcare facility in the Alentejo region, attending to a population of 498,804 individuals. Aligned with the Internal Health Network managed by the Ministry of Health Services, HESE recognizes the critical need for cybersecurity in the healthcare sector.

RECITALS Objectives
  • Protect patient health and sensitive medical data from potential breaches
  • Implement resilient secure digital identities for healthcare personnel and systems
  • Address risks posed by cybercriminals targeting personal health information
  • Enable secure data sharing through the European Health Data Space (EHDS)
Challenge Areas

Healthcare System Interoperability

Integration challenges persist across healthcare providers, demanding novel approaches for efficient and secure data flow. The HES environment requires seamless integration between the Health Information System (HIS), Laboratory Information System (LIS), and Picture Archiving and Communication System (PACS), while maintaining strict privacy standards.

Privacy-Preserving Technologies

Healthcare requires advanced cryptographic techniques—homomorphic encryption and secure multiparty computation—to enable data analysis without exposing raw patient data. Balancing information sharing needs with individual privacy while ensuring only authorized personnel access specific patient records remains a critical challenge.

Digital Identity Management

The absence of standardized digital identity protocols in healthcare creates security vulnerabilities. Patient-centric identity management systems are needed to empower individuals with control over their health data, while federated identity systems enable secure authentication across different healthcare institutions through biometric and role-based access controls.

Cybersecurity Resilience

Increasing cyber threats demand specialized tools for regular security resilience testing, particularly in identity management systems and domain controllers. The market gap exists for comprehensive, affordable, and scalable solutions that can proactively counter emerging risks in healthcare environments.

RECITALS Solution

The HES Test Environment pilots innovative privacy-preserving technologies for healthcare digital identity management. The solution generates synthetic data through a dedicated testbed mirroring HES operational environment, including dynamic user, infrastructure, and control plane datasets tailored to healthcare scenarios.

  • Cryptography and Anonymization Manager facilitates secure, privacy-preserving data sharing through the European Health Data Space (EHDS) for medical research and therapy development
  • Privacy-preserving data analytics and federated learning modules enable refined, processed data sharing while maintaining patient confidentiality
  • Modular system design allows seamless integration into existing HES workflows and IT infrastructure for identity management, analytics, and compliance
  • Interoperability framework ensures secure data exchange across diverse healthcare systems and formats
  • Cybersecurity resilience testing for identity management systems and domain controllers to detect and mitigate threats
Measurable Goals
  1. 95% success rate in threat detection and mitigation during simulated attacks on identity management systems
  2. 100% implementation of advanced cryptographic techniques across all HES data-sharing processes
  3. 90% system interoperability achieved between HIS/EHR and RECITALS with zero data loss or errors during testing
  4. 98% cyber threat detection and response within 5 seconds, preventing unauthorized healthcare system access
  5. 95% detection rate for insider threats through behavioral analytics monitoring user activities and anomalous patterns
Collaborating Partners: NKUA, TUD, UPC, PDM, LUH, TCD