CUREX

Electronic Health Data Exchange considering Security & Privacy

Prof. Christos Xenakis

Prof. Christos Xenakis is a faculty member of the Department of Digital Systems of the University of Piraeus. He has participated in numerous projects realized in the context of EU Programs (ACTS, ESPRIT, IST, AAL, DGHOME, Marie Curie, Horizon2020) as well as National Programs (Greek). He is the project manager the CUREX, SECONDO, INCOGNITO and SealedGRID projects, funded by Horizon2020, while he was the project manager of the ReCRED project funded by Horizon 2020 and the technical manager of the UINFC2 project funded by DGHOME/ISEC. His research interests are in the field of systems, networks and applications security.

ABSTRACT

The Health sector’s increasing dependence on digital information and communication infrastructures renders it vulnerable to threats to privacy and cybersecurity, especially as the theft of health data has become particularly lucrative for cyber criminals. At the same time, a breach of integrity of health data can have dramatic consequences for the patients affected. To comprehensively address the protection of the confidentiality and integrity of health data, we propose CUREX, a novel, flexible and scalable situational awareness-oriented platform that allows a healthcare provider to assess the realistic cybersecurity and privacy risks they are exposed to, while also suggesting mathematically optimal strategies for addressing cyber risks with safeguards tailored specifically for each business case and application. At its core, a decentralised architecture enhanced with a private blockchain infrastructure ensures the integrity of the risk assessment process and of all data transactions that occur between the diverse range of stakeholders involved. Crucially, CUREX expands beyond technical measures and places emphasis also on improving cyber hygiene through training and raising awareness activities for a healthcare institution’s personnel. Being fully GDPR compliant by design, CUREX aspires to impact the European market developing one of the first blockchain platforms for risk assessment management under the GDPR.