AIT system enables research using health data in compliance with data protection regulations
With EUPID Services, the AIT Austrian Institute of Technology offers a certified solution for the secure pseudonymisation and linking of sensitive health data for research purposes. Independent certification confirms compliance with the requirements of the General Data Protection Regulation (GDPR), strengthening confidence in the privacy-compliant use of health data for scientific research.
Research involving health data faces a key challenge: data must be analysable and linkable across different sources while ensuring that the identity and privacy of individuals remain protected. Particularly when working with sensitive personal data, simply removing names is not sufficient. Technical and organisational procedures are required that enable data to be used in compliance with data protection regulations while supporting scientifically robust analyses.
This is precisely where the EUPID (European Patient Identity Management) Services developed by the AIT Austrian Institute of Technology come in. The services enable researchers to analyse health data securely and in compliance with data protection regulations. Names and other directly identifying information are neither passed on nor stored but are replaced by pseudonyms.
Independent GDPR certification
The accredited certification body DSGVO-ZT has confirmed that the EUPID Services provided by AIT comply with the requirements of the General Data Protection Regulation. This independent certification strengthens confidence in the privacy-compliant use of sensitive health data and supports the further international establishment of EUPID as a trusted infrastructure for health research.
Researchers can therefore work with related datasets without names or other directly identifying information being disclosed.
Secure linkage of distributed datasets
A key advantage of EUPID is its ability to identify and link data belonging to the same individual even when it is stored in different datasets under different pseudonyms. This approach provides maximum protection for the privacy of data subjects while enabling high-quality research using distributed datasets.
Supporting research with sensitive health data
Such solutions are particularly valuable where personal health data is stored across multiple locations and there is a strong need for collaborative research. One example is childhood cancer research, where EUPID has already been successfully deployed.
“Particularly when it comes to sensitive health data, data protection must not only be taken into account but also implemented in a technically traceable manner. The certification of EUPID Services provides additional reassurance for research partners, ethics committees and affected patients”, explains Dieter Hayn, Senior Scientist in the Competence Unit Digital Health Information Systems at the AIT Center for Health and Bioresources.
Strengthening international research collaborations
For AIT, the GDPR certification represents an important milestone in the further deployment of EUPID across international research networks. It also sends a strong signal to potential partners by increasing confidence in the services, facilitating the resolution of data protection questions and confirming that the pseudonymisation and linkage of sensitive datasets are carried out on an independently audited platform.
Contact
Mag. Florian Hainz, BA
AIT Communication – Press & PR
AIT Austrian Institute of Technology
Phone: +43 (0)50550-4518
E-mail: florian.hainz@ait.ac.at
Website: www.ait.ac.at