The European Commission response to the need for security and privacy-by-design, is not only the set-up regulatory measures (GDPR, MDR, EU Directive 2016/1148), but also the funding, through the Horizon 2020 programme, of research and innovation projects to develop solutions that are effective and usable in the healthcare context. DEFeND, PANACEA, PAPAYA, CUREX and SPHINX are some of them.

  • The DEFeND (Data Governance for Supporting GDPR) project provides an innovative data privacy governance platform which supports healthcare organizations towards GDPR compliance using advanced modelling languages and methodologies for privacy-by-design and data protection management.
  • The PANACEA (Protection and Privacy of Hospital and Health Infrastructures with Smart Cyber Security and Cyber Threat Toolkit for Data and People) project provides all healthcare actors with an assessment and system monitoring audit workflow to easily run conformity assessment and engineering assessment
  • The PAPAYA (PlAtform for PrivAcY preserving data Analytics) project is developing privacy-by-design solutions and a dedicated platform for data analytics tasks which are outsourced to untrusted data processors.
  • The CUREX (Secure and Private Health Data Exchange) project is enabling secure and authorized sensitive health data exchange.
  • The SPHINX (A Universal Cyber Security Toolkit for Health-Care Industry) project aims to introduce a Universal Cyber Security Toolkit, thus enhancing the cyber protection of Health IT Ecosystem and ensuring the patient data privacy and integrity. It will also provide an automated zero-touch device and service verification toolkit that will be easily adapted or embedded on existing, medical, clinical or health available infrastructures.

Cluster Objectives

The current level of privacy protection and security must be improved, also because most of the existing assets were designed when data privacy and cybersecurity were not an issue. So, the cluster will lead Healthcare organisations to invest, to substitute/upgrade “obsolete” assets, adopting a “security and privacy-by-design” approach.

Who benefits?

  • Organisations required to comply with GDPR
  • Organisations seeking to integrate privacy-by-design into their development processes
  • Organisations seeking to perform privacy impact assessments
  • Third party organisations wanting to benefit from the statistics obtained/valuable information from privacy preserving data analytics tools
  • Hospitals, pharmacies, and nursing homes
  • Software.system developers
  • Medical device manufacturers
  • Digital service providers
  • Patients


All healthcare actors need to comply with the EU regulatory framework:

  • GDPR (EU) 2016/679
    • Art. 25 Data protection by design and by default: […] the controller shall […] implement appropriate technical and organisational measures, […] designed to implement data-protection principles.
    • Art. 30 Records of processing activities: Each controller […] shall maintain a record of processing activities under its responsibility.
  • DIRECTIVE (EU) 2016/1148, security of network and information systems across the Union.
    • Whereas 50): […] manufacturers and software developers […] play an important role in enabling operators of essential services and digital service providers to secure their network and information systems.
  • Medical Device Regulation (EU) 2017/745.
    • Requirements regarding design and manufacture. 17.2: For devices […], the software shall be developed and manufactured in accordance with the state of the art taking into account the principles of development life cycle, risk management, including information security, verification and validation.

Innovations and solutions

The DEFeND project provides an innovative data privacy governance platform which supports healthcare organizations towards GDPR compliance using advanced modelling languages and methodologies for privacy-by-design and data protection management. Specific innovations of the project include:

  • the development of advanced modelling languages and methodologies for privacy-by-design and data protection management;
  • Automated methods and techniques to elicit, map and analyse data that organizations hold for individuals;
  • Integrated encryption and anonymisation solutions for GDPR;
  • methods and automation techniques for the specification, management and enforcement of personal data consent;
  • a modular solution that covers different aspects of GDPR.

The PANACEA project has developed, with three European Healthcare Centres, a people-centric toolkit of nine tools, to assess and improve the cybersecurity readiness of healthcare socio-technical systems (ICT, networked medical devices, staff) and of medical device/system lifecycles. It includes software-based innovative tools:

  • dynamic risk assessment, based on a multi-layer attack graph model including “human” and “business” layers, and automatic generation of mitigation recommendations,
  • inter-organizational secure information and heavy images sharing,
  • regulatory compliant security-by-design and certification of systems/medical devices,
  • machine-to-machine and smartphone-based facial identification (also with masks).
  • It also includes non-technical tools, influencing staff behaviour and supporting the management through:
  • contextualized risk governance models,
  • educational voiceless videos,
  • methodology to produce behavioural “nudges”,
  • methodology to maximize cybersecurity return-on-investment,
  • guidance for contextualized deployment of previous tools.
Potential integrated use of the nine tools’ is a further innovative feature, supporting full plan-do-check-act and multi-disciplinary approaches to cybersecurity preparedness.

The CUREX project provides GDPR compliant tools and applications targeted towards healthcare professionals and individuals, offering a secure and private-by-design environment to access and exchange data. The CUREX solution analyses information coming from the monitoring infrastructure to compute cybersecurity and privacy risk scores associated to the data exchange in a Health domain. CUREX has five discrete areas: (i) Asset and Vulnerability Discovery, whose goal is to discover the system’s assets and any information related to their associated vulnerabilities; (ii) Threat Intelligence, aiming at detecting real time abnormal behaviours on users, and devices, as well as anomalies in the data in order to identify new and unknown threats; (iii) Risk Management, aiming at producing risk scores and optimal safeguards towards a cyber strategy of the healthcare organisation; (iv) Trust Enhancing, which will make use of decentralized platform based on blockchain technology to store and share private and sensitive data; and (v) Application and Visualisation, to display the platform dashboard in a synthetized way. Each area includes one or more of the following tools.

  • Asset Discovery Tool (ADT)
  • Knowledge Extraction and Analytics (KEA)
  • Vulnerability Discovery Manager (VDM)
  • Threat Intelligence Engine (TIE)
  • Cybersecurity Assessment Tool (CAT)
  • Privacy Assessment Tool (PAT)
  • Optimal Safeguards Tool (OST)
  • Private Blockchain (PrB)
  • Health professional Application (HPA)
  • Patient Application (PA)
  • CUREX Visualization Tool (CVT)

SPHINX introduces a Universal Cyber Security Toolkit, thus enhancing the cyber protection of Health IT Ecosystem and ensuring the patient data privacy and integrity. It also provides an automated zero-touch device and service verification toolkit that will be easily adapted or embedded on existing, medical, clinical or health available infrastructures. The Toolkit’s capabilities include vulnerability assessment of Health IT Ecosystems in near real-time response, as well as evaluation and verification of new medical devices and provision of the SPHINX Certification.


DEFeND makes significant contributions in increasing trust and confidence in the digital single market, through the provision of a platform to support data privacy protection and the development of services that respect citizen privacy. As a result, organisations using the platform will demonstrate the measures they take, which in turn will improve transparency. DEFeND will also increase the use of privacy-by-design principles in ICT systems and services at different levels. At the (service/system) planning level, it provides tools and methods from the security and privacy requirements area that support elicitation, modelling and analysis of privacy concerns from the early stages of the service/system development process. At the operational level, it provides analysis techniques and tools that implement privacy-by-design specifications. Apart from the practical contributions, the project also makes significant contributions to the PbD state-of-the-art by extending work in the PbD methodologies to operate within the context of the GDPR.

The impacts of PANACEA include:

  • Increased cybersecurity compliance: governance tools customised for healthcare allow hospitals to plan the alignment with the European regulatory framework, maximizing it vs. their available investment capability.
  • Increased capability to maintain cybersecurity preparedness: in their dynamic environment, PANACEA toolkit allows hospitals to continuously and rapidly assess and adjust all vulnerable components of their operations, i.e. ICT, staff and medical devices.
  • Increased capability to reduce healthcare technological vulnerability/non-compliance: in a sector where most of existing systems/medical devices were designed when cybersecurity was not an issue, PANACEA security-by-design solutions support (i) system/medical devices' providers in developing compliant and more secure assets, (ii) hospitals and digital service providers in procuring and deploying them for substitution/upgrading of less-secure/non-compliant assets.
  • Increased business continuity and patients' trust: the combination of previous impacts, reduces the risk of operations’ disruption, improper access to patients' related data, unsafe use of medical devices.

The main business impacts of PAPAYA are as follows:

  • Businesses improve their management and use of personal/sensitive data while empowering the data subjects, respecting their privacy wishes and increasing transparency over how their data is collected, stored, and processed.
  • Users’ trust and confidence in online services has increased, making them more willing to share data for legitimate purposes.
  • More accurate personal data can be used and shared, in a controlled and transparent manner, to the benefit of enterprises, end users and society, and in line with fundamental rights and EU directives.
  • Businesses can spend less time on engineering privacy into their systems, and focus on deriving more worth from their data.

Healthcare ICT infrastructures need to be flexible enough in order to adapt to the everchanging cyber threat environment and increase their cyber threat detection capabilities, thus targeting for more efficient and more effective response capabilities, and safeguarding information integrity, data protection and privacy, lowering the potential negative impact cyber threats have on the citizens’ fundamental rights.
CUREX comes to address this issue, delivering a novel, flexible and scalable situational awareness-oriented platform, addressing advanced cybersecurity threats, targeted at critical healthcare information infrastructures, safeguarding the privacy of patients, leveraging secure, authorised and fully auditable exchange of sensitive health data, and facilitating cyberthreat situational awareness uplifting, optimal defence strategy design and cyber-risk management and mitigation through recommendation of optimal security safeguards. The framework is targeting at the provision of a set of security and privacy assessment tools, decision support methods for proposing optimal risk mitigation safeguards, along with privacy preserving applications, thus delivering services to all actors and stakeholders involved in the value chain including: IT/Security Solution Architects; Information Security Experts, Chief Information (Security) Officers, Risk Managers, Decision Makers, Healthcare professionals, and of course reaching down to the information owners, the patients.

SPHINX project envisages to contribute to the expected impacts set out in the H2020 work programme ‘Toolkit for assessing and reducing cyber risks in hospitals and care centres to protect privacy/data/infrastructures’. In this context, the project outcomes are going to:

  • Improve the security of Health and Care services, data and infrastructures. In the post-SPHINX era end-users, including even patients and healthcare professionals, will get a comprehensible insight view of how cyber security works, what vulnerabilities may exist, and how to better manage cyber security threats. This will lead to increased patient trust and safety.
  • Reduce the risk of data privacy breaches caused by cyberattacks. Healthcare infrastructures, like hospital units, will minimize the exposure to security risks/threats. SPHINX will increase the system availability during cyber-attacks maintaining a greater part of the IT resources under normal operation and decrease the hours for system recovery after a successful cyber-attack

Join the Health Project Cluster                   Joint Webinar                     Joint Recommendations Report 


On the event of the adoption of the draft regulation laying down measures for a high common level of cybersecurity at the institutions, bodies, offices and agencies of the Union, the AI4HealthSec project kicked off a process to provide its opinion.