UC San Francisco’s Center for Digital Health Innovation (CDHI), Fortanix, Intel, and Microsoft Azure today have formed a collaboration to establish a confidential computing platform with privacy-preserving analytics to accelerate the development and validation of clinical algorithms.
The platform will provide a “zero-trust” environment to protect both the intellectual property of an algorithm and the privacy of healthcare data, while CDHI’s proprietary BeeKeeperAI will provide the workflows to enable more efficient data access, transformation, and orchestration across multiple data providers.
Gaining regulatory approval for clinical artificial intelligence (AI) algorithms requires highly diverse and detailed clinical data to develop, optimize, and validate unbiased algorithm models. Algorithms that are used in the context of delivering healthcare must be capable of consistently performing across diverse patient populations, socioeconomic groups, geographic locations, and be equipment agnostic. Few research groups, or even large healthcare organizations, have access to enough high-quality data to accomplish these goals.
“While we have been very successful in creating clinical-grade AI algorithms that can safely operate at the point of care, such as immediately identifying life-threatening conditions on X-rays, the work was time consuming and expensive,” said Michael Blum, MD, associate vice chancellor for informatics, executive director of CDHI and professor of medicine at UCSF. “Much of the cost and expense was driven by the data acquisition, preparation, and annotation activities. With this new technology, we expect to markedly reduce the time and cost, while also addressing data security concerns.”
The organizations will leverage the confidential computing capabilities of Fortanix Confidential Computing Enclave Manager, Intel’s Software Guard Extensions (SGX) hardware-based security capabilities, Microsoft Azure’s confidential computing infrastructure, and UCSF’s BeeKeeperAI privacy preserving analytics to calibrate a proven clinical algorithm against a simulated data set. A clinical-grade algorithm that rapidly identifies those needing blood transfusion in the Emergency Department following trauma will be used as a reference standard to compare validation results. They will also test whether the model or the data were vulnerable to intrusion at any point. Future phases will utilize HIPAA-protected data within the context of a federated environment, enabling algorithm developers and researchers to conduct multi-site validations. The ultimate aim, in addition to validation, is to support multi-site clinical trials that will accelerate the development of regulated AI solutions.
“Validation and security of AI algorithms is a major concern prior to their implementation into clinical practice. This has been an oftentimes insurmountable barrier to realizing the promise of scaling algorithms to maximize potential to detect disease, personalize treatment, and predict a patient’s response to their course of care,” said Rachael Callcut, MD, director of data science at CDHI and co-developer of the BeeKeeperAI solution. “Bringing together these technologies creates an unprecedented opportunity to accelerate AI deployment in real-world settings.”
The confidential computing technology protects the privacy of patient data by enabling a specific algorithm to interact with a specifically curated data set which remains, at all times, in the control of the healthcare institution via their Azure confidential computing cloud infrastructure. The data will be placed into a secure enclave within Azure confidential computing, powered by Intel SGX and leveraging Fortanix cryptographic functions—including validating the signature of the algorithm’s image. The data will be processed in a separate enclave securely connected to another enclave holding the algorithm, ensuring multiple parties can leverage the system without needing to trust one another.
“Fortanix pioneered the use of Confidential Computing to secure sensitive data across millions of endpoints in industries such as financial services, defense, and manufacturing,” said Ambuj Kumar, CEO and co-founder of Fortanix. “It is a privilege to work with UCSF and other technology innovators to use Confidential Computing to unlock the potential of healthcare data, and then create breakthroughs in clinical research that will help transform the healthcare industry and save lives.”
“Trusted execution environments enabled by Intel SGX could be key to accelerating multi-party analysis and algorithm training while helping to keep data protected and private. In addition, built-in hardware and software acceleration for AI on Intel Xeon processors enables researchers to stay on the leading edge of discovery,” said Anil Rao, vice president of data center security and systems architecture platform hardware engineering division at Intel. “This collaboration with UCSF, Fortanix and Microsoft Azure demonstrates the amazing potential of confidential computing with Intel’s hardware-rooted protection defending the data.”
“When researchers create innovative algorithms that can improve patient outcomes, we want them to be able to have cloud infrastructure they can count on to achieve this goal and protect the privacy of personal data,” said Scott Woodgate, senior director, Azure security and management at Microsoft Corp. “Microsoft is proud to be associated with such an important project and provide the Azure confidential computing infrastructure to healthcare organizations globally.”