Leonardo Chiariglione
2026-02-04

The 64th MPAI General Assembly has approved publication of Technical Specification: AI for Health (MPAI-AIH) – Health Secure Platform (AIH-HSP) V1.0 with a request for Community Comments to be received by the MPAI Secretariat by 16 March 2026. This paper gives an overview of the proposed standard introduction to help those who wish to review and comment on AIH-HSP.

The Health Secure Platform specifies the architecture of a platform offering health-related services enabling the following functionalities:

  1. End Users use AIH-HSP Apps running on their Front Ends (personal devices) to acquire Health Data.
  2. Health Data, combined with an associated Model Licence, are called AIH Data.
  3. AIH Data is uniquely identified.
  4. AIH Data is processed by the Front End using an instance of the MPAI-specified AI Framework (MPAI-AIF).
  5. Front End processes AIH Data using AI-for-Health-recommended AI Modules (AIM) downloaded from the MPAI Store.
  6. Neural Networks in AIMs continually learn while making inferences on AIH Data.
  7. Un-processed and Processed AIH Data are uploaded to the AI Back End.
  8. Back End stores the Model Licence as a Smart Contract on a Blockchain associated with the Back End.
  9. A Smart Contract ID is added to the AIH Data.
  10. The Smart Contract governs the use that is made of the AIH Data stored on the Back End.
  11. Depending on the relevant Smart Contract, an instance of AIH Data stored on the Back End may be processed by the Back End itself and Third-Party Users.
  12. The Back End may process End Users’ AIH Data in its local AI Framework based AI Data Processing AIM.
  13. A rich AIH Taxonomy includes:
    1. AIH Data Classes (currently: ECG, EEG, Genomics, and Medical Images).
    2. AIH Data Users (currently: End User, Non-Profit Entity, Profit Entity, Clinical Entity, Authorised Entity, Caregiver).
    3. AIH Data Statuses (currently: Anonymised, Pseudonymised, Identified).
    4. AIH Data Usages (currently: Unrestricted, Pseudonymised, Anonymised, Research, Patient use, Health care).
    5. AIH Data Processing Types (currently: ECG, EEG, Genomics, Medical Images).
    6. Anonymisation/De-Identification Algorithms.
    7. Anomaly Types.

 

Figure 1 depicts the Health Secure Platform specified by AI for Health. At the centre there is the Back End to which Front Ends and Third-Party Users are connected. The MPAI Store enables Back End and Front Ends to access the AI Modules they need for their processing. The Blockchain manages the licencing terms provided to it by the Model Licence.

Figure 1 – General Model of AIH-HSP V1.0

 

Figure 2 depicts the architecture of the AIH Back End where Back End, End User, Blockchain, and Third-Party Users perform operations.

Figure 2 – Reference Model of the Health Back End (AIH-HBE) AIW

 

  1. Back End accesses the MPAI Store and downloads the AIMs required for its operation.
  2. User Registration
    1. A User wishing to access the Back End, sends a Registration Request containing Personal Profile and list of Service they intend to access.
    2. Back End provides the Tokens enabling the requesting User to access the corresponding Services.
  3. Storage of AIH Data
    1. End User uploads AIH Data.
    2. HBE Data Processing
      1. Extracts Model Licence from AIH Data.
      2. Issues Blockchain Licence Request to Blockchain.
    3. Blockchain
      1. Converts Model Licence to a Smart Contract.
      2. Responds with a Blockchain Licence Request.
    4. HBE Data Processing
      1. Attaches Blockchain Licence ID to AIH Data.
      2. Stores AIH Data in Secure Storage
    5. De-Identification/Anonymisation (DIA) of AIH Data
      1. End User sends a DIA Request.
      2. HBE Data Processing
        1. Retrieves relevant AIH Data from Secure Storage.
        2. (Pseudo-)Anonymises AIH Data.
        3. Stores (Pseudo-)Anonymised AIH Data back to Secure Storage.
        4. Responds with a DIA Response.
      3. AIH Data Processing
        1. User sends AIH Process Request.
        2. HBE Data Processing sends a Licence Confirm Request to the Blockchain.
        3. Blockchain responds with a Licence Confirm Response.
        4. HBE Data Processing
          1. Performs the requested Processing, if this is included in the Licence.
          2. Stores the Processed AIH Data as new AIH Data.
          3. Responds with an AI Data Process Response.
        5. Audit
          1. End User sends Audit Request.
          2. Auditing
            1. Retrieves relevant Confirmation Responses to verify that all Processing was performed according to the Licence terms.
            2. Responds with Audit Response.
          3. Federated Learning
            1. Federated Learning sends Federated Learning Request to all Health Front Ends.
            2. Health Front Ends provide the NN Models.
            3. Federated Learning
              1. Develops and upload the new NN Model to the MPAI Store.
              2. Sends Federated Learning Response to Health Front Ends.
            4. Front Ends download the new NN Model from the MPAI Store.

Figure 3 depicts the Reference Architecture of the Health Front End (AIH-HFE) where Front End and End User perform operations.

Figure 3 – Reference Model of the Health Front End (AIH-HFE) AIW

 

  1. End User registers with HFE and HBE.
  2. End User acquires Health Data with a Health Device and provides Model Licence.
  3. Model Licencing AIM attaches Model Licence to Health Data, produces AIH Data and Stores AIH Data.
  4. End User processes AIH Data locally.
  5. End User stores AIH Data to HFE.
  6. End User processes AIH Data remotely on the Back End.
  7. HFE receives Federated Learn request.
  8. HFE sends the NN Model trained since last Federated Learn request to HBE.

 

The AIH-HSP V1.0 standard is available. An online presentation will be made on 2026/02/09 T15 UTC. Register to attend.

Comments on AIH-HSP V1.0 shall reach the MPAI Secretariat by 2026/03/16.

 

Leave a comment InAll posts