(Informative)
1 Introduction | 2 Actors | 3 Services |
1 Introduction
The architecture of the Health Secure Platform comprises a set of different systems and specific distributed services, enabling the following functionalities:
- End Users acquire Health Data using AIH Apps running on their Front Ends.
- Health Data is AI-processed using the local AI Framework.
- End Users may upload their Health Data to the Back End with an attached Model Licence – to be converted to a Smart Licence by the Back End.
- The Smart Contract residing on a Blockchain governs the use that the Back End and its Third-Party Users can make of the Health Data.
- The Backend may process End Users’ Health Data in its local AI Framework based on the Smart Contract.
- Registered Third-Party Users – qualified health-related entities – may access the Back End and request AI-processing of Health Data present on the Back End based on the relevant Smart Contract(s).
2 Actors
The Health Secure Platform identifies and recognises the following Actors:
- Users
- End User: a user collecting and processing Health Data their with their Front Ends, and licensing their Health Data to the Back End that stores a Smart Contract on a Block Chain. The End User controls and audits the access by any Third-Party User to their AIH Data based on the terms of the said Smart Contract.
- Third-Party User: any qualified third-party entity requiring access to the data on the system or to process that data and extract knowledge by (orchestration of multiple) AI-based mechanisms. Third-Party Users include hospitals, clinics, research centers, caretakers, and others identified according to the MPAI-AIH Taxonomy. Access is granted according to the sub-licensing clauses of the Smart Contract between the Back End and the End User. Smart Contracts are based on approved templates verified for consistency, legal compliance, and technical security before release.
- Data
- Health Data: collected, locally processed, and uploaded by End Users to the Back End, and stored, processed, and sublicensed by the the Back End to Third-Party-Users based on the Terms specified by the relevant End-User.
- External Data: sourced by platforms other than the Health Secure Platform from which the Back End may collect subsidiary data to integrate relevant information for health-related predictions. Access and Provenance of External Data Sources are regulated via Smart Contracts between the Sources and the Backend.
3 Services
The Health Secure Platform is composed of a set of distributed components and services:
- The Frontend, the End User’s personal gateway to their user-data and any external biometric sensors that capture health-related data, and the connection with the Back End that is capable of:
- Capturing End User’s Health Data, e.g., from Google Fit and Apple Health, and external biometric sensors that capture Health Data.
- Locally storing Health Data in a “Secure Data Vault” controlled by the End User.
- AI processing Health Data using standard AIMs and AIWs downloaded from the MPAI-Store which perform the computational operations of the End User’s Health Data, including transformations, training, and inferences.
- Alerting the End-User about any deviation of the value of the captured Health Data that may be caused by disease.
- Uploading the processed Health Data to the Back End.
- Receiving Health Data further processed using the End User’s and other End Users’ Health Data.
- The AIH Back-end, composed of a set of tools that implement the necessary services to securely store, de-identify and anonymise data, control entity authentication and access to data, and license and audit the access to Health Data on the Back End. The Back End gathers anonymised data from various sources (End Users and External Sources) and acts as a broker gateway between Third-Part Entities requesting access to Health Data and its providers. The Back End grants access rights without referring to the identity of the End Users who have provided the data. The Back End may not grant the Third-Party User the right to process Health Data that the relevant End User did not grant to the Back End.
- Blockchain and Distributed Ledgers (B&DLT) enable the system’s transparency and auditability. Each provision of and access to Health Data requires the emission of a license in the form of a Smart Contract that is stored on the B&DLT. The Smart Contract contains information about:
- The parties, e.g., the End User sending Health Data and the Back End, and any future Third-Party User requesting access to and processing of Health Data.
- The Type of Third-Party User (per the MPAI-AIH Taxonomy).
- The Health Data and AIH Models to be used.
- The Rights granted to use the Health Data:
- Type of use of the Health Data (per the MPAI-AIH Taxonomy).
- Type of use of the processed Health Data (per the MPAI-AIH Taxonomy).
- The duration of the Licence.
- The AI Services offered by the Backend can be used directly to process the Health Data on the Front End and extract the specific knowledge sought by the End-User or Third-Party Users based on the Licence. These services are selected from those available from the MPAI Store and may be orchestrated to produce specific analyses for the Third-Party Users that request access to Health Data. AI services through data processing enable specific and customised training of Machine Learning Models to identify and assist in the identification of medical diagnosis and prognosis.
- The AI Federated Learning System (FLS) orchestrates the learning of a central model for medical diagnosis and prognosis, namely by working as a medical anomaly detection tool, receiving model weights data from the client models at each Front End and using it under the terms of the Smart Contract that established between the End User and the Backend. When an improved model is obtained by the FLS, this is uploaded to the MPAI-Store.