MedCo: New software to securely transfer data across hospitals

The MedCo system aims to facilitate medical research on pathologies — such as cancer and infectious diseases — by enabling secure computations on decentralized data. The unique software has recently been deployed at three Swiss hospitals.


In 2019, scientists in the Laboratory for Data Security (LDS) in EPFL’s School of Computer and Communication Sciences (IC), in collaboration with the Lausanne University Hospital (CHUV) have developed a software called MedCo as the first operational system to protect sensitive patient data so that it can be used collectively for medical research.

Now, after a year, MedCo has currently been deployed across the university hospitals of Lausanne, Geneva, and Bern.

The software’s interface is designed in such a way that medical professionals who are not necessarily computer science experts can use it effortlessly. Its decentralized model is based on a cryptographic principle called secure multiparty computation, which makes it possible to analyze the data at the different hospitals confidentially.

LDS senior researcher Juan Troncoso-Pastoriza said“When paired with the power of homomorphic encryption, which allows computations to be performed on encrypted data without decrypting it, the data remains protected end-to-end from both internal and external attacks.”

CHUV deputy managing director Oliver Peters said, “The opportunity to query decentralized databases securely, while eliminating the possibility of identifying patients, is an important lever for accelerating university clinical research in Switzerland.”

Oncologist Petros Tsantoulis of the Geneva University Hospital (HUG) said, “As our ability to analyze and understand the diseases of individual patients grows, learning from experience becomes a necessary driver for improvement in patient care. MedCo enables us to gain precious insight from patients’ clinical histories.”

LDS head Jean-Pierre Hubaux believes that once it is fully operational, MedCo will facilitate research across hospitals and other health-related institutions.

He said, “The ability to carry out computations on data without moving or decrypting it is crucial.”


See stories of the future in your inbox each morning.