Medical Data is a very sensitive element, whose exposure may bring unexpected risks. Your data is much more exposed than you think, and I am proposing ways to mitigate that.
[DSC Adria 23]Josema Cavanillas How To Mitigate the Exposure Risk in Clinical Data.ppsx
1. 1
an atos business
How to mitigate the exposure risk in clinical
data
A discussion about the data of health and the health of data
Josema Cavanillas - VP - Head of Health & Life Sciences Sales for Eastern Europe
18/05/2023
2.
3. 3
How did you know?
3
Places you have been to
Past/future bought items
Sports interests
Intended future actions
Culture topics
Pets
5. 5
How to mitigate the exposure risk in clinical data
A discussion about the data of health and the health of data
5
Josema Cavanillas
VP - Head of Health & Life Sciences Sales for Eastern Europe
Member of the Atos Scientific Community
Member of the Atos Expert Community
7. 7
A snapshot
• We're a circa €5 billion revenue Atos business that will become
an independent company in late 2023.
• A new digital scale-up where brilliant minds come together to
sustainably expand the possibilities of data and technology.
• We cover 6 areas (Digital Transformation, Smart Platforms,
Cloud, Advanced Computing, Digital Security and Net Zero) in 7
industries,
• We're unique in being able to bring all these capabilities
holistically for our clients with the combination of our own
Intellectual Property (IP) and of the IP of our leading
partners.
57,000 engineers and problem-solvers in
45 countries.
Worldwide #1 in managed security
services
Worldwide #3 and European #1 in high-
performance computing
Visionary In Public Cloud
Leader in Data & Analytics
Deep expertise in technology and data
value chains: 2,100 patents,
50,000+ certifications
7
8. 8
Where the people are
8
57,000 engineers and problem-solvers in 45 countries.
Americas
5,200
30% revenue
Central & Southern Europe,
Middle East and Africa
21,000
47% revenue
Northern Europe and APAC
31,000
23% revenue
9. 9
Our Core Values
We’re one #TeamEviden spread across the world, with a set of values born from our people.
9
We are practical, but we also
know when to take audacious
risks in pursuit of progress.
We have a deep commitment to
sustainability; it’s our responsibility to
use technology to improve the well-
being of people and planet.
We use our curiosity to
transform possibility into reality
and take our work to the next
level.
We foster an inclusive, equitable
community because we’re smarter,
stronger and have more fun
together. We forge trusted
relationships that are built-to-last.
#GrowTogether #DareToTry #DoTheRightThing #StayCurious
1 2 3 4
10. 10
We are at a turning point in business
2
3
1 Digital acceleration
From siloed to blended physical + digital worlds
Fractured world
From globalization to a volatile, multi-polar world
in polycrisis
Ecological challenges
From abundant resources to scarcity, energy and climate
crises
• Data drives business
• Automation/AI needed everywhere
• Digital talent war rises
• Security, resilience,
and sovereignty are becoming
more than ever critical for
survival
• Sustainability is the new imperative
How can you thrive in this new
reality and manage its
business implications?
Our vision: the world has changed
11. 11
Examples of what we do
Accelerating clinical
trials
We worked with a leading
life sciences company to
assess sophisticated sensors
& collect patient data to
accelerate clinical research
& development with digital
biomarkers.
#industries
Complex challenges
require solutions yet to
be imagined
It takes imagination and
inventiveness to make
hard things seem easy for
our clients and their
clients.
11
12. 12
Accessing Medical Data
GDPR
General Data Protection Regulation
Applied in the EU since May 2018
Up to 20 million euro fines
It is a regulation, not a directive
13. 13
Regulation or directive?
A "regulation" is a binding
legislative act. It must be
applied in its entirety across
the EU. For example, when
the EU’s regulation on
ending roaming charges
while travelling within the EU
expired in 2022, the
Parliament and the Council
adopted a new regulation
both to improve the clarity of
the previous regulation and
make sure a common
approach on roaming
charges is applied for
another ten years.
A “directive" is a legislative
act that sets out a goal that
all EU countries must
achieve. However, it is up to
the individual countries to
devise their own laws on how
to reach these goals. One
example is the EU single-use
plastics directive, which
reduces the impact of certain
single-use plastics on the
environment, for example by
reducing or even banning the
use of single-use plastics
such as plates, straws and
cups for beverages.
14. 14
Sanctions according to GDPR
The GDPR has eleven
chapters, concerning general
provisions, principles, rights
of the data subject, duties of
data controllers or
processors, transfers of
personal data to third
countries, supervisory
authorities, cooperation
among member states,
remedies, liability or penalties
for breach of rights, and
miscellaneous final
provisions. Recital 4
proclaims that ‘processing of
personal data should be
designed to serve mankind’.
Potential sanctions:
• A warning in writing in cases of first and non-intentional
noncompliance.
• Regular periodic data protection audits.
• A fine up to €10 million or up to 2% of the annual
worldwide turnover of the preceding financial year in
case of an enterprise, whichever is greater, if there has
been an infringement of the provisions in Article 83,
Paragraph 4.
• A fine up to €20 million or up to 4% of the annual
worldwide turnover of the preceding financial year in
case of an enterprise, whichever is greater, if there has
been an infringement of the provisions in Article 83,
paragraphs 5 & 6.
15. 15
Acceptance & Application
Based on three characters:
The regulation became a model for many other
laws across the world, including in Türkiye,
Mauritius, Chile, Japan, Brazil, South Korea,
South Africa, Argentina and Kenya. As of 6
October 2022, the United Kingdom retains the
law in identical form despite no longer being an
EU member state. The California Consumer
Privacy Act (CCPA), adopted on 28 June 2018,
has many similarities with the GDPR.
Data Subject
Data Processor
Data Controller
16. 16
Characters
me
The natural or legal person, public authority,
agency or other body which, alone or jointly with
others, determines the purposes and means of the
processing of personal data.
Data Subject
Data Processor
Data Controller
The natural or legal person, public authority,
agency or other body which processes
personal data on behalf of the controller.
17. 17
Data Subject’s Data
Personal Data - any
data that can be
used to identify an
individual, such as a
name, home
address or credit
card number.
The 8 rights of the Data Subject:
• to be informed
• to access
• to object
• to erasure or blocking
• to damages
• to file a complaint
• to rectify
• to data portability 17
The GDPR recognizes data concerning health
as a special category of data and provides a
definition for health data for data protection
purposes.
Though the innovative principles introduced by
the GDPR (privacy by design or the prohibition
of discriminatory profiling) remain relevant and
applicable to health data as well, specific
safeguards for personal health data and for a
definitive interpretation of the rules that allows
an effective and comprehensive protection of
such data have now been addressed by the
GDPR.
Processes that foster innovation and better
quality healthcare, such as clinical trials or
mobile health, need robust data protection
safeguards in order to maintain the trust and
confidence of individuals in the rules designed to
protect their data.
18. 18
Differences between “can” and “must”
The lawless land
• 5% of internet
content.
• Findable through
search engines.
• 90% of internet content.
• Not findable through
search engines.
• E-Mails, bank info,
credit card numbers
• Extremely protected
• 5% of internet
content.
• Used for seriously
illegal purposes.
19. 19
Anonymization of Data
A process by which personal data is altered in
such a way that a data subject can no longer be
identified directly or indirectly, either by the data
controller alone or in collaboration with any other
party.
Data Controller
In the context of medical data, anonymized data refers to data from which the patient cannot be
identified by the recipient of the information. The name, address, and full postcode must be
removed, together with any other information which, in conjunction with other data held by or
disclosed to the recipient, could identify the patient.
21. 21
21
The “Findability”
• 42 year old
• Hospital X
• Date of case study
• Population
• Other details of the report
• Request of legal reports
• Public information on the internet (voters,
fines, official notifications)
• Social networks
• Social networks of the others
22. 22
Recommendations
• No magic formula.
• Use social networks with wisdom.
• Before mentioning others (relatives,
friends) get their approval.
• Avoid any mention to medical
topics, unless necessary.
• Enroll Robinson list.
• SWITCH OFF THE PHONE when
not necessary.
• Review systematically all sensitive
documents and delete/destroy
(banks, medical).
• Look for professional advice in
case of action or protection.
23. 23
Professional Advice?
23
• Identification of data in the dark web.
• Legal advice.
• Erasure of data.
• Identification of threats.
• Specific tools and service.
• 24x7 Cybersecurity Service. Round the
Clock, round the globe.
24. 24
Hvala!
24
Josema Cavanillas
VP - Head of Health & Life Sciences Sales for Eastern Europe
Member of the Atos Scientific Community
Member of the Atos Expert Community
Notas do Editor
We're a circa €5 billion revenue Atos business that will become an independent company in late 2023, combining Atos’ leading Digital, Cloud, Big Data and Security business lines.
Bringing together unique data and technology capabilities with world-class talents, we're a new digital scale-up, with the ambition to combine the mentality of a start-up, agile and creative, with the resources, stability and global scale of an established company,
We are one of the largest pure players in digital services, with 57.000 engineers and problem solvers, combining highly synergistic capabilities to expand the possibilities of data and technology:
in 6 segments: Digital Transformation, Smart Platforms, Cloud, Advanced Computing, Digital Security and Net Zero.
with a unique ability to bring all these capabilities holistically for our clients with the combination of our own IP and of the IP of our leading partners.
We are notably already recognized as:
A leader in Digital Security, which represents 15% of our revenue, and where we are the world’s N°1 in Managed Security Services (Gartner 2022).
A leader in Advanced Computing, with 6% revenue in High-Performance Computing (we are ranked top 3 worldwide player in supercomputers by Hyperion Research) and 6% revenue in Business Computing (where we are recognized as a key player in large-scale open servers, and the « leader of leader in Edge/AI » by ISG)
A visionary player in public cloud (Gartner 2022) with our Cloud business line, which represents 10% of our business;
A leader in data and analytics (Gartner 2022), notably through our Transformation Acceleration activity which represents 9% of our business; and a leader in digital, with strong expertise in Smart Platforms, which represents 54% of our business. We have been ranked by ISG as a leader in digital business solutions and services, and we are ranked by HFS Research in the top 10 services providers for SAP S/4 Hana;
We have a deep expertise in technology and data value chains, with 2,100 patents, 50,000+ certifications
A truly global player, we serve a broad base of c. 500 large customers across all sectors in 45 countries, with 5,200 engineers in the Americas (c. 30% of our revenue), 21.000 in Southern and Central Europe & MEA (c. 47% of our revenue) and 31.000 in Northern Europe & APAC (c. 23% of our revenue),
While we have a worldwide presence and footprint, we provide strong European sovereign digital capabilities and are recognized as the sole European tier-one manufacturer of high-performance computers, helping public and private organizations meet the highest sovereignty levels in digital security and advanced data processing.
Our values are at the heart of everything we do:
-#GrowTogether: we foster an inclusive, equitable community because we’re smarter, stronger and have more fun together.
-#DareToTry: we are practical but we also know when to take audacious risks in the pursuit of progress.
-#DoTheRightThing: we forge trusted relationships that are built to last. We have the best interest of our colleagues, clients, and partners at the heart.
-#StayCurious: we use our curiosity to transform a possibility into reality and take our work to the next level.
We're Eviden, a new player aiming to expand the possibilities of data and technology to help you accelerate digital transformation and move your business forward at speed.
We're a circa €5 billion revenue Atos business that will become an independent company in H2 2023, combining Atos’ leading Digital, Cloud, Big Data and Security business lines.
Bringing together unique data and technology capabilities with world-class talents, we're a new digital scale-up, with the ambition to combine the mentality of a start-up, agile and creative, with the resources, stability and global scale of an established company,
We are one of the largest pure players in digital services, with 57.000 engineers and problem solvers, combining highly synergistic capabilities to expand the possibilities of data and technology:
in 6 areas: Digital Transformation, Smart Platforms, Cloud, Advanced Computing, Digital Security and Net Zero in 7 industries (Energy & Utilities, Financial Services and Insurance, Healthcare & Life sciences, Manufacturing, Public Sector & defense, Retail, Transport & Logistics, Telecom Media & Technology)
with a unique ability to bring all these capabilities holistically for our clients with the combination of our own IP and of the IP of our leading partners.
We are notably already recognized as:
A leader in Digital Security, which represents 15% of our revenue, and where we are the world’s N°1 in Managed Security Services (Gartner 2022).
A leader in Advanced Computing, with 6% revenue in High-Performance Computing (we are ranked top 3 worldwide player in supercomputers by Hyperion Research) and 6% revenue in Business Computing (where we are recognized as a key player in large-scale open servers, and the « leader of leader in Edge/AI » by ISG)
A visionary player in public cloud (Gartner 2022) with our Cloud business line, which represents 10% of our business;
A leader in data and analytics (Gartner 2022), notably through our Transformation Acceleration activity which represents 9% of our business; and a leader in digital, with strong expertise in Smart Platforms, which represents 54% of our business. We have been ranked by ISG as a leader in digital business solutions and services, and we are ranked by HFS Research in the top 10 services providers for SAP S/4 Hana;
We have a deep expertise in technology and data value chains, with 2,100 patents, 50,000+ certifications
A truly global player, we serve a broad base of c. 500 large customers across all sectors in 45 countries, with 5,200 engineers in the Americas (c. 30% of our revenue), 21.000 in Southern and Central Europe & MEA (c. 47% of our revenue) and 31.000 in Northern Europe & APAC (c. 23% of our revenue),
While we have a worldwide presence and footprint, we provide strong European sovereign digital capabilities and are recognized as the sole European tier-one manufacturer of high-performance computers, helping public and private organizations meet the highest sovereignty levels in digital security and advanced data processing.
Our values are at the heart of everything we do:
-#GrowTogether: we foster an inclusive, equitable community because we’re smarter, stronger and have more fun together.
-#DareToTry: we are practical but we also know when to take audacious risks in the pursuit of progress.
-#DoTheRightThing: we forge trusted relationships that are built to last. We have the best interest of our colleagues, clients, and partners at the heart.
-#StayCurious: we use our curiosity to transform a possibility into reality and take our work to the next level.
What’s our vision?
The world is changing at an accelerated pace, and we are at a turning point in business.
Digital transformation accelerates everywhere, driven by the convergence of the physical and the digital worlds, making data the cornerstone of business, requiring enterprises to leverage Automation and AI everywhere, nurturing a constant battle for digital talents;
The geopolitical equilibrium is fracturing, with new worldwide tensions, driving a change from globalization to a more volatile, multipolar world, with crises surging everywhere, and threats multiplying. Cyber security, supply chain resilience, and digital sovereignty are becoming more than ever critical for survival;
The ecological challenges rise, a climate crisis unfolds, and we evolve from a resource's abundant world to a world where resource limitations grow, especially in energy. Sustainability is the new imperative.
How can enterprises survive and thrive in this new reality and manage its business implications?
This is what Eviden is about: provide a new digital player, bringing together unmatched capabilities in smart, secure, and sustainable solutions to create new paths forward for our clients and the society as a whole.
At Eviden, we see these challenges as an opportunity for infinite possibilities.
Within #industries, we worked for example with a leading life sciences company to assess sophisticated sensors & collect patient data to accelerate clinical research & development with digital biomarkers.
We're a circa €5 billion revenue Atos business that will become an independent company in H2 2023, combining Atos’ leading Digital, Cloud, Big Data and Security business lines.
Bringing together unique data and technology capabilities with world-class talents, we're a new digital scale-up, with the ambition to combine the mentality of a start-up, agile and creative, with the resources, stability and global scale of an established company,
We are one of the largest pure players in digital services, with 57.000 engineers and problem solvers, combining highly synergistic capabilities to expand the possibilities of data and technology:
in 6 areas: Digital Transformation, Smart Platforms, Cloud, Advanced Computing, Digital Security and Net Zero in 7 industries (Energy & Utilities, Financial Services and Insurance, Healthcare & Life sciences, Manufacturing, Public Sector & defense, Retail, Transport & Logistics, Telecom Media & Technology)
with a unique ability to bring all these capabilities holistically for our clients with the combination of our own IP and of the IP of our leading partners.
We are notably already recognized as:
A leader in Digital Security, which represents 15% of our revenue, and where we are the world’s N°1 in Managed Security Services (Gartner 2022).
A leader in Advanced Computing, with 6% revenue in High-Performance Computing (we are ranked top 3 worldwide player in supercomputers by Hyperion Research) and 6% revenue in Business Computing (where we are recognized as a key player in large-scale open servers, and the « leader of leader in Edge/AI » by ISG)
A visionary player in public cloud (Gartner 2022) with our Cloud business line, which represents 10% of our business;
A leader in data and analytics (Gartner 2022), notably through our Transformation Acceleration activity which represents 9% of our business; and a leader in digital, with strong expertise in Smart Platforms, which represents 54% of our business. We have been ranked by ISG as a leader in digital business solutions and services, and we are ranked by HFS Research in the top 10 services providers for SAP S/4 Hana;
We have a deep expertise in technology and data value chains, with 2,100 patents, 50,000+ certifications
We're a circa €5 billion revenue Atos business that will become an independent company in H2 2023, combining Atos’ leading Digital, Cloud, Big Data and Security business lines.
Bringing together unique data and technology capabilities with world-class talents, we're a new digital scale-up, with the ambition to combine the mentality of a start-up, agile and creative, with the resources, stability and global scale of an established company,
We are one of the largest pure players in digital services, with 57.000 engineers and problem solvers, combining highly synergistic capabilities to expand the possibilities of data and technology:
in 6 areas: Digital Transformation, Smart Platforms, Cloud, Advanced Computing, Digital Security and Net Zero in 7 industries (Energy & Utilities, Financial Services and Insurance, Healthcare & Life sciences, Manufacturing, Public Sector & defense, Retail, Transport & Logistics, Telecom Media & Technology)
with a unique ability to bring all these capabilities holistically for our clients with the combination of our own IP and of the IP of our leading partners.
We are notably already recognized as:
A leader in Digital Security, which represents 15% of our revenue, and where we are the world’s N°1 in Managed Security Services (Gartner 2022).
A leader in Advanced Computing, with 6% revenue in High-Performance Computing (we are ranked top 3 worldwide player in supercomputers by Hyperion Research) and 6% revenue in Business Computing (where we are recognized as a key player in large-scale open servers, and the « leader of leader in Edge/AI » by ISG)
A visionary player in public cloud (Gartner 2022) with our Cloud business line, which represents 10% of our business;
A leader in data and analytics (Gartner 2022), notably through our Transformation Acceleration activity which represents 9% of our business; and a leader in digital, with strong expertise in Smart Platforms, which represents 54% of our business. We have been ranked by ISG as a leader in digital business solutions and services, and we are ranked by HFS Research in the top 10 services providers for SAP S/4 Hana;
We have a deep expertise in technology and data value chains, with 2,100 patents, 50,000+ certifications
Our values are at the heart of everything we do:
-#GrowTogether: we foster an inclusive, equitable community because we’re smarter, stronger and have more fun together.
-#DareToTry: we are practical but we also know when to take audacious risks in the pursuit of progress.
-#DoTheRightThing: we forge trusted relationships that are built to last. We have the best interest of our colleagues, clients, and partners at the heart.
-#StayCurious: we use our curiosity to transform a possibility into reality and take our work to the next level.
Our values are at the heart of everything we do:
-#GrowTogether: we foster an inclusive, equitable community because we’re smarter, stronger and have more fun together.
-#DareToTry: we are practical but we also know when to take audacious risks in the pursuit of progress.
-#DoTheRightThing: we forge trusted relationships that are built to last. We have the best interest of our colleagues, clients, and partners at the heart.
-#StayCurious: we use our curiosity to transform a possibility into reality and take our work to the next level.