SHiELD logo

The exchange of health data to support mobile patients is possible, but is constrained by security and regulatory challenges, especially for cross-border data exchange.

Data is rarely exchanged in practice because it is hard to ensure that the 'end-to-end' system handling the data will be secure and comply with data protection laws in the different European Member States.

Secure Society Health & Wellbeing

Project Objectives

SHiELD will unlock the value of health data to European citizens and businesses by overcoming security and regulatory challenges that today prevent this data being exchanged with those who need it. This will make it possible to provide better health care to mobile citizens across European borders, and facilitate legitimate commercial uses of health data.

SHiELD will address the security and compliance challenges as follows:

  • providing models and analysis tools for automated identification of end-to-end security risks and compliance issues and supporting privacy and 'by design';
  • defining an open and extensible data exchange architecture based on epSOS, able to support security measures to address these risks;
  • developing security mechanisms to deal with new and emerging risks, such as inference attacks on sensitive data, and risks from relatively unprotected mobile edge devices;
  • providing faster and more cost effective methods to verify and monitor compliance with multiple sets of applicable regulations.

Case studies will address cross border scenarios in which a citizen from one country needs health care while in another, and care givers need access to their health data some of which may be stored by a service provider in a third country. SHiELD will also consider how commercial providers of lifestyle services or wearable sensors may be involved in such data exchanges. SHiELD will thereby also create opportunities for using health data to create such products and services addressing the common European market. SHiELD will provide guidance on best practice to achieve end-to-end security and data protection compliance in health and health related applications. SHiELD will also feed into CEN-Cenelec and ETSI efforts to create EU standards for data protection by design in eHealth.

IT Innovation's Role

IT Innovation leads the development of the tools and knowledge bases enabling the systematic identification and analysis of security threats to patient data. Related to this work, we contribute to the analysis of legal compliance requirements, and to the development of standards. We also contribute to the development of security mechanisms to ensure the implementation is consistent with the projection models developed in the project, and support the use of its tools to model specific scenarios in validation case studies.

In addition to the technical expertise, IT Innovation chairs the Ethics Committee, drawing on our experience in conducting research involving personal data including in the FP7 FIRE Programme and H2020 ProsocialLearn and HUMANE projects.

Project Fact Sheet

The SHiELD project is a 36 month project funded by the EC H2020 ICT framework programme.

Coordinator: TECNALIA, Spain
Twitter: @SHIELDH2020

European emblem This project has received funding from the European Union's Horizon 2020 research and innovation programme under grant agreement No 727301.

Related Projects

Read More


Secure Society
Read More


Health & Wellbeing, Big Data, Artificial Intelligence