TECNALIA develops a tool capable of foreseeing potential threats to healthcare IT systems and assessing vulnerabilities

10 September 2021

TECNALIA uses blockchain technology to tackle cyber-attacks on healthcare systems

TECNALIA is committed to blockchain technology to provide secure IT environments for healthcare centres and guarantee the security of data management. To this end, it is developing a tool capable of anticipating, preventing and counteracting potential threats to healthcare IT systems, and assessing vulnerabilities.

It is an automated touch device, which makes it possible to verify the service and is ready to be used and integrated into existing IT infrastructures. This cyber protection system ensures the privacy of patient data.

The tool also offers a monitoring system for cyber threats. This system lets users know that a threat has been detected by means of a subscription to real-time events. It works with an easy and intuitive interface, allowing it to be integrated into surveillance systems in an agile and efficient way.

The tool is part of the European SPHINX project, and is available to start-ups and SMEs that provide cybersecurity solutions and can be made available as an added service. The product is designed with international organisations (such as the OECD, FAO and the UN) in mind, as well as research and technology centres and institutions with a high volume of personal health data and a complex IT structure. Although it has been developed in an environment related to hospitals and health centres, the flexibility and adaptability of this smart system makes it possible to implement it in any IT ecosystem that requires automated auditability.

An important aspect of cyber attacks is the legal liability of the company for the data accessed. To facilitate audits in these situations, the Blockchain-Based Threat Register (BBTR) provides a logging system for detected threats and attacks. This speeds up external audits in the event of cyber attacks on the system.

Further information

TECNALIA carries out applied research in the fields of industrial cybersecurity, cryptography, privacy and blockchain. It has cybersecurity laboratories for the automotive, energy, cyber-range, and blockchain industries, which form part of the Cybersecurity Node of the Basque Digital Innovation Hub and the INCIBE National Network of Industrial Laboratories. It takes part in the main committees to regulate and standardise cybersecurity, privacy, and blockchain within UNE/ISO. It is also part of the OECD’s expert advisory council on cybersecurity and blockchain policies.

At the same time, it is a member of national and international cybersecurity organisations, the Board of Directors of ECSO (European Cyber Security Organisation), EOS (European Organisation for Security), and RENIC (Spanish Network of Excellence in Cybersecurity Research), member of the Council of WOMEN4CYBER and the Board of Directors of the Spanish chapter of WOMEN4CYBER; as well as the main global blockchain alliances such as Hyperledger (Linux Foundation), EEA (Enterprise Ethereum Alliance), and Alastria; and European initiatives of digital and data sovereignty such as IDSA (International Data Spaces Association) or GAIA-X.