Homomorphic Encryption in Healthcare

Project description

Our project investigates how Fully Homomorphic Encryption (FHE) can enable secure, privacy-preserving computations on sensitive data without ever decrypting it. Specifically, we ask: “How can a proof-of-concept system be built that allows an external analytics service to perform meaningful operations on encrypted healthcare records, while maintaining compliance with privacy regulations?” By integrating an FHE library into a standard web application stack, we explore both the technical feasibility and performance trade-offs of transmitting, processing patient data entirely under encryption.

Context

Privacy regulations such as HIPAA and GDPR impose strict controls on sharing patient data, yet healthcare organizations increasingly need to collaborate with external analytics providers for research, predictive modeling, and quality improvement. Traditional encryption protects data at rest and in transit but requires decryption for computation, creating exposure risks. Homomorphic encryption promises a new paradigm: performing additions, multiplications, and statistical queries directly on ciphertexts, so third-party services never see raw data. Our proof-of-concept focuses on a hospital setting: a backend API automatically encrypts patient demographic and vital-sign data (age, BMI, blood pressure, etc.) before storing it or sending it to an external analytics API. Using Pyfhel (Python wrapper for SEAL/OpenFHE), we integrate FHE into an MVC web framework with a PostgreSQL database, showcasing how encrypted pipelines can be woven into existing healthcare IT infrastructures.

Results

We delivered a fully functional proof-of-concept FHE analytics pipeline where patient records are encrypted at the time of input, transmitted to an external analytics API, processed under encryption, and only decrypted when returned to the hospital domain. Alsongside this we implemented a three-tier AES-256 key hierarchy with Master, Key-Signing, and Working keys to safeguard FHE secret keys and eliminate single points of failure.

Performance benchmarking revealed that CKKS and BFV schemes incur encryption latencies of 5.2–5.9 ms per JSON record (≈50× slower than AES) and expand ciphertexts to hundreds of kilobytes (390 KB for CKKS, 520 KB for BFV versus ≈32 bytes for AES), while homomorphic additions and multiplications run into the miliseconds per operation with BFV multiplication taking 23.25ms (taking nearly 50.000x longer than plaintext operation). In a simulated hospital workload, encrypting 1,000 patient records took around 10 minutes and consumed 6.9 GB of storage.

Overall, our results demonstrate that third-party analytics can execute meaningful queries without exposure to plaintext data, fulfilling HIPAA/GDPR privacy mandates and establishing a clear roadmap with further optimization and protocol standardization.