The minute we are treated or examined in a hospital, we leave a data trail. This includes personal information such as name, date of birth and address, or medical data such as medical history, diagnosis or treatment results, as well as biospecimens such as blood or tissue. If the patient agrees, these data can also be used for research. In addition, there are also data that are primarily collected for research purposes, of course with the explicit informed consent of the patient. All of this confidential medical information must be protected from unauthorized access.
Joint platform for medical data
"For researchers or doctors who want to use these data for research, it is often impossible to access all the data in one place. This is important, however, because the overall picture is crucial, especially when dealing with complex diseases", explains Andreas Lehmann, Bitcare founder. However, integrating these data into a common database presents major security risks.
The Bitcare founders' Data Integration System (DIS) software ensures that the data remain physically, organizationally and technically separate, but the researcher can easily access and display them on a single user interface. The technical concept is that the data in the background remain on three separate systems, located on three different servers.
DIS is open-source software. This has the great advantage that new components developed for one user are also freely available to all other users. In their company, Lehmann and co-founder Florian Kohlmayer provide many years of expertise combined with the adaptation, development and maintenance of the software.
The two Bitcare computer scientists developed the IT system together with a large team at TUM's Institute for Medical Informatics, Statistics and Epidemiology under the direction of Prof. Klaus Kuhn, who also provided crucial support during the foundation phase.
"Until the middle of last year, data protection was not the main concern for many users. With the introduction of the General Data Protection Regulations, awareness of cybersecurity grew, and good and secure systems were required and in demand", Kohlmayer reports from experience. This is where the Bitcare software system comes in. It applies a two-level coding system to the data, referred to as double pseudonymization. Here, personal data, such as the name or address, are assigned to a number. In the Bitcare software, the first number is assigned to a second number, and only then are the results of any treatment stored using this second number. This means it is only possible to later assign the clinical data to the individual with access to all three servers. Kohlmayer is also a member of the ethics committee of the Ludwig-Maximilians-Universität München and focusses on data protection and data security under this mandate.
Anchored in Munich's research landscape
Research institutes and hospitals were interested in the software from a very early stage, because it solves everyday patient data collection problems. Interest also increased significantly in 2015. "The route to founding a new company was close at hand", says Andreas Lehmann. After taking advice from the TUM start-up consultants and with licensing agreements with Klinikum rechts der Isar for use of the software, they started out as entrepreneurs in October 2016 – with no venture capital but with many projects in which the software was already being used.
Numerous Munich research institutes and German national research networks are now among the users of their software, for example the large DIFUTURE project, led by TUM. The aim of this BMBF-funded (BMBF – (German) Federal Ministry for Education and Research) medical informatics project is to integrate and analyze digital patient data to better understand diseases and make individual decisions faster. It was recently confirmed that Bitcare's IT solution will also be used for the Bavarian DigiMed Bayern project run by the Bavarian State Ministry of Health.