MedCryptor

Who we are

Tiew Wei Xuan Wei Xuan is a budding computer scientist at the National University of Singapore who is deeply interested in cybersecurity. Majoring in Information Security, he is the driver of the essential inspiration behind this project. During the pandemic, he was deployed to the Ministry of Health, where he worked in the COVID-19 task force to coordinate operations for infected patients. Dealing with a large number of personal health data in this role played a significant role in influencing the problem statement we intend to address with our project.

Tan Jing Sheng Jing Sheng is currently studying Computer Science at the National University of Singapore and intends to specialise in Computer Security and Software Engineering.

Jeffrey Jian An aspiring software engineer who intends to go into the world of Quantitative Finance, he is currently a sophomore studying Computer Science and minoring in Quantitative Finance. With real-world experience in back-end development, he has worked with fellow developers to create administrative dashboards that serve 12,000 over clients. He is the key driver behind our application’s back-end.

Inspiration

With consultation with professionals with Synapxe, Singapore’s health technology agency, we understood that a key privacy concern that the healthcare system is currently facing is the classification of sensitive health data; a recent revision to the Ministry of Health’s policy specified a class of Sensitive Health Information (SHI), examples included mental disorders, substance abuse and STDs.

What it does

MedCryptor, at a macro level, seeks to transfer data ownership from a governmental or organisational level, to a personal level, while unifying health data into a single database. MedCryptor stores each individual’s health data into a centralised, encrpyted database, where users are empowered to determine who is able to view their medical information.

Use Cases

1. With some governmental health systems allowing medical professionals to view health data of patients that are not under their purview, MedCryptor hopes to entrust users with deciding the medical professionals (whom they are consulting) that are able to view their health data.

2. For users in countries that have differentiated health systems, their medical history may be fragmented across different databases. MedCryptor seeks to be a unifying solution for all their health data in one place.

3. For users who require medical assistance overseas, where their health data may not be accessible if it is in their domestic country’s databases, MedCryptor seeks to provide comprehensive health data to medical professionals for better treatment.

How we built it

We built the front-end interface using React.js with AntDesign, with the backend being Go and PostgreSQL.

Challenges we ran into

Digging into PETAce-SetOPS was where we found inspiration for private set operations, and especially Private Information Retrieval. However, we didn't think we could implement PSI into our design. Nevertheless, PETAce exposed us to the concepts of oblivious transfer and PIR which we hope to be able to implement into MedCryptor in the future.

What we learned

Our prior research with Synapxe allowed us to understand the privacy context in Singapore's health landscape. Delving into PETAce allowed us to understand novel concepts that have not been taught in campus, which taught us Private Set Operations and how they can be used to enhance user privacy and be implemented in applications globally, such as ours.

What's next for MedCryptor

1. Utilising other encryption technologies to keep the database secure, such as a public key infrastructure.
2. Developing mobile applications and incorporating Singpass API for a verified, biometric login.
3. Exploring the concept of oblivious transfer to send data between the database and the application.

Built With

• antdesign
• go
• postgresql
• react