Encrypt

Press Release #6: ENCRYPT Project close to Completion – Thank you all for your Support!

admin — Thu, 26 Jun 2025 15:07:49 +0000

The post Press Release #6: ENCRYPT Project close to Completion – Thank you all for your Support! first appeared on Encrypt.

Record Linkage in Healthcare Research

admin — Wed, 25 Jun 2025 07:47:19 +0000

Background

Record linkage is the process of identifying and connecting records that refer to the same entity, such as a patient, across different databases. In health research, this process is essential for building a comprehensive understanding of patient health trajectories. By linking data from different sources such as hospitals and research institutions, researchers can compare long-term health trends, disease progression and treatment outcomes.

Problem

Record linkage becomes particularly challenging when data is distributed across multiple healthcare institutions or countries, especially in regions like Germany where data protection laws are notably strict. In Germany, health data is considered highly sensitive, and its use or transfer requires a clear legal basis and/or explicit patient consent. The legal framework is governed by a complex interplay of national laws, state-specific regulations and the General Data Protection Regulation (GDPR), all of which impose strict requirements on the collection, processing and sharing of personal data. Additionally, Germany lacks a universal patient identifier, which increases the risk of linkage errors and makes it difficult to harmonize pseudonymization practices across institutions.

Initiatives such as the German Medical Informatics Initiative (MII) and NFDI4Health are working towards developing federated infrastructures, metadata standards and secure pseudonymization methods. Initiatives such as the ENCRYPT project are addressing this through privacy-preserving data processing technologies.

Protecting Privacy while Linking Data

To tackle this challenge, we developed a secure solution within the ENCRYPT platform that ensures patient privacy is respected at every step. Our approach is based on using a specialized, cutting-edge privacy-preserving technology for secure computation known as a Trusted Execution Environment (TEE) and by building a custom application designed to operate entirely within this secure environment.

What Is a Trusted Execution Environment (TEE)?

A Trusted Execution Environment, or TEE, is a secure area within a computer’s processor that is isolated from the rest of the system. It allows sensitive data to be processed in a way that prevents access by unauthorized users, even if they have control over the system itself. TEEs offer a strong guarantee that both the computation and the data remain confidential throughout processing and thus help with complying with legal and ethical standards for healthcare data handling.

One of the key stages of working with TEEs is a procedure called attestation. Attestation is a mechanism that confirms the integrity and confidentiality of the TEE before any sensitive operation takes place. It assures data providers and users that the environment has not been tampered with and can be trusted to handle confidential information.

What Is a Trusted Execution Environment (TEE)?

Our Secure Application: An Overview

We developed a Python-based application composed of three main components:

Wrapper (Controller): This component is responsible for setting up the secure environment, configuring the TEE and coordinating the different stages of the application.
Server: This module runs inside the TEE and securely receives data records from multiple sources.
Main Application: Once all data has been received, this component performs record linkage by identifying and consolidating duplicate records that refer to the same individual.

Each of these components plays a critical role in maintaining security, privacy, and functionality throughout the process.

Step by step: Secure Processing Inside the TEE:

Initialization and Attestation: When the application starts, the Wrapper configures the Trusted Execution Environment and deploys secure containers. it also performs attestation to ensure that the environment is both confidential and trustworthy. Once verified, the Wrapper launches the secure server inside the TEE.
Secure Data Collection: The Server, operating entirely within the TEE enclave, receives sensitive health records from various sources – such as different hospitals and stores them in a protected area. This design ensures that no data is exposed to the untrusted environment at any point.
Privacy-Preserving Record Linkage: Once all data has been collected, the main application is executed within the TEE. It performs record linkage to detect when the same patient appears in multiple datasets. Because Germany lacks a universal patient identifier, our logic assumes that a match occurs when records have the same name, gender, date of birth and health insurance provider, but have different medical encounter dates. We also assume that a patient does not change their name, gender, or insurance provider across institutions.

When a match is found, the application merges the records into a single unified profile. It also updates all associated references (such as treatments and diagnoses) so they correctly point to the merged patient identity. The final output mirrors the original data structure (HL7 FHIR), but with consolidated and de-duplicated entries and reflects complete individual journeys across multiple data source.

Testing Privacy-Preserving Record Linkage with Synthetic Data

To test the Privacy-Preserving Record Linkage capabilities, we utilized a synthetic dataset availed by the MII consortium. This synthetic dataset simulates patient medication histories and demographic information, allowing us to replicate a real-world data scenario while ensuring compliance with the privacy requirements for cross-institutional healthcare research.

A Unified and Privacy-Preserving Dataset

At the end of the process, our system produces a new dataset that preserves the original structure while providing a more comprehensive and accurate view of individual’s record history across different data sources.

All operations from secure data ingestion to record linkage and generation of the final dataset, take place entirely within the secure TEE. This guarantees that sensitive data remains protected at every step.

By integrating advanced privacy-preserving technologies like TEE, the ENCRYPT platform enables collaborative medical research across institutions without compromising individual privacy or regulatory compliance. This use case demonstrates the platform’s potential to effectively addresses the complex legal and ethical challenges of record linkage in highly regulated contexts like Germany, where health data is subject to strict protection under the General Data Protection Regulation (GDPR), national laws and state-specific requirements.

The post Record Linkage in Healthcare Research first appeared on Encrypt.

ENCRYPT Hackathon (2): Data Readiness for Privacy-Preserving Technologies

admin — Mon, 23 Jun 2025 08:53:50 +0000

Join us for the ENCRYPT Hackathon!

The hackathon is designed to empower researchers, data scientists and industry professionals with the skills to handle sensitive data responsibly.

As the digital landscape evolves, the need to ensure data privacy becomes ever more important for sectors including healthcare, finance, insurance and public policy.

This hackathon will guide you through the essentials of data anonymization, data preparation and the application of cutting-edge Privacy Preserving Technologies (PPTs).

Date: Monday 30th June 2025 – 11:00 – 16:00 Central European Time.

Location: This will be an online event

Agenda of Hackathon

11:00 – 11:15 – Welcome, Introduction to ENCRYPT and the Hackathon
11:15 – 11:30 – Lecture: Introduction to Privacy, GDPR and Ethical Data Sharing
11:30 – 12:00 – Workshop: Techniques for Anonymizing Datasets
12:00 – 12:20 – Break
12:20 – 12:40 – Workshop: Preprocessing Datasets for ENCRYPT PPTs
12:40 – 13:00 – Workshop: A brief introduction to Differential Privacy
13:00 – 14:00 – Lunch Break
14:00 – 14:15 – Presentation of Use Case and Dataset
14:15 – 15:00 – Practical Exercise: Preparation of a Sample Dataset
15:00 – 15:15 – Practical Exercise: Open discussion on solution
15:15 – 15:30 – Demonstration: Using Differential Privacy on Extended Dataset, Python Code, Extended Dataset
15:30 – 15:45 – Break
15:45 – 16:00 – Presentation of ENCRYPT Privacy Preserving Technologies, Use Cases and Opportunities
16:00 – 16:10 – Wrap-Up and Q&A

Discover and Learn

Discover and Learn:

Foundations of Privacy – Deep dive into privacy principles, GDPR compliance and ethical data-sharing practices.
Hands-On Anonymization and Data Pre-processing Techniques – Gain practical experience in techniques to anonymise datasets and prepare them for data analytics.
Using ENCRYPT PPTs – Learn how you can use ENCRYPT Privacy Preserving Technologies to retain privacy standards and data utility for analysis and decision-making.

Why Participate?

The ENCRYPT Hackathon is not just an event, it is a step towards transforming the way we handle and process data in an increasingly privacy-focused world through the use of privacy-preserving technologies.

The hackathon will provide you with:

Expert Guidance: Learn from leading experts in the field of data privacy.
Practical Experience: Apply what you learn in real-time using synthetic datasets designed to mimic real-world scenarios.
Tools and Knowledge: To integrate into your work for privacy preserving data analytics.

How to Attend!

This will be an online event, so all you need is to register at the link below and join us online with your computer!

Join us and take the first step in secure data processing and utilizing privacy-preserving technologies effectively.

The post ENCRYPT Hackathon (2): Data Readiness for Privacy-Preserving Technologies first appeared on Encrypt.

Press Release #5: Plenary Meeting in Thessaloniki

admin — Sun, 22 Jun 2025 16:56:05 +0000

ENCRYPT_Press-Release-5
PDF DOWNLOAD

The post Press Release #5: Plenary Meeting in Thessaloniki first appeared on Encrypt.

ENCRYPT Final Event: ENCRYPTing Europe towards Secure and Federated Data Use

admin — Tue, 13 May 2025 08:13:24 +0000

Date: Tuesday 17th June 2025
Location: Stratos Vassilikos Hotel, Athens, Greece

Online Participation will also be possible

Join Us for the ENCRYPT Final Event titled “ENCRYPTing Europe Towards Secure and Federated Data Use”

We are pleased to invite you to the final event of the ENCRYPT project, taking place on Tuesday 17th June 2025, at the Stratos Vassilikos Hotel in Athens, Greece – with the option to participate online.

This full-day event will bring together leading experts, policymakers and innovators to showcase ENCRYPT’s achievements and discuss the future of privacy-preserving technologies and data analytics in Europe.

The agenda features keynote speeches from prominent voices in cybersecurity, including Dr. Andreas Mitrakas from the European Union Agency for Cybersecurity (ENISA), technical presentations of the ENCRYPT platform, in-depth exploration of real-world use cases, and a panel discussion on the challenges and opportunities of secure data sharing in the age of data spaces. The event will also highlight synergies with related European initiatives and projects such as the EASiNET Network, and the GLACIATION and TANGO projects.

This is a unique opportunity to network with stakeholders across the research, industry and public sectors and to learn of how ENCRYPT is contributing to Europe’s vision for secure, federated and privacy-preserving data utilisation.

Participation is free of charge – we look forward to welcoming you in person or online!

Final Event Agenda

09:00 – 09:45 Registration
09:45 – 10:30 Keynote Speech
- Speaker: Dr. Andreas Mitrakas, Head of Unit at the “Executive Director’s Office” in the European Union Agency for Cybersecurity (ENISA)
- Title: Aligning cybersecurity requirement for cloud-based data spaces
10:30 – 11:30 The ENCRYPT Project, Technologies and Platform
11:30 – 12:00 Coffee break
12:00 – 13:00 ENCRYPT Use cases, challenges and solution
13:00 – 14:30 Lunch and Networking Event
14:30 – 15:00 Keynote Speech
- Speaker: Professor Emanuele Bellini, University of Roma Tre
15:00 – 16:00 Related Initiatives and Projects
16:00 – 16:30 Coffee break
16:30 – 17:30 Panel Discussion
- From Data to Insights: Protecting Privacy in the era of Data Spaces

The post ENCRYPT Final Event: ENCRYPTing Europe towards Secure and Federated Data Use first appeared on Encrypt.

ENCRYPTing Financial Data: How the ENCRYPT Project is Making FinTech Safer and Smarter

admin — Fri, 18 Apr 2025 09:50:54 +0000

In today’s digital world, financial companies collect and process huge amounts of personal data, including banking habits, spending patterns and even the likelihood of repaying a loan. But how can this sensitive information be used responsibly, without putting privacy at risk?

That’s exactly the challenge the ENCRYPT project set out to solve. As part of its mission to bring privacy-preserving technologies to real-world industries, ENCRYPT took on a FinTech use case, focusing on secure data analytics in the financial sector.

Why Privacy Matters in FinTech

Whether it’s predicting loan defaults or improving debt collection strategies, financial institutions rely on data to make smarter decisions. But this data often includes highly sensitive details such as names, income levels, bank accounts and payment history.

In Europe, privacy laws like the General Data Protection Regulation (GDPR) strictly control how this kind of data can be used. That’s where ENCRYPT’s technology comes in – it helps financial companies gain insights from their data without ever exposing private information.

Smart Tools for Secure Analytics

To make this possible, ENCRYPT built a platform packed with cutting-edge privacy technologies. Here’s how it works in the FinTech world:

1. Recommendation Engine: Picking the Right Privacy Technology
Every financial task is different. Some are urgent, others need more accuracy and some involve huge datasets. The ENCRYPT platform includes an AI-powered tool that helps users choose the best privacy method for their needs. It considers things like:

How sensitive the data is
How big the dataset is
How much time and computing power is available

This smart engine ensures that companies use the strongest possible protection, without slowing down their work.

2. Differential Privacy: Hiding in the Crowd
One powerful technique ENCRYPT uses is Differential Privacy. Imagine a method that lets you analyze data without ever identifying individual people. This is what Differential Privacy does. It adds “noise” to the data, making it difficult to trace any results back to a single person.

In the FinTech use case, ENCRYPT tested this by analyzing synthetic financial data. Even with privacy protections in place, machine learning models still achieved high accuracies.

3. Trusted Execution Environments (TEEs): Safe Spaces for Data
Sometimes, data needs to be processed in a special secure zone called a Trusted Execution Environment (TEE), which is a part of a computer where no outsider can peek in, not even the operating system. ENCRYPT used this to protect financial applications, offering stronger security guarantees.

4. Homomorphic Encryption: Calculations on Locked Data
Imagine math within a locked box! That’s the magic of Homomorphic Encryption. ENCRYPT used this advanced method to process encrypted data, without ever decrypting it! It’s especially useful when the data is extremely sensitive, like in credit scoring models.

Although this technique can be slow, ENCRYPT improved performance using optimization tricks and GPU acceleration, helping to make secure predictions faster and more practical.

Real-World Impact: Helping Banks Work Smarter

ENCRYPT partnered with financial companies to test these technologies in real-life scenarios. For example, EPIBANK managed customer data, while EXUS analyzed it to predict which customers might repay debts. Thanks to ENCRYPT, EXUS could train its models without ever seeing the original data.

This means banks can now:

Make better decisions
Keep customer information safe
Comply with privacy regulations like GDPR.

Looking Ahead

The FinTech use case is just one example of how ENCRYPT’s privacy-first platform can transform industries. Whether it’s healthcare, finance, or beyond, ENCRYPT is proving that you don’t have to choose between data insights and data privacy, you can have both!

The post ENCRYPTing Financial Data: How the ENCRYPT Project is Making FinTech Safer and Smarter first appeared on Encrypt.

Innovative Ontology Mapping Framework Unveiled at SWAT4HCLS 2025

admin — Wed, 05 Mar 2025 10:13:20 +0000

An innovative framework for privacy-preserving healthcare data management was recently presented by Apostolos Mavridis at the SWAT4HCLS conference in Barcelona. This methodology integrates Large Language Models (LLMs), ontologies and vector databases for healthcare data processing and analysis.

The research, conducted by the ENCRYPT team from Aristotle University of Thessaloniki, addresses the challenge of mapping medical terminology to RDF Knowledge Graphs efficiently and with heightened privacy. Traditional methods, which often rely on rule-based systems, have struggled to scale and adapt to new medical conditions. However, the team’s use of LLMs, specifically trained on biomedical corpora like SNOMED CT, introduces a more dynamic and scalable solution.

Key aspects of the proposed system include preprocessing and standardization of medical terms, LLM-based semantic interpretation and hybrid retrieval methods that combine vector embeddings with keyword search. This approach not only enhances the semantic understanding of medical data but also ensures compliance with stringent privacy regulations.

The framework has been thoroughly evaluated by experts and has demonstrated high accuracy and scalability, reducing the need for manual curation of medical ontologies and potentially transforming the landscape of medical data management.

This research aligns with the ENCRYPT project’s goals of advancing privacy technology and methodologies in the healthcare sector, ensuring that sensitive information is handled with the utmost care while maintaining high standards of data utility and accessibility.

The post Innovative Ontology Mapping Framework Unveiled at SWAT4HCLS 2025 first appeared on Encrypt.

ENCRYPT Hackathon: Data Readiness for Privacy-Preserving Technologies

admin — Thu, 27 Feb 2025 15:33:48 +0000

Join us for the ENCRYPT Hackathon!

The hackathon is designed to empower researchers, data scientists and industry professionals with the skills to handle sensitive data responsibly.

As the digital landscape evolves, the need to ensure data privacy becomes ever more important for sectors including healthcare, finance, insurance and public policy.

This hackathon will guide you through the essentials of data anonymization, data preparation and the application of cutting-edge Privacy Preserving Technologies (PPTs).

Date: Monday 31st March 2025 – 10:00 – 16:00 Central European Time.

Location: This will be an online event

Agenda of Hackathon

10:00 – 10:20 – Welcome, Introduction to ENCRYPT and the Hackathon
10:20 – 11:00 – Lecture: Introduction to Privacy, GDPR and Ethical Data Sharing
11:00 – 11:15 – Break
11:15 – 11:45 – Workshop: Techniques for Anonymizing Datasets
11:45 – 12:15 – Workshop: Preprocessing Datasets for ENCRYPT PPTs
12:15 – 13:15 – Lunch Break
13:15 – 13:35 – Workshop: A brief introduction to Differential Privacy
13:35 – 13:50 – Presentation of Use Case and Dataset
13:50 – 14:00 – Break
14:00 – 14:45 – Practical Exercise: Preparation of a Sample Dataset
14:45 – 15:00 – Practical Exercise: Open discussion on solution
15:00 – 15:15 – Demonstration: Using Differential Privacy on Extended Dataset, Python Code, Extended Dataset
15:15 – 15:30 – Break
15:30 – 15:45 – Presentation of ENCRYPT Privacy Preserving Technologies, Use Cases and Opportunities
15:45 – 16:00 – Wrap-Up and Q&A

Discover and Learn

Discover and Learn:

Foundations of Privacy – Deep dive into privacy principles, GDPR compliance and ethical data-sharing practices.
Hands-On Anonymization and Data Pre-processing Techniques – Gain practical experience in techniques to anonymise datasets and prepare them for data analytics.
Using ENCRYPT PPTs – Learn how you can use ENCRYPT Privacy Preserving Technologies to retain privacy standards and data utility for analysis and decision-making.

Why Participate?

The hackathon will provide you with:

Expert Guidance: Learn from leading experts in the field of data privacy.
Practical Experience: Apply what you learn in real-time using synthetic datasets designed to mimic real-world scenarios.
Tools and Knowledge: To integrate into your work for privacy preserving data analytics.

How to Attend!

This will be an online event, so all you need is to register at the link below and join us online with your computer!

Join us and take the first step in secure data processing and utilizing privacy-preserving technologies effectively.

The post ENCRYPT Hackathon: Data Readiness for Privacy-Preserving Technologies first appeared on Encrypt.

The Role of Differential Privacy in FinTech

admin — Thu, 16 Jan 2025 21:06:34 +0000

In the dynamic and rapidly evolving world of FinTech, data security and privacy have become critical concerns. Financial institutions manage vast amounts of sensitive information, including personal identification data, transaction histories, and behavioral insights.

The imperative to safeguard such data against breaches, unauthorized access and misuse has led to the adoption of advanced privacy-preserving technologies.

Among these, Differential Privacy (DP) stands out as a transformative approach that balances data utility with privacy preservation. This blog post explores the significance of DP in the FinTech domain, its operational principles and its practical applications.

Differential Privacy

Differential Privacy is a mathematical framework designed to provide robust privacy guarantees when analyzing and sharing data. By introducing carefully calibrated noise into data outputs or queries, DP ensures that no single individual’s information can be discerned, even if an attacker has access to auxiliary information.

Two primary models of DP are noteworthy:

Central Differential Privacy (CDP): In this model, raw data is transmitted to a trusted server, which applies noise before responding to queries. CDP is widely utilized in machine learning, deep learning and statistical analyses.
Local Differential Privacy (LDP): Here, noise is added directly by the data owner before sharing. This model is ideal when trust in centralized servers is limited, though it typically results in reduced data utility compared to CDP.

The FinTech sector, characterized by its reliance on data-driven insights, can leverage DP in numerous ways:

Customer Data Analysis: Financial institutions often analyze customer data to tailor services, such as creating personalized financial products. DP allows these analyses while ensuring individual privacy, fostering trust among users.
AI Model Training: FinTech companies rely heavily on AI-driven solutions for fraud detection, credit scoring, and risk assessment. DP ensures that datasets used for training models retain their utility without compromising the privacy of individuals.
Regulatory Compliance: Adhering to stringent privacy regulations like GDPR is essential for FinTech firms. DP provides a mathematical framework that aligns with legal requirements, ensuring compliance during data sharing and processing.
Secure Data Sharing: Collaboration among FinTech companies often requires data sharing. For instance, a bank might share transaction data with a software vendor for AI model development. DP enables secure data sharing by obfuscating sensitive details, reducing the risk of re-identification.

Case Study: Differential Privacy in ENCRYPT

The ENCRYPT project exemplifies the application of DP in FinTech. It addresses two critical use cases:

Data Security Assessment: For financial institutions like EPIBANK, DP methodologies are employed to assess the privacy levels of stored data before sharing it externally. This assessment helps identify sensitive data fields and ensures robust anonymization.
AI Model Training: ENCRYPT facilitates secure training of AI models by applying DP techniques to data shared with third parties. For example, EPIBANK’s customer data is anonymized using DP before being shared with EXUS for training machine learning models that enhance debt collection strategies.

In both scenarios, DP guarantees that even with advanced analysis techniques, the risk of identifying individual customers remains negligible.

Benefits of Differential Privacy in FinTech

Enhanced Customer Trust: DP’s ability to protect individual privacy fosters stronger customer relationships by demonstrating a commitment to safeguarding sensitive information.
Regulatory Adherence: DP’s compatibility with frameworks like GDPR ensures that FinTech companies operate within legal boundaries, avoiding hefty fines and reputational damage.
Innovation Enablement: By mitigating privacy concerns, DP allows FinTech firms to innovate freely, leveraging data for AI and analytics without ethical or legal constraints.
Risk Mitigation: The obfuscation of sensitive details reduces the potential for data breaches and misuse, minimizing associated financial and operational risks.

Challenges and Considerations

While DP offers significant advantages, its implementation in FinTech is not without challenges:

Trade-offs in Data Utility: Adding noise to datasets can reduce the accuracy of analytical results. Striking the right balance between privacy and utility requires careful calibration.
Technical Complexity: Deploying DP solutions, especially in large-scale systems, demands expertise and robust infrastructure.
Awareness and Adoption: Despite its benefits, many organizations remain unaware of DP or lack the resources to adopt it effectively.

Differential Privacy is a game-changer for the FinTech industry, enabling institutions to harness the power of data without compromising individual privacy. As the sector continues to embrace data-driven innovation, DP’s role in ensuring secure and ethical data use will only grow. By addressing its challenges and scaling its adoption, FinTech can achieve a harmonious balance of privacy, utility and compliance, setting a new standard for responsible data management.

The post The Role of Differential Privacy in FinTech first appeared on Encrypt.

Implementation of a tool for risk assessment of personal data processing using a methodology based on the LINDDUN and MITRE ATT&CK frameworks

admin — Thu, 16 Jan 2025 18:53:51 +0000

In the article “ENCRYPT Blog Series #4: Privacy Risk Assessment”, various methodologies were presented to carry out a privacy-related risk assessment. Specifically, the ENISA methodology was described, which is related to GDPR and provides support to data controllers and data processors to be GDPR compliant.

In this post, we will look at the possibility of using the ENISA methodology to build a tool that can provide support for conducting a privacy-related risk assessment. Another point on which we will focus will be the application domain, specifically we will see the differences between a general purpose approach and one related to a specific domain.

Using ENISA, a privacy risk assessment tool can be created, to help a user understand the risks and impacts to which their assets may be exposed. It would thus be useful for them to use a framework that helps them identify privacy threats such as LINDDUN. In addition to identifying and assessing privacy threats, the user will also need to identify what types of attacks they may be subject to using the MITRE ATT&CK framework. So, by starting with the ENISA methodology and extending it with the LINDDUN and MITRE ATT&CK frameworks, it is possible to create a new methodology from which to build a privacy risk assessment tool.

In making an assessment that does not take into account the application domain, the user will have to describe all the assets involved in their personal data processing. This methodology has a problem, as the user (in some cases) may underestimate or not consider various threats or vulnerabilities. This may cause an assessment to be completed with gaps, which could result in the user not being guided correctly. If the user were to make an assessment for a specific domain, the system can provide a taxonomy of assets in that domain and can guide the user by pointing out the threats and vulnerabilities to which the assets they have chosen may be subject to. Therefore, the ENCRYPT privacy risk assessment tool will be developed for three application domains – which are healthcare, fintech and CTI.

In order to create a taxonomy for each application domain, it is necessary to compare with domain experts, so that the most common assets can be indicated. Once the assets are listed, for each of them an attack scenario will need to be created, and this will allow us to identify the attack techniques to which it may be vulnerable and privacy threats to which it may be subject. In implementing the taxonomy within the tool, it is necessary to anticipate that it can be expanded with new assets and that we can modify the privacy threats and vulnerabilities assigned to the assets.

Using the methodology described above and once the taxonomies for the various application domains were defined, the privacy risk assessment tool was created. The process the user goes through to complete the assessment is summarized in the figure below.

Once the assessment has been completed, the user will be able to see the assessment of the risks to which their personal data processing is exposed, and based on the assessment made, the user can decide what countermeasures to apply to make their assets more secure. The data entered into the privacy risk assessment tool can also be shared with other applications in the ENCRYPT infrastructure.

The methodology that has been developed has enabled us to create this tool, which for now works on only three domains. In the future we could consider expanding the application domains, thus providing support for the compilation of assessments in multiple domains.

The post Implementation of a tool for risk assessment of personal data processing using a methodology based on the LINDDUN and MITRE ATT&CK frameworks first appeared on Encrypt.

Encrypt

Press Release #6: ENCRYPT Project close to Completion – Thank you all for your Support!

Record Linkage in Healthcare Research

Background

Problem

Motivation

Protecting Privacy while Linking Data

What Is a Trusted Execution Environment (TEE)?

What Is a Trusted Execution Environment (TEE)?

Our Secure Application: An Overview

Step by step: Secure Processing Inside the TEE:

Testing Privacy-Preserving Record Linkage with Synthetic Data

A Unified and Privacy-Preserving Dataset

ENCRYPT Hackathon (2): Data Readiness for Privacy-Preserving Technologies

Join us for the ENCRYPT Hackathon!

Agenda of Hackathon

Discover and Learn

Why Participate?

How to Attend!

Press Release #5: Plenary Meeting in Thessaloniki

ENCRYPT Final Event: ENCRYPTing Europe towards Secure and Federated Data Use

Final Event Agenda

ENCRYPTing Financial Data: How the ENCRYPT Project is Making FinTech Safer and Smarter

Why Privacy Matters in FinTech

Smart Tools for Secure Analytics

Real-World Impact: Helping Banks Work Smarter

Looking Ahead

Innovative Ontology Mapping Framework Unveiled at SWAT4HCLS 2025

ENCRYPT Hackathon: Data Readiness for Privacy-Preserving Technologies

Join us for the ENCRYPT Hackathon!

Agenda of Hackathon

Discover and Learn

Why Participate?

How to Attend!

The Role of Differential Privacy in FinTech

Differential Privacy

Case Study: Differential Privacy in ENCRYPT

Challenges and Considerations

Implementation of a tool for risk assessment of personal data processing using a methodology based on the LINDDUN and MITRE ATT&CK frameworks