25gmds131 10.3205/25gmds131 urn:nbn:de:0183-25gmds1316 Meeting Abstract Hüning Hüning Simon S

Institute of Medical Informatics, Medical Faculty of RWTH Aachen University, Aachen, Germany

author Kombeiz Kombeiz Alexander A

Institute of Medical Informatics, Medical Faculty of RWTH Aachen University, Aachen, Germany

author Röhrig Röhrig Rainer R

Institute of Medical Informatics, Medical Faculty of RWTH Aachen University, Aachen, Germany

author Majeed Majeed Raphael W. RW

Institute of Medical Informatics, Medical Faculty of RWTH Aachen University, Aachen, Germany Department of Internal Medicine, Universities of Giessen and Marburg Lung Center (UGMLC), Member of the German Center for Lung Research (DZL), Gießen, Germany

author Bienzeisler Bienzeisler Jonas J

Institute of Medical Informatics, Medical Faculty of RWTH Aachen University, Aachen, Germany

author German Medical Science GMS Publishing House

Düsseldorf

610 privacy-preserving machine learning research data management electronic health records privacy 20251103 engl This is an Open Access article distributed under the terms of the Creative Commons Attribution 4.0 License. Dieser Artikel ist ein Open-Access-Artikel und steht unter den Lizenzbedingungen der Creative Commons Attribution 4.0 License (Namensnennung). M0631 131 Deutsche Gesellschaft für Medizinische Informatik, Biometrie und Epidemiologie 70. Jahrestagung der Deutschen Gesellschaft für Medizinische Informatik, Biometrie und Epidemiologie e. V. (GMDS) PS 5: IT-Infrastruktur 1 Jena 20250907 20250911 Abstr. 302 Gemeinsamer Bundesausschuss Bundesministerium für Bildung und Forschung (BMBF) Bundesministerium für Bildung und Forschung (BMBF) TextIntroduction: This work presents a proposed architecture that enables the secure deployment of machine learning (ML) models in distributed healthcare environments. ML models are typically developed in centralized environments, but their deployment in healthcare occurs in decentralized, highly protected clinical environments. Sensitive patient data must be protected from unauthorized access, requiring strict isolation and limiting external data connections . ML environments must accommodate heterogeneous hardware and different ML frameworks, which makes deployment complex. Scalability remains an issue, as decentralized systems must efficiently handle growing datasets and computational demands. The AKTIN Network operates a decentralized infrastructure for the standardized collection and local storage of routine emergency care data across German hospitals, the AKTIN infrastructure . Data remains on-site and is queried via a federated model, ensuring full institutional control and compliance with data protection regulations . In the context of the KlimaNot project, machine learning models are developed based on data collected within the AKTIN infrastructure and analyzed together with weather data. To enable their deployment and use, our objective is to draft a conceptual framework that allows these models to be executed locally at participating hospitals while safeguarding data privacy and information security. State of the art: Privacy in clinical ML is commonly framed by the Five Safes model . Approaches like the Personal Health Train enable distributed computing, while the UK Health Data Research Alliance provides a guideline to implement a trusted research environment in which ML models can be deployed , . However, these frameworks do not address scalable, continuous on-premises model deployment in routine care settings, nor do they include mechanisms for institution-level model approval and integration into operational IT. Concept and implementation: We propose a modular, privacy-preserving architecture for local ML inference using the AKTIN data warehouse as a trusted source. The Architecture Communication Canvas serves as a tool to communicate and document architecture. The system is implemented as a Trusted Research Environment under the Five Safes framework. After being reviewed and approved by local IT and medical staff, models are executed in containerized local environments. They access data exclusively through a dedicated loader and remain fully isolated from raw patient data. The design supports heterogeneous infrastructures and is evaluated within the KlimaNot project as a scalable solution for secure ML deployment in routine care and research. Lessons learned: The Five Safes framework enables secure ML inference in decentralized healthcare. Our architecture shows that local, container-based execution is feasible, but real-world analysis revealed challenges that hospitals require flexible infrastructure support, model validation must be locally approved by IT and clinical staff, and data access must be tightly controlled via dedicated loaders. Ensuring reproducibility and scalability requires container registries and version control. Detailed technical and procedural aspects will be addressed in a forthcoming full paper. Acknowledgement: Funding by the G-BA Innovationsfonds (01VSF23017) and the German Federal Ministry of Education and Research and Network of University Medicine “NUM 2.0” (01KX2121), “AKTIN@NUM” (01KX1319A).The authors declare that they have no competing interests.The authors declare that an ethics committee vote is not required. Desai T Five safes: designing data access for research 2016 Economics Working Paper Series 28 Desai T, et al. Five safes: designing data access for research. Economics Working Paper Series. 2016;1601:28. Ahlbrandt J Balancing the need for big data and patient data privacy - an IT infrastructure for a decentralized emergency care research database 2014 Stud Health Technol Inform 750-4 Ahlbrandt J, et al. Balancing the need for big data and patient data privacy - an IT infrastructure for a decentralized emergency care research database. Stud Health Technol Inform. 2014;205:750-4. Bienzeisler J Implementation report on pioneering federated data access for the German National Emergency Department Data Registry 2025 npj Digit Med 94 Bienzeisler J, et al. Implementation report on pioneering federated data access for the German National Emergency Department Data Registry. npj Digit Med. 2025;8:94. Hubbard T 2020 Trusted Research Environments (TRE) Green Paper Hubbard T, et al. Trusted Research Environments (TRE) Green Paper. Zenodo; 2020. Beyan O Distributed analytics on sensitive medical data: the personal health train 2020 Data Intell 96-107 Beyan O, et al. Distributed analytics on sensitive medical data: the personal health train. Data Intell. 2020;2(1-2):96-107. 0 0 0 0