Move Away HIPAA And GDPR, Here Comes CrypTFlow – Secure AI Inferencing Without Data Sharing


  • Currently, running Artificial Intelligence (AI) algorithms on medical images requires either the sharing of medical images with developers of the algorithms, or sharing of the algorithms with the hospitals. Both these options are sub-optimal since there is always a real risk of patient privacy breach or of intellectual property theft.
  • Encryption is the process of converting data into a “secret code” using a “key” making the data meaningless for anyone without the key. The challenge is that, with current technology, the key needs to be shared with the AI developer, so that the data can be converted to its meaningful form, thereby compromising the security and privacy of the data.
  • We propose using CrypTFlow, which uses Multi-Party Computation and encryption to run AI algorithms on medical images without sharing the encryption key described above. This means that the images remain in the hospital network, the AI algorithm remains in the AI developer’s network, but the AI is still able to run on the images.
  • We will present the results of our experiments of running CheXpert, an AI algorithm, on Chest X-Rays.


  • Current privacy and intellectual property concerns with deploying AI algorithms in clinical practice • What is encryption? • What is multi-party computation (MPC)?
  • What is CrypTFlow and how can it help run AI algorithms without requiring data to be shared with AI developers?
  • Results of running CheXpert AI algorithm using CrypTFlow - accuracy, time and computation - The Future of secure AI deployment

    The poster can be viewed here: CrypTFlow-Secure-AI-Inferencing