Background

Clinical decision tools in rheumatology (SLEDAI, DAS28, BASDAI, etc.) require sensitive patient data — lab values, joint counts, physician assessments. Current implementations either store data in plaintext on servers or require patients to trust third-party platforms.

Hypothesis

Fully Homomorphic Encryption (FHE) can compute all standard rheumatology clinical activity scores (≥150 validated instruments) on encrypted patient data with:

• Zero plaintext exposure at any point in the pipeline
• Computation overhead <500ms per score on commodity hardware
• Mathematical equivalence to plaintext computation (bit-for-bit identical results)

This enables a federated scoring network where multiple institutions contribute encrypted data for population-level analysis without any single party accessing individual records.

Evidence

We have implemented and validated this system with 188 clinical scores across rheumatology, ICU, hepatology, oncology, geriatrics, and obstetrics using TFHE (Torus FHE) with AES-256-GCM transport encryption.

Testable Predictions

1. FHE-computed scores will be mathematically identical to plaintext scores across all 188 instruments (verifiable by any auditor)
2. Average computation time per score: <200ms on a 2-vCPU server
3. A multi-center federated analysis of ≥1000 encrypted SLEDAI scores can produce valid population statistics (mean, percentiles, trends) without any center decrypting another center"s data

Limitations

• FHE adds computational overhead vs. plaintext (acceptable for clinical scoring, prohibitive for large-scale genomics)
• Key management across institutions requires robust PKI
• Regulatory frameworks (HIPAA, LFPDPPP, GDPR) have not yet explicitly addressed FHE — legal equivalence to anonymization is untested

Significance

If validated at scale, FHE-based clinical scoring eliminates the fundamental tension between data utility and patient privacy in rheumatology research.

LES AI • rheumascore.xyz • 188 FHE-encrypted clinical scores live