On February 24, the Shenzhen World Exhibition & Convention Center was packed with professionals in healthcare informatics.
At 9:40 a.m., Alex finally arrived at the venue. Although the distance was only a few kilometers, it still took him more than 50 minutes. Meanwhile, Ms. Li, who had waited at the registration desk for over an hour, finally received her admission badge. In the exhibition area of Hall 17, more than 300 companies exhibited, attracting over 60,000 visitors. They clearly sensed that “companies have a stronger desire to do business.”
According to bidding data from the Artery Orange database over the past three years, there were 5,146 winning bids for informatization projects in 2022, nearly matching the combined total of 5,246 winning bids in 2020 and 2021. In January 2023, the medical IT industry also saw 12 orders valued at over ten million yuan each. This signals that hospitals and enterprises are shifting their focus from epidemic prevention back to the high-quality development of healthcare institutions.
In the conference area of Hall 18, located across from the exhibition zone, 49 sub-forums and 55 academic exchange events were held over the course of three days. Experts, scholars, technical professionals, and corporate representatives from across China in the fields of healthcare informatization and digital medicine joined the discussions, with many familiar faces in attendance. “It felt as if everyone involved in healthcare informatization in China had come.”
For participants in the healthcare IT industry, this premier academic conference in China’s healthcare IT sector is a valuable opportunity for technological learning and business development.
Judging by the overall trends at the CHINC exhibition, smart hospital development remains a core topic. Upon closer examination of this theme, VCBeat observed two notable phenomena: during the 2022 CHINC conference, there were approximately nine premium training sessions and sub-forums focused on or incorporating healthcare security; additionally, the exhibition area dedicated to healthcare security expanded. Companies specializing in healthcare security and related services—such as Meichuang Technology, Shucun Technology, Sangfor Technologies, Topsec, H3C, and Yifang Health Data—showcased new technologies and products to address increasingly rampant security threats.
Before discussing specific technologies and products, let us first review the landscape of the medical data security industry in 2022.
In that year, in accordance with the requirement set forth in the Overall Plan for Comprehensive Pilot Reforms on Market-Based Allocation of Production Factors to complete the layout of pilot regions and the preparation and approval of implementation plans by the first half of 2022, various regions across China and industry enterprises collaboratively advanced explorations in the field of health and medical big data.
As a prerequisite for fostering the development of the data element market, legal definitions of data governance rules and data property rights, as well as the formulation of differentiated governance rules for the disclosure, circulation, and trading of various types of data, still need to be improved. In light of this, the state has also accelerated the top-level legislative design concerning data.
In September, on the first anniversary of the implementation of the Data Security Law, the Measures for Cybersecurity Management of Medical and Health Institutions, the first administrative regulation dedicated to cybersecurity in this sector, was prominently released. As a specialized standard for cybersecurity management in the healthcare industry, it serves as a foundational policy document for medical and health institutions, featuring strong top-level design characteristics.
In November, the Personal Information Protection Law also marked one year of implementation in personal privacy protection. Meanwhile, data security has become a key area deployed in the “14th Five-Year Plan for the Digitalization of National Health,” being continuously advanced as a major task and priority action.
In December, the State Council released the “Opinions of the Central Committee of the Communist Party of China and the State Council on Building a Basic Data System to Better Leverage the Role of Data as a Factor of Production,” commonly known as the “Twenty Data Measures.” The document proposes establishing institutional frameworks for data property rights, circulation and trading, income distribution, and security governance, thereby initially forming China’s basic data system framework. The value of data as a factor of production has once again been highlighted.
Furthermore, the emphasis on smart hospital construction at this conference serves as a key lever for promoting high-quality development in hospitals. The realization of smart hospitals relies heavily on hospital big data analytics and robust data security support. Given the high commercial value and sensitivity of medical data, both government authorities and hospitals attach great importance to building and safeguarding data security across all levels, including terminals, networks, systems, and business operations.
In the process of promoting the marketization of data elements and the construction of smart hospitals, it is imperative to uphold the baseline of data security. VCBeat believes that,Synergistic efforts in institutional development and technological innovation can better achieve a balance between hospital safety and operations. Specifically, on one hand, concrete supporting regulations at the implementation level should be continuously refined under the initially established legal framework for data security; on the other hand, security protection technologies should be continually innovated, security measures upgraded, and the level of hospital security services improved.
The intensity of recent policy releases on data security indicates that relevant national authorities have recognized the significant risks associated with data security and are implementing improvements through both top-level design and practical operations. Looking beyond the stringent regulatory provisions, a clear industry direction for the new data era emerges: companies that previously relied on exploiting personal privacy data are now facing unprecedentedly strict regulation, while the tightening of oversight serves as a direct benefit to the broader medical safety industry, including the data security sector.
In the realm of technological innovation, the boundaries for the secure use of medical data have been continuously expanding in recent years with the emergence of technologies such as data de-identification, privacy-preserving computation, and blockchain. For instance, privacy-preserving computation enables joint analysis and mining of data from multiple parties without requiring raw data to leave their respective domains, thereby separating the roles of data owners and data users. This technology has become a key component in driving high-quality digital transformation in healthcare. At the CHINC conference, we also observed several medical security vendors showcasing application outcomes powered by these advanced technologies.
Return to the site, and enter the exhibition area by descending the stairs from the second-floor platform.H3CThe booth was right before our eyes, with its “Omni-Domain Data Lake Solution” prominently displayed.
According to H3C, this solution enables near real-time extraction and governance of comprehensive hospital data, integrates data elements, and achieves enterprise-wide data sharing across smart hospitals. It synchronizes data in real time to the management backend, standardizes data usage practices, unifies data-sharing interfaces, and ensures clear data traceability. In practical implementation, H3C has developed a Smart Medical Research Platform solution to empower research scenarios such as clinical medical research, drug development, and precision medicine research.
Furthermore, to ensure that data remains usable but not visible during cross-center sharing,H3C Leverages Privacy-Preserving Computation, Blockchain, and High-Performance Computing to Build a Multi-Center Scientific Research Platform Solution, expanding the frontiers of medical research and laying a solid technical foundation for the circulation of medical data elements.
Going further inside,Yifang Health Data's "Tree of Data Value"It is truly eye-catching. This tree model consists of “roots,” a “trunk,” and “fruit.” According to Wingmed Data, planting “trees” to create a “forest” embodies the company’s vision of “fostering a thriving ecosystem by connecting all stakeholders in the industry, thereby driving the generation and realization of value from medical data.”
"Tree Root"Leveraging the Yishufang XDP privacy-preserving computation platform, we aggregate and channel multi-source heterogeneous medical data “nutrients” to facilitate a series of processes within the platform, including data ingestion, data governance, data rights confirmation, authorized data usage, privacy-preserving computation, and data value output.“Trunk”Leveraging the Wingsoft XDP platform, it delivers a rich suite of AI capabilities, including AI-driven data governance and master data management, to build more precise AI applications such as clinical diagnosis and treatment rationality engines, disease surveillance and early warning systems, and predictive assessment models. Following the first two phases of data circulation and collaboration, this has yielded full-chain intelligent applications encompassing data asset utilization, disease control surveillance and early warning, health insurance risk control, clinical research, medical record quality control, commercial insurance underwriting and claims verification, and OCR-based intelligent analysis."Fruit"。
The representative stated that, given the highly specialized nature, high entry barriers, sensitivity, and stringent privacy requirements of medical data, as well as the lack of interoperability among datasets,Yifang Health Data leverages privacy-preserving secure computation, artificial intelligence, and big data technologies to build the “Data Value Tree.” This framework enables the extraction of data value through computation and facilitates secure sharing without disclosing raw data, thereby breaking down barriers to the circulation of medical data value and accelerating the interconnectivity and value release of “data nutrients.”。
From the demand side, a staff member from Meichuang Technology introduced that currently,Hospitals’ perspectives are also evolving, shifting from a narrow focus on point-specific security to greater emphasis on safeguarding data throughout its entire lifecycle.“For them, the construction of smart hospitals covers a broader scope and involves more specialized fields, thus necessitating a systematic, holistic solution.”In terms of product procurement, hospitals are also shifting from single products to security services such as data security governance and data classification and grading.
Demand Drives Product Upgrades. Meichuang Technology also introduced new solutions and insights on “data security and digital transformation in the healthcare industry.” Taking the construction plan for healthcare data classification and grading as an example, Meichuang Technology leverages its professional consulting team and intelligent tools, while aligning with healthcare business characteristics and industry standards, to develop practical identification models for core and important data. According to Meichuang Technology, this solution follows a structured implementation path—“current state assessment, standard establishment, strategy formulation, data identification, and result application”—to solidify the foundation of data security in the healthcare sector: data classification and grading.
Furthermore, Sangfor Technologies and the Cloud Computing and Big Data Institute of CAICT jointly unveiled the “Medical Information Innovation Laboratory,” officially kicking off their collaboration on information innovation initiatives in the healthcare sector. Shucun Technology showcased its core products, including massive data backup solutions, continuous data protection solutions, and comprehensive disaster recovery solutions. Topsec, meanwhile, presented an integrated solution featuring intelligent automated identification for IoT security, classification and grading of IoT assets, IoT network access, and automatic matching of access policies.
Although the 2022 CHINC conference has concluded, the advancement of healthcare informatization continues unabated, and safeguarding hospitals and medical data will remain an ever-relevant hot topic.