Skip to Content

All medical domains services

TEF-Health testing, validation and compliance services for All medical domains.

4 services

  • AI Privacy Risk Testing and Compliance Support

    RISE Research Institutes Of Sweden

    Your AI models might be leaking personal data or trade secrets. GDPR and the AI Act expect you to check this — not hope for the best. We deliver reproducible and defensible testing, so your decisions — and your audits — rest on evidence instead of assumptions. Organisations that build or deploy AI models must meet strict privacy and cybersecurity obligations under GDPR, the EU AI Act, and sector‑specific rules. Models can unintentionally memorise and leak personal data through attacks such as membership inference, data reconstruction, and data extraction — creating real compliance and reputational risks. GDPR requires organisations to prevent downstream exposure of personal data and to honour the Right to be Forgotten, which in practice demands testing whether individual training data still leaves detectable traces inside a model. Beyond privacy, AI models may also reveal proprietary or confidential business information, turning leakage into an IP and cybersecurity risk, not just a data‑protection issue. The EU AI Act reinforces this by requiring testing under foreseeable misuse, including privacy‑relevant attacks. LeakPro provides structured, empirical stress‑testing of AI models to measure privacy and IP leakage, validate privacy‑enhancing technologies, and generate audit‑ready evidence for DPIAs, GDPR, and AI Act compliance. This service maps to the following articles within AI-act: • Article 9 Risk management system — Continuous lifecycle risk management to keep your AI compliant and under control. • Article 10 Data and Data Governance — Validate that your training data meets state-of-the-art privacy and security standards. • Article 15 Accuracy, robustness and cybersecurity — Proactively detect and mitigate confidentiality attacks before they become real risks. The audit reports constitute evidence that feeds into the technical documentation (Article 11 — Technical documentation, Annex IV). How can the service help you? • Detect leakage of personal data, sensitive attributes, or proprietary information. • Check data traceability to support GDPR Right‑to‑be‑Forgotten obligations. • Validate and tune synthetic data, federated learning, and differential privacy. • Provide quantitative leakage‑risk indicators for audits, DPIAs, and procurement. • Advise on privacy‑resilient AI design already at investment and planning. How the service will be delivered Logistics • Delivered via RISE secure environments or customer infrastructure. • Supports models across text, tabular, image, time‑series and graph modalities. • Option for iterative collaboration during model development or one‑off audits. Delivery period Engagements are planned in phases depending on the scope, starting with a general assessment (qualitative), followed by attack simulation (quantitative) and reporting. Duration • Short engagement: 3–6 weeks • Complex model audits or PET optimization: 2–4 months Customer requirement • Provide intended use-case, regulatory context, and risk appetite • Documentation of model development and system environment. • Optional: Access to model artefacts and training data for technical study. Deliveries • Tailored attack suite configuration • Execution of privacy and IP leakage attacks • PET tuning recommendations • Compliance‑aligned summary (reporting evidence for GDPR, AI Act, etc) Output • Technical leakage‑risk metrics • Training data traceability assessment (Right‑to‑be‑Forgotten) • Harm‑oriented explanation for DPIAs • Recommendations for mitigation and governance

    View service →
  • RISE Cyber Range – Cybersecurity Training, Testing, and Penetration Testing Environment

    RISE Research Institutes Of Sweden

    RISE Cyber Range is a secure and realistic training and testing environment. The service also includes controlled penetration testing. Organizations can use the environment to practice and evaluate their ability to prevent, detect, and manage cyberattacks. The service is designed to be understandable even for non-technical decision-makers. It provides a clear picture of an organization’s cybersecurity maturity. RISE Cyber Range uses highly realistic IT and OT environments. These environments are used to identify technical vulnerabilities through penetration testing. They are also used to improve incident response capabilities. The service strengthens collaboration between technical teams, management, and business functions. How can the service help you? The service helps organizations to: - Perform penetration testing - Train staff using realistic cyber incident scenarios - Test technical safeguards and processes in a safe environment - Evaluate organizational readiness and decision-making under pressure - Identify improvement areas before real incidents occur How the service will be delivered Logistics: The Cyber Range environment is provided by RISE and can be delivered on-site, remotely, or as a hybrid solution depending on customer needs. Delivery period: Delivery is planned in close cooperation with the customer and can be conducted as a single engagement or as a series of recurring exercises over time. Duration: The duration of the exercises ranges from a few hours to several days, depending on the scenario and desired level of depth. Customer requirement: The customer is expected to provide high-level information about their organization, relevant threat scenarios, and participants for the exercise. Deliveries: RISE delivers a fully configured cyber range environment, scenario-driven attacks, facilitation, and technical and methodological support throughout the engagement. Output: After completion of the service, the customer receives structured feedback in the form of observations, analysis, and recommendations. Service customization The service can be customized to meet the customer's specific needs, technical environment and level of maturity in cybersecurity. The assessment process begins with a joint meeting where the customer and a technical team from RISE discuss different options and tailor a service that is designed based on the customer's needs.

    View service →
  • Robot Reality Check: Clinical Test Environments for Social Robotics

    Fraunhofer Gesellschaft Zur Forderung Der Angewandten Forschung Ev (Fraunhofer)

    **Who Can Benefit:** - Robotics Companies: For testing and validating social robots and speech-enabled systems in realistic clinical environments before market entry. - AI & NLP Developers: For evaluating natural language interfaces on physical robotic platforms in real healthcare workflows. - Healthcare Institutions: For assessing how robotic systems perform in their specific clinical contexts before committing to procurement. - Research Groups: For conducting HRI studies in controlled yet realistic hospital settings with access to clinical staff and infrastructure. **Equipment / Robotics Platforms:** - SoftBank Robotics Pepper humanoid social robot designed for increased engagement with the patient via expressive upper body mechanics. - Temi mobile service robot designed for telepresence, guidance, and information delivery as well as conversational interactions. **Key Features:** - Access to a dedicated Real-Lab (Reallabor) providing hardware and clinical test environments for evaluating robotic systems in healthcare settings - Testing of NLP/speech-enabled robots in realistic clinical workflows with actual healthcare personnel - Evaluation infrastructure for both controlled laboratory experiments and in-situ ward-level assessments - Multi-disciplinary support combining robotics engineering, clinical expertise, and social science perspectives **Possible Applications:** - Ward Assistant Robot Testing: Evaluating mobile robots designed to support nursing staff with logistics, information delivery, or patient guidance in realistic hospital corridors and wards. - Speech Interface Validation: Testing natural language dialogue systems on robotic platforms in noisy, dynamic clinical environments to assess robustness and usability. - Staff Relief Assessment: Quantifying the cognitive, physical, and time-based relief potential of robotic systems for medical personnel through structured pilot studies. - Patient Interaction Evaluation: Assessing how patients (across age groups, health conditions, and tech literacy) respond to and interact with social robots in clinical settings. - Workflow Integration Testing: Evaluating how robotic systems integrate into existing clinical workflows without disruption, including edge cases and failure scenarios. - Multi-Robot Coordination: Testing multiple robotic systems operating simultaneously in shared clinical spaces. **Who We Are:** The **Fraunhofer Insitute for Integrated Circuits (Fraunhofer IIS)** has established the **"Center for Sensor Technology and Digital Medicine" (CEMDIS)** in cooperation with the Universitätsklinikum Erlangen and the Friedrich-Alexander-Universität Erlangen-Nürnberg (FAU) to enhance modern healthcare through **innovative sensor technology** and **digital solutions**. This center focuses on integrating **innovative medical technologies** such as **wearables** and **robotic systems** to support **medical diagnostics**, **patient monitoring** and **evaluating patient-specific therapies** by providing digital health solutions für real-life healthcare. Located at the Universitätsklinikum Erlangen, it offers unique infrastructures for the **development**, **integration**, and **validation** of novel health technologies, providing companies opportunities for **technological advancements**. For more information, visit the [Fraunhofer IIS website](https://www.iis.fraunhofer.de/de/ff/sse/health/zentrum-sensorik-medizin.html).

    View service →
  • TEF-Gateway

    Karolinska Institutet (KI)

    Comprehensive assessment of healthcare AI startups and SMEs across four readiness dimensions—technical, regulatory, organisational, and market—delivering a prioritised roadmap to close identified gaps. The service includes: Technical Readiness Assessment Evaluation of AI model maturity, data pipeline robustness, validation status, deployment architecture, and scalability for clinical or production environments. Regulatory Readiness Assessment Review of compliance posture against the EU AI Act, MDR requirements, GDPR obligations, and status of ethical approvals. Organisational Readiness Assessment Assessment of team competencies, governance structures, quality management systems, and post-market surveillance capability. Market Readiness Assessment Review of product-market fit, go-to-market strategy, reimbursement pathways, value proposition clarity, and competitive positioning. Gap Analysis & Roadmap Structured mapping of gaps between current and target state across all dimensions, with prioritised recommendations, indicative timelines, and a follow-up session.

    View service →