-
AI Privacy Risk Testing and Compliance Support
RISE Research Institutes Of Sweden
Your AI models might be leaking personal data or trade secrets. GDPR and the AI Act expect you to check this — not hope for the best. We deliver reproducible and defensible testing, so your decisions — and your audits — rest on evidence instead of assumptions.
Organisations that build or deploy AI models must meet strict privacy and cybersecurity obligations under GDPR, the EU AI Act, and sector‑specific rules. Models can unintentionally memorise and leak personal data through attacks such as membership inference, data reconstruction, and data extraction — creating real compliance and reputational risks.
GDPR requires organisations to prevent downstream exposure of personal data and to honour the Right to be Forgotten, which in practice demands testing whether individual training data still leaves detectable traces inside a model.
Beyond privacy, AI models may also reveal proprietary or confidential business information, turning leakage into an IP and cybersecurity risk, not just a data‑protection issue. The EU AI Act reinforces this by requiring testing under foreseeable misuse, including privacy‑relevant attacks.
LeakPro provides structured, empirical stress‑testing of AI models to measure privacy and IP leakage, validate privacy‑enhancing technologies, and generate audit‑ready evidence for DPIAs, GDPR, and AI Act compliance.
This service maps to the following articles within AI-act:
• Article 9 Risk management system — Continuous lifecycle risk management to keep your AI compliant and under control.
• Article 10 Data and Data Governance — Validate that your training data meets state-of-the-art privacy and security standards.
• Article 15 Accuracy, robustness and cybersecurity — Proactively detect and mitigate confidentiality attacks before they become real risks.
The audit reports constitute evidence that feeds into the technical documentation (Article 11 — Technical documentation, Annex IV).
How can the service help you?
• Detect leakage of personal data, sensitive attributes, or proprietary information.
• Check data traceability to support GDPR Right‑to‑be‑Forgotten obligations.
• Validate and tune synthetic data, federated learning, and differential privacy.
• Provide quantitative leakage‑risk indicators for audits, DPIAs, and procurement.
• Advise on privacy‑resilient AI design already at investment and planning.
How the service will be delivered
Logistics
• Delivered via RISE secure environments or customer infrastructure.
• Supports models across text, tabular, image, time‑series and graph modalities.
• Option for iterative collaboration during model development or one‑off audits.
Delivery period
Engagements are planned in phases depending on the scope, starting with a general assessment (qualitative), followed by attack simulation (quantitative) and reporting.
Duration
• Short engagement: 3–6 weeks
• Complex model audits or PET optimization: 2–4 months
Customer requirement
• Provide intended use-case, regulatory context, and risk appetite
• Documentation of model development and system environment.
• Optional: Access to model artefacts and training data for technical study.
Deliveries
• Tailored attack suite configuration
• Execution of privacy and IP leakage attacks
• PET tuning recommendations
• Compliance‑aligned summary (reporting evidence for GDPR, AI Act, etc)
Output
• Technical leakage‑risk metrics
• Training data traceability assessment (Right‑to‑be‑Forgotten)
• Harm‑oriented explanation for DPIAs
• Recommendations for mitigation and governance
View service →
-
Robot Reality Check: Clinical Test Environments for Social Robotics
Fraunhofer Gesellschaft Zur Forderung Der Angewandten Forschung Ev (Fraunhofer)
**Who Can Benefit:**
- Robotics Companies: For testing and validating social robots and speech-enabled systems in realistic clinical environments before market entry.
- AI & NLP Developers: For evaluating natural language interfaces on physical robotic platforms in real healthcare workflows.
- Healthcare Institutions: For assessing how robotic systems perform in their specific clinical contexts before committing to procurement.
- Research Groups: For conducting HRI studies in controlled yet realistic hospital settings with access to clinical staff and infrastructure.
**Equipment / Robotics Platforms:**
- SoftBank Robotics Pepper humanoid social robot designed for increased engagement with the patient via expressive upper body mechanics.
- Temi mobile service robot designed for telepresence, guidance, and information delivery as well as conversational interactions.
**Key Features:**
- Access to a dedicated Real-Lab (Reallabor) providing hardware and clinical test environments for evaluating robotic systems in healthcare settings
- Testing of NLP/speech-enabled robots in realistic clinical workflows with actual healthcare personnel
- Evaluation infrastructure for both controlled laboratory experiments and in-situ ward-level assessments
- Multi-disciplinary support combining robotics engineering, clinical expertise, and social science perspectives
**Possible Applications:**
- Ward Assistant Robot Testing: Evaluating mobile robots designed to support nursing staff with logistics, information delivery, or patient guidance in realistic hospital corridors and wards.
- Speech Interface Validation: Testing natural language dialogue systems on robotic platforms in noisy, dynamic clinical environments to assess robustness and usability.
- Staff Relief Assessment: Quantifying the cognitive, physical, and time-based relief potential of robotic systems for medical personnel through structured pilot studies.
- Patient Interaction Evaluation: Assessing how patients (across age groups, health conditions, and tech literacy) respond to and interact with social robots in clinical settings.
- Workflow Integration Testing: Evaluating how robotic systems integrate into existing clinical workflows without disruption, including edge cases and failure scenarios.
- Multi-Robot Coordination: Testing multiple robotic systems operating simultaneously in shared clinical spaces.
**Who We Are:**
The **Fraunhofer Insitute for Integrated Circuits (Fraunhofer IIS)** has established the **"Center for Sensor Technology and Digital Medicine" (CEMDIS)** in cooperation with the Universitätsklinikum Erlangen and the Friedrich-Alexander-Universität Erlangen-Nürnberg (FAU) to enhance modern healthcare through **innovative sensor technology** and **digital solutions**. This center focuses on integrating **innovative medical technologies** such as **wearables** and **robotic systems** to support **medical diagnostics**, **patient monitoring** and **evaluating patient-specific therapies** by providing digital health solutions für real-life healthcare. Located at the Universitätsklinikum Erlangen, it offers unique infrastructures for the **development**, **integration**, and **validation** of novel health technologies, providing companies opportunities for **technological advancements**. For more information, visit the [Fraunhofer IIS website](https://www.iis.fraunhofer.de/de/ff/sse/health/zentrum-sensorik-medizin.html).
View service →
-
TEF-Gateway
Karolinska Institutet (KI)
Comprehensive assessment of healthcare AI startups and SMEs across four readiness dimensions—technical, regulatory, organisational, and market—delivering a prioritised roadmap to close identified gaps.
The service includes:
Technical Readiness Assessment
Evaluation of AI model maturity, data pipeline robustness, validation status, deployment architecture, and scalability for clinical or production environments.
Regulatory Readiness Assessment
Review of compliance posture against the EU AI Act, MDR requirements, GDPR obligations, and status of ethical approvals.
Organisational Readiness Assessment
Assessment of team competencies, governance structures, quality management systems, and post-market surveillance capability.
Market Readiness Assessment
Review of product-market fit, go-to-market strategy, reimbursement pathways, value proposition clarity, and competitive positioning.
Gap Analysis & Roadmap
Structured mapping of gaps between current and target state across all dimensions, with prioritised recommendations, indicative timelines, and a follow-up session.
View service →
-
AI cybersecurity evaluation
Laboratoire National De Metrologie Et D'Essais (LNE)
Evaluation of the AI system regarding its robustness against cybersecurity issues ( risk assessment, secure Data, access Control and Authentication, etc …) This will include the design of test protocols, the realization of tests, the analysis of results and production of a test reports.
View service →
-
AI model evaluation/assessment: Clinical model validation
Centro Hospitalar De Sao Joao Epe (CHSJ)
The service offers SMEs expert evaluation and validation of their AI models intended for clinical use. Leveraging the hospital's domain expertise in healthcare and data analytics, this service assesses the accuracy and clinical suitability of AI models in real-world clinical scenarios by assessing models against clinically relevant metrics, benchmarks, and regulatory standards, it ensures their safety, reliability, and effectiveness in real-world healthcare settings.
View service →
-
AI model evaluation/assessment: Clinical model validation
Unidade Local De Saúde De Coimbra EPE (ULS Coimbra EPE)
The service offers SMEs expert evaluation and validation of their AI models intended for clinical use. Leveraging the hospital's domain expertise in healthcare and data analytics, this service assesses the accuracy and clinical suitability of AI models in real-world clinical scenarios by assessing models against clinically relevant metrics, benchmarks, and regulatory standards, it ensures their safety, reliability, and effectiveness in real-world healthcare settings.
View service →