Infraestruturas regulatórias computacionais para dados de saúde

Autores

DOI:

https://doi.org/10.59237/jurisfib.v17i17.932

Palavras-chave:

Federated learning, Blockchain permissionada, Padrões GS1, Governança de dados em saúde, Soberania digital

Resumo

As arquiteturas distribuídas de inteligência artificial (IA) vêm provocando uma inflexão estrutural na governança global de dados em saúde. Em vez de modelos centrados na transferência massiva e na concentração de bases de informação, emergem as bases para um futuro paradigma de coordenação computacional distribuída, interoperabilidade regulatória e de Federated Learning (FL). Este artigo investiga como arquiteturas compostas por FL, blockchain permissionada e padrões globais de interoperabilidade - especialmente os padrões GS1 - podem constituir infraestruturas regulatórias computacionais aptas a operacionalizar a governança de dados em saúde, a soberania digital e a compliance by architecture em ecossistemas globais de saúde e de supply chain. A pesquisa adota uma metodologia jurídico-teórica, interdisciplinar e comparativa, articulando Direito Digital, teoria institucional, governança algorítmica e computação distribuída. O trabalho dialoga com o GDPR, a LGPD, o HIPAA, a AI Act europeia, o European Health Data Space (EHDS), o Data Act e as Guidelines 02/2025 sobre o processamento de dados pessoais por meio de tecnologias blockchain, publicadas pelo European Data Protection Board (EDPB). Sustenta-se que as arquiteturas distribuídas de IA podem deslocar a lógica tradicional de governança, baseada na transferência internacional de dados, para modelos de coordenação regulatória, baseados em interoperabilidade, rastreabilidade e verificabilidade computacional. Conclui-se que tais arquiteturas têm potencial para consolidar novas formas de soberania digital e de constitucionalismo computacional transnacional, por meio das possibilidades proporcionadas pela GS1 e seus standards.

Downloads

Não há dados estatísticos.

Biografia do Autor

Wilson Engelmann, Unisinos

Doutor e Mestre em Direito Público, Programa de Pós-Graduação em Direito da Universidade do Vale do Rio dos Sinos - UNISINOS, Brasil; Estágio Pós-Doutoral em Direito Público - Direitos Humanos (Centro de Estudos de Segurança - CESEG) da Universidade de Santiago de Compostela, Espanha; Docente e pesquisador do Programa de Pós-Graduação em Direito - Mestrado e Doutorado e do Mestrado Profissional em Direito Empresarial, ambos da UNISINOS; Bolsista de Produtividade em Pesquisa do CNPq; Fundador do Grupo de Pesquisa JUSNANO

Referências

ALEXANDER, X. Francis. Federated Learning for privacy-preserving smart healthcare: an architectural overview. International Journal of Emerging Trends in Engineering and Technology, v. 1 Issue 1, p. 1-10, July-September 2025 DOI: https://doi.org/10.64137/IJETET-V1I1P101.

ALMUTAIRI, Suzan; BARNAWI, Ahmed. Federated learning vulnerabilities, threats, and defenses: a systematic review and future directions. Internet of Things, v. 24, 2023, 100947. https://doi.org/10.1016/j.iot.2023.100947.

ALSTON, Eric; LAW, Wilson; MURTAZASHVILI, Ilia et al. Blockchain networks as constitutional and competitive polycentric orders. Journal of Institutional Economics, v. 18, p. 707-723, 2022. DOI:10.1017/S174413742100093X.

AMIN, Md Ruhul; AKHTAR, Nahin Akhtar; HOQUE, Md Ekramul et al. Blockchain-Enabled Traceability in Pharmaceutical Supply Chains: An Integrated Engineering and It Management Framework for Regulatory Compliance and Pandemic Resilience. Journal of Computer Science and Technology Studies, v. 7, n. 10, 2025, p. 343-356. DOI: 10.32996/jcsts

ANTHONEY, Caitlin. The intersection of GDPR and HIPAA. June 14, 2024. Disponível em: https://www.paubox.com/blog/the-intersection-of-gdpr-and-hipaa. Acesso em 19 maio 2026.

ARABSORKHI, Abouzar; KHAZAEI, Elham. Blockchain Technology and GDPR Compliance: A Comprehensive Applicability Model. International Journal of Web Research, v. 7, n. 2, p. 49-63, 2024, doi: http://dx.doi.org/10.22133/ijwr.2024.459490.1221.

AKAVARAM, Sravanthi. Privacy-preserving federated learning for multi-institutional healthcare systems. World Journal of Advanced Research and Reviews, v. 26, n. 02, 2025, p. 3263-3272. https://doi.org/10.30574/wjarr.2025.26.2.1921.

AKHMETOV, Adil; LATIF, Zohaib; TYLER, Benjamin et al. Enhancing healthcare data privacy and interoperability with federated learning. PeerJ Computer Science, v. 11, e2870, 2025. DOI 10.7717/peerj-cs.2870.

BARBARIA, Sabri; JEMAI, ABDERRAZAK; Ceylan, Halil İbrahim et al. Advancing Compliance with HIPAA and GDPR in Healthcare: A Blockchain-Based Strategy for Secure Data Exchange in Clinical Research Involving Private Health Information. Healthcare (Basel), v. 13, n. 20, 2594, 2025 Oct 15 DOI: 10.3390/healthcare13202594. PMID: 41154272; PMCID: PMC12563691.

BELEN-SAGLAMA, Rahime; ALTUNCUA, Enes; LU, Yang et al. A systematic literature review of the tension between the GDPR and public blockchain systems. Blockchain: Research and Applications, v. 4, 2023, 100129. https://doi.org/10.1016/j.bcra.2023.100129.

BLOCKCHAIN IN HEALTHCARE market size, share, and trends 2026 to 2035. Disponível em: https://www.precedenceresearch.com/blockchain-in-healthcare-market. Acesso em 15 maio 2026.

BRASIL. Lei n. 13.709, de 14 de agosto de 2018. Lei Geral de Proteção de Dados (LGPD). Disponível em: https://www.planalto.gov.br/ccivil_03/_ato2015-2018/2018/lei/l13709.htm. Acesso em 14 maio 2026.

BRASIL, 2026. Brasil e União Europeia reconhecem equivalência na proteção de dados. O reconhecimento recíproco fortalece a proteção de dados pessoais, amplia a segurança jurídica e cria um ambiente mais favorável à cooperação, à inovação e aos negócios digitais. Janeiro de 2026. Disponível em: https://www.gov.br/planalto/pt-br/acompanhe-o-planalto/noticias/2026/01/brasil-e-uniao-europeia-reconhecem-equivalencia-em-protecao-de-dados-pessoais. Acesso em 16 maio 2026.

COHEN, Julie E. Between Truth and Power: The Legal Constructions of Informational Capitalism. Oxford: Oxford University Press, 2019.

DAYAN, Ittai; ROTH, Holger R.; ZHONG, Aoxiao et al. Federated learning for predicting clinical outcomes in patients with COVID-19. Nature Medicine, v. 27, October 2021, p. 1735-1743. https://doi.org/10.1038/s41591-021-01506-3.

De FILIPPI, Primavera; MANNAN, Morshed; REIJERS Wessel. Blockchain as a confidence machine: The problem of trust & challenges of Governance. Technology in Society, v. 62, 2020, 101284. https://doi.org/10.1016/j.techsoc.2020.101284.

DE GREGORIO, Giovanni. The rise of digital constitutionalism in the European Union. International Journal of Constitutional Law, v. 19, n. 1, 2021, p. 41-70. Oxford University Press and New York University School of Law doi:10.1093/icon/moab001.

DIGITAL ECONOMY TRENDS 2026. Digital Cooperation Organization (DCO). Disponível em: https://det.dco.org/sites/default/files/2025-12/Digital-Economy-Trends-2026.pdf?token=eDT74_TLWzo3jHMyMf4r7t4KqICGV581eNOsqHKIQdM. Acesso em 14 maio 2026.

ENGELMANN, Wilson. Percursos para inovar a Teoria Geral das Fontes do Direito: modelos de autorregulação regulada para as nanotecnologias, sandbox regulatório e princípios. Constituição, Sistemas Sociais e Hermenêutica [recurso eletrônico]: Anuário do Programa de Pós-Graduação em Direito da Unisinos, n. 18. Organizadores: Vichinkeski Teixeira, Lenio Luiz Streck, Leonel Severo Rocha. Blumenau, SC: Editora Dom Modesto, 2022. p. 327-341.

ENGELMANN, Wilson. O constitucionalismo organizacional no cenário do sistema jurídico global e digitalizado. Constituição, Sistemas Sociais e Hermenêutica [recurso eletrônico]: Anuário do Programa de Pós-Graduação em Direito da Unisinos, n. 19. Organizadores: Vichinkeski Teixeira, Lenio Luiz Streck, Leonel Severo Rocha. Blumenau, SC: Editora Dom Modesto, 2023. p. 337-348.

ENGELMANN, Wilson. A origem jusnaturalista dos direitos humanos: o horizonte histórico da Declaração Universal dos Direitos Humanos de 1948. Artigo apresentado no CONPEDI - Conselho Nacional de Pesquisa e Pós-Graduação em Direito, em julho de 2009, p. 6309-6327.

EUROPEAN DATA PROTECTION BOARD (EDPB). Guidelines 02/2025 on processing of personal data through blockchain Technologies, Version 1.1, Adopted on 08 April 2025. Disponível em: https://www.edpb.europa.eu/our-work-tools/documents/public-consultations/2025/guidelines-022025-processing-personal-data_en. Acesso em 15 maio 2026.

EUROPEAN DATA PROTECTION BOARD (EDPB). Summary: Use of blockchains: how to protect individual’s personal data, May 2025. Disponível em: https://www.edpb.europa.eu/system/files/2025-05/edpb-summary-022025-blockchains_en.pdf. Acesso em 15 maio 2026.

GOSSELIN, Rémi; VIEU, Loïc; LOUKIL, Faiza et al. Privacy and Security in Federated Learning: A Survey. Applied Sciences, v. 12, n. 19, 2022, 9901. https://doi.org/10.3390/app12199901.

GS1 - About. 2022. Disponível em: https://www.gs1.org/about. Acesso em 15 maio 2026.

GS1 Style Guide. Sets rules and conventions for gramatical style, naming conventions, figure and table use etc. to improve the quality and consistency of all GS1 documents. Release 5.6, Approved, Jul 2025. Disponível em: https://www.gs1.org/standards/gs1-style-guide/current-standard. Acesso em 15 maio 2026.

GS1 Healthcare Strategy 2023-2027. Disponível em: https://www.gs1.org/industries/healthcare/strategy. Acesso em 15 maio 2026.

GS1 CBV - Core Business Vocabulary Standard: specifies the structure of vocabularies and specific values for the vocabulary elements to be utilised in conjunction with the GS1 EPCIS standard. Release 2.0, Ratified, Jun 2022. Disponível em: https://ref.gs1.org/standards/cbv/. Acesso em 14 maio 2026.

GS1 Traceability. 2022. Disponível em: https://www.gs1.org/standards/traceability. Acesso em 15 maio 2026.

GS1 Blockchain. 2022. Disponível em: https://www.gs1.org/node/4261. Acesso em 15 maio 2026.

GS1 - EPCIS and CBV Implementation Guideline: Using EPCIS & CBV to increase supply chain visibility, Release 2.0, Ratified, Mar 2023. Disponível em: https://ref.gs1.org/guidelines/epcis-cbv/2.0.0/. Acesso em 18 maio 2026.

GS1 - Core Business Vocabulary (CBV): Standard specifies the structure of vocabularies and specific values for the vocabulary elements to be utilised in conjunction with the GS1 EPCIS standard, Release 2.0, Ratified, Jun 2022. Disponível em: https://ref.gs1.org/standards/cbv/. Acesso em 18 maio 2026.

GS1 - Pedigree Standard, 2007. Disponível em: https://www.gs1.org/standards/pedigree-standard/1; https://www.gs1.org/sites/default/files/docs/epc/pedigree_1_0-standard-20070105.pdf. Acesso em 18 maio 2026.

GS1 - Global Traceability standard: GS1’s framework for the design of interoperable Traceability systems for supply chains. Release 2.0, Ratified, Aug. 2017. Disponível em: https://www.gs1.org/standards/gs1-global-traceability-standard/current-standard#1-Introduction+1-2-Scope. Acesso em 18 maio 2026.

HABU, Jamilu; DHABARIYA, Ajay Singh; LAL PAL, Bachcha et al. Decentralized Data Governance and Regulatory Compliance in Federated Learning and Edge Computing for Healthcare. Research Square, 09 May 2025. DOI: https://doi.org/10.21203/rs.3.rs-6295183/v1.

HAQUE, AKM Bahalul; ISLAM, AKM Najmul; HYRYNSALMI, Sami et al. GDPR Compliant Blockchains - A Systematic Literature Review. IEEE Access, v. 9, p. 50593-50606, 2021, doi: 10.1109/ACCESS.2021.3069877.

HARIPRIYA, Rahul; KHARE, Nilay; PANDEY, Manish. Privacy-preserving federated learning for collaborative medical data mining in multi-institutional settings. Nature Scientific Reports, v. 15, 2025, 12482. https://doi.org/10.1038/s41598-025-97565-4.

HILDEBRANDT, Mireille. Smart Technologies and the End(s) of Law: Novel Entanglements of Law and Technology. Massachusetts, USA: Edward Elgar Publishing, Inc. 2015.

HILDEBRANDT, Mireille. Law as computation in the era of artificial legal intelligence: speaking law to the power of statistics. University of Toronto Law Journal, v. 68, Supplement 1, January 2018, p. 12-35. DOI 10.3138/utlj.2017-0044.

HILDEBRANDT, Mireille. Law for Computer Scientists and Other Folk. Oxford: Oxford University Press, 2020.

HIPAA - Health Insurance Portability and Accountability Act of 1996, 2024. Disponível em: https://www.cdc.gov/phlp/php/resources/health-insurance-portability-and-accountability-act-of-1996-hipaa.html. Acesso em 14 maio 2026.

HIPAA Security Rule, 2024. Disponível em: https://www.hhs.gov/hipaa/for-professionals/security/hipaa-security-rule-nprm/index.html. Acesso em 20 maio 2026.

ISSA, Wael; MOUSTAFA, Nour; TURNBULL, Benjamin et al. Blockchain-Based Federated Learning for Securing Internet of Things: A Comprehensive Survey. ACM Comput. Surv., v. 55, n. 9, Article 191, (January 2023). https://doi.org/10.1145/3560816.

J., Andrew; ISRAVEL, Deva Priya; SAGAYAM, K. Martin et al. Blockchain for healthcare systems: Architecture, security challenges, trends and future directions. Journal of Network and Computer Applications, v. 215, 2023, 103633. https://doi.org/10.1016/j.jnca.2023.103633.

KAIROUZ, Peter; McMAHAN, H. Brendan; AVENT, Brendan et al. Advances and Open Problems in Federated Learning. Foundations and Trends in Machine Learning, v. 14, Issue 1-2, Jun. 2021, p. 1-210. DOI https://doi.org/10.1561/2200000083.

KOSTICK-QUENET, Kristin M.; COMPAGNUCCI, Marcelo Corrales; ABOY, Mateo et al. Patient-centric federated learning: automating meaningful consent to health data sharing with smart contracts. Journal of Law and the Biosciences, v. 12, n. 1, lsaf003. Published 2025 Apr 30. DOI:10.1093/jlb/lsaf003.

LI, Ming; XU, Pengcheng; HU, Junjie et al. From challenges and pitfalls to recommendations and opportunities: Implementing federated learning in healthcare. Medical Image Analysis, v. 101, 2025,103497, https://doi.org/10.1016/j.media.2025.103497.

LUO, Zhaoyang. AI-Enhanced Federated Learning Framework for Privacy-Preserving Healthcare Data Analytics: A Multi-Institutional Approach. Journal of Advanced Computing Systems, v. 6, n. 1, p. 61-79, January 2026. DOI: 10.69987/JACS.2026.60105.

MAYER, André Henrique; COSTA, Cristiano André; RIGHI, Rodrigo da Rosa. Electronic health records in a Blockchain: a systematic review. Health Informatics Journal, v. 26, n. 2, p. 1273-1288, 2020. DOI: 10.1177/1460458219866350.

NGUYEN, Thanh Tuan; BEKRAR, Abdelghani; LE, Thi Muoi et al. Federated Learning-Based Framework: A New Paradigm Proposed for Supply Chain Risk Management. Engineering Proceedings, v. 97, n. 1, 5, 2025. https://doi.org/10.3390/engproc2025097005.

OECD. The OECD Going Digital Integrated Policy Framework 2026: OECD Digital Economy Papers, March 2026, n. 381. Disponível em: https://www.oecd.org/content/dam/oecd/en/publications/reports/2026/03/the-oecd-going-digital-integrated-policy-framework-2026_f24b6963/0254ae07-en.pdf. Acesso em 14 maio 2026.

OECD. Artificial Intelligence in Society. Paris: OECD Publishing, 2019. https://doi.org/10.1787/eedfee77-en.

OLADEJO, Adedeji Ojo; ADEBAYO, Motunrayo; OLUFEMI, David et al. Privacy-Aware AI in cloud-telecom convergence: A federated learning framework for secure data sharing. International Journal of Science and Research Archive, v. 15, n. 1, 2025, p. 005-022. DOI: https://doi.org/10.30574/ijsra.2025.15.1.0940.

OLIOT - Open Source Project, 2026. Disponível em: https://gs1oliot.github.io/oliot/. Acesso em 18 maio 2026.

PATI, Sarthak; KUMAR, Sourav; VARMA, Amokh et al. Privacy preservation for federated learning in health care. Patterns, v. 5, Issue 7, 2024,100974, https://doi.org/10.1016/j.patter.2024.100974.

RAM, Niranjan; MAHAJON, Bidhan; DEOGADE, Meena Shamrao. From field to formulation: Designing a conceptual AI-integrated digital passport framework for medicinal plant traceability and quality assurance in Ayush supply chains. International Journal of Ayurveda Research, v. 7, n. 1, p. 82-92, Jan-Mar. 2026. DOI: 10.4103/ijar.ijar_300_25.

REGULATION (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). Disponível em: https://eur-lex.europa.eu/eli/reg/2016/679/oj. Acesso em 14 maio 2026.

REGULATION (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 laying down harmonised rules on artificial intelligence and amending Regulations (EC) n. 300/2008, (EU) n. 167/2013, (EU) n. 168/2013, (EU) 2018/858, (EU) 2018/1139 and (EU) 2019/2144 and Directives 2014/90/EU, (EU) 2016/797 and (EU) 2020/1828 (Artificial Intelligence Act). Disponível em: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32024R1689. Acesso em 14 maio 2026.

REGULATION (EU) 2025/327 of the European Parliament and of the Council of 11 February 2025 on the European Health Data Space and amending Directive 2011/24/EU and Regulation (EU) 2024/2847, 2025. Disponível em: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=OJ:L_202500327. Acesso em 14 maio 2026.

REGULATION (EU) 2022/868 of the European Parliament and of the Council of 30 May 2022 on European data governance and amending Regulation (EU) 2018/1724 (Data Governance Act). Disponível em: https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32022R0868. Acesso em 16 maio 2026.

REGULATION (EU) 2023/2854 of the European Parliament and of the Council of 13 December 2023 on harmonised rules on fair access to and use of data and amending Regulation (EU) 2017/2394 and Directive (EU) 2020/1828 (Data Act). Disponível em: https://eur-lex.europa.eu/eli/reg/2023/2854/oj/eng. Acesso em 16 maio 2026.

REGULATION (EU) 2025/327 of the European Parliament and of the Council of 11 February 2025 on the European Health Data Space and amending Directive 2011/24/EU and Regulation (EU) 2024/2847. Disponível em: https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=OJ:L_202500327. Acesso em 16 maio 2026.

RIEKE, Nicola; HANCOX, Jonny; LI, Wengi et al. The future of digital health with federated learning. npj Digital Medicine, v. 3, Article number 119, 2020. https://doi.org/10.1038/s41746-020-00323-1.

SAJADIEH, Sha; FATTORINI, Loredana; PERRAULT, Raymond et al. The AI Index 2026 Annual Report, AI Index Steering Committee, Institute for Human-Centered AI. Stanford, CA: Stanford University, April 2026. Disponível em: https://hai.stanford.edu/assets/files/ai_index_report_2026.pdf. Acesso em 20 maio 2026.

SHAHSAVARI, Yahya; BASERI, Yaser; HAFID, Abdelhakim et al. Integration of Federated Learning and Blockchain in Healthcare: A Tutorial on Medical Data, Architectures, Privacy, Security, and Regulatory Compliance. Journal of Medical Internet Research. 20/01/2026:80178. DOI: 10.2196/80178.

SMIETANKA, Malgorzata; PITHADIA, Hirsh; TRELEAVEN, Philip. Federated Learning for Privacy-preserving data access. (September 15, 2020). Available at SSRN: https://ssrn.com/abstract=3696609 or http://dx.doi.org/10.2139/ssrn.3696609

SHOKRI, Reza; STRONATI, Marco; SONG, Congzheng et al. Membership Inference Attacks Against Machine Learning Models. ArXiv, 2017.

https://doi.org/10.48550/arXiv.1610.05820.

SOLANKI, Monika; BREWSTER, Christopher. Detecting EPCIS exceptions in linked traceability streams across supply chain business processes. SEM '14: Proceedings of the 10th International Conference on Semantic Systems, p. 24-33, September 2014. https://doi.org/10.1145/2660517.2660524. Disponível em: https://www.cbrewster.com/papers/Solanki_ECWEB14.pdf. Acesso em 05 maio 2026.

SOLANKI, Monika; BREWSTER, Christopher. OntoPedigree: Modeling Pedigrees for traceability in supply chains. Semantic Web 1 (2009), p. 1-10, 1, IOS Press. https://www.semantic-web-journal.net/system/files/swj980.pdf. Acesso em 05 maio 2026.

SUM, Anika Saba Ibte; PRITEE, Zinniya Taffannum; SAHA, Anik Kumar et al. A systematic review on privacy preservation in federated learning. International Journal of Information Security, v. 25, 2026, 65. https://doi.org/10.1007/s10207-026-01229-x.

TEUBNER, Gunther. Fragmentos constitucionais: constitucionalismo social na globalização. São Paulo: Saraiva, 2016.

THE GS1 HEALTHCARE STRATEGY 2023-2027. November 2022. Disponível em: https://www.gs1.org/docs/healthcare/Strategy/GS1-Healthcare-Strategy-Final.pdf. Acesso em 18 maio 2026.

UNIDO - United Nations Industrial Development Organization. UNIDO showcases the power of standards for sustainable industrial growth, 14 October 2025. Disponível em: https://www.unido.org/news/unido-showcases-power-standards-sustainable-industrial-growth. Acesso em 15 maio 2026.

ZAFAR, Ammar. Reconciling blockchain technology and data protection laws: regulatory challenges, technical solutions, and practical pathways. Journal of Cybersecurity, v. 11, Issue 1, 2025, tyaf002, https://doi.org/10.1093/cybsec/tyaf002.

ZEKIYE, Abdulrezzak; ÖZKASAP, Öznur. Decentralized Healthcare Systems with Federated Learning and Blockchain. Proceedings of 14th Turkish Congress of Medical Informatics, p. 335-339, 2023. DOI: 10.48550/arXiv.2306.17188.

ZHU, Lingzi; BO, Zhao; PENG, Rao. Blockchain-Enabled Federated Learning: A Survey on System Design, Key Challenges, and Future Directions. Electronics, v. 15, n. 8, 1572, 2026. https://doi.org/10.3390/electronics15081572.

ZUBOFF, Shoshana. Big other: surveillance capitalism and the prospects of an information civilization. Journal of Information Technology, v. 30, 2015, p. 75-89.

ZUBOFF, Shoshana. The Age of Surveillance Capitalism: the fight for a human future at the new frontier of power. Nova York: Public Affairs, 2019.

WORLD BANK. World Development Report 2025: Standards for Development. World Bank, 2025. doi:10.1596/978-1-4648-2275-9.

Downloads

Publicado

2026-06-29