Currently submitted to: JMIR AI
Date Submitted: Mar 19, 2026
Open Peer Review Period: Mar 30, 2026 - May 25, 2026
(closed for review but you can still tweet)
NOTE: This is an unreviewed Preprint
Warning: This is a unreviewed preprint (What is a preprint?). Readers are warned that the document has not been peer-reviewed by expert/patient reviewers or an academic editor, may contain misleading claims, and is likely to undergo changes before final publication, if accepted, or may have been rejected/withdrawn (a note "no longer under consideration" will appear above).
Peer review me: Readers with interest and expertise are encouraged to sign up as peer-reviewer, if the paper is within an open peer-review period (in this case, a "Peer Review Me" button to sign up as reviewer is displayed above). All preprints currently open for review are listed here. Outside of the formal open peer-review period we encourage you to tweet about the preprint.
Citation: Please cite this preprint only for review purposes or for grant applications and CVs (if you are the author).
Final version: If our system detects a final peer-reviewed "version of record" (VoR) published in any journal, a link to that VoR will appear below. Readers are then encourage to cite the VoR instead of this preprint.
Settings: If you are the author, you can login and change the preprint display settings, but the preprint URL/DOI is supposed to be stable and citable, so it should not be removed once posted.
Submit: To post your own preprint, simply submit to any JMIR journal, and choose the appropriate settings to expose your submitted version as preprint.
Warning: This is an author submission that is not peer-reviewed or edited. Preprints - unless they show as "accepted" - should not be relied on to guide clinical practice or health-related behavior and should not be reported in news media as established information.
The Confidential Zero-Trust Framework for Securing Generative AI in Healthcare on Google Cloud: An Architectural Blueprint
ABSTRACT
Background:
The integration of Generative Artificial Intelligence (GenAI) in healthcare is impeded by significant security challenges unaddressed by traditional frameworks, precisely the “data-in-use” gap where sensitive patient data and proprietary AI models are exposed during active processing.
Objective:
To propose the Confidential Zero-Trust Framework (CZF), a novel security paradigm designed to address the data-in-use gap for GenAI healthcare workloads.
Methods:
We analyzed the healthcare threat landscape, regulatory requirements (such as HIPAA and GDPR), and the failure modes of traditional security architectures. Based on this analysis, we developed a multi-tiered architectural blueprint that synergistically combines Zero-Trust Architecture for granular access control with the hardware-enforced data isolation of Confidential Computing.
Results:
We detailed a blueprint for implementing the CZF on Google Cloud. The CZF provides a defense-in-depth architecture where data remains encrypted while in-use within a hardware-based Trusted Execution Environment (TEE). The framework’s use of remote attestation offers cryptographic proof of workload integrity, transforming compliance into a verifiable technical fact and enabling secure, multi-party collaborations previously blocked by security and intellectual property concerns.
Conclusions:
By closing the data-in-use gap and enforcing Zero-Trust principles, the CZF provides a robust and verifiable framework that establishes the necessary foundation of trust to enable the responsible adoption of transformative AI technologies in healthcare. Clinical Trial: n/a
Citation
Request queued. Please wait while the file is being generated. It may take some time.
Copyright
© The authors. All rights reserved. This is a privileged document currently under peer-review/community review (or an accepted/rejected manuscript). Authors have provided JMIR Publications with an exclusive license to publish this preprint on it's website for review and ahead-of-print citation purposes only. While the final peer-reviewed paper may be licensed under a cc-by license on publication, at this stage authors and publisher expressively prohibit redistribution of this draft paper other than for review purposes.