Anonymizing Unstructured Data to Enable Healthcare Analytics Chris Wright, Vice President Marketing, Privacy Analytics



Similar documents
Degrees of De-identification of Clinical Research Data

THE STATE OF DATA SHARING FOR HEALTHCARE ANALYTICS : CHANGE, CHALLENGES AND CHOICE

De-identification, defined and explained. Dan Stocker, MBA, MS, QSA Professional Services, Coalfire

HIPAA Training For Research Investigators and Study Staff

Welcome to the Privacy and Security PowerPoint presentation in the Data Analytics Toolkit. This presentation will provide introductory information

A Commercial Approach to De-Identification Dan Wasserstrom, Founder and Chairman De-ID Data Corp, LLC

White Paper THE HIPAA FINAL OMNIBUS RULE: NEW CHANGES IMPACTING BUSINESS ASSOCIATES

Why Add Data Masking to Your IBM DB2 Application Environment

The Use of Patient Records (EHR) for Research

BUSINESS ASSOCIATE AGREEMENT BETWEEN AND COMMISSION ON ACCREDITATION, AMERICAN PSYCHOLOGICAL ASSOCIATION

The De-identification Maturity Model Authors: Khaled El Emam, PhD Waël Hassan, PhD

Roadmap. What is Big Data? Big Data for Educational Institutions 5/30/2014. A Framework for Addressing Privacy Compliance and Legal Considerations

De-identification Koans. ICTR Data Managers Darren Lacey January 15, 2013

1.2: DATA SHARING POLICY. PART OF THE OBI GOVERNANCE POLICY Available at:

A Q&A with the Commissioner: Big Data and Privacy Health Research: Big Data, Health Research Yes! Personal Data No!

BUSINESS ASSOCIATE AGREEMENT. Recitals

Testimony. before the. National Committee on Vital and Health Statistics Ad Hoc Workgroup for Secondary Uses of Health Data

SecurityMetrics Business Associate HIPAA compliance program

BUSINESS ASSOCIATE AGREEMENT

How To Protect Your Health Information Under Hiopaa

HIPAA POLICY REGARDING DE-IDENTIFICATION OF PROTECTED HEALTH INFORMATION AND USE OF LIMITED DATA SETS

Li Xiong, Emory University

HIPAA and Big Data Twenty Third National HIPAA Summit. March 17, 2015 Mitchell W. Granberg, Optum Chief Privacy Officer

Abstract. It s peace of mind knowing that we ve done everything that is possible to meet industry standards for de-identification. Dr.

A Privacy Officer s Guide to Providing Enterprise De-Identification Services. Phase I

HIPAA Update Focus on Breach Prevention

Health & Life sciences breach security program. David Houlding MSc CISSP CIPP Healthcare Privacy & Security Lead Intel Health and Life Sciences

Value of. Clinical and Business Data Analytics for. Healthcare Payers NOUS INFOSYSTEMS LEVERAGING INTELLECT

The De-identification of Personally Identifiable Information

Arizona State University. HIPAA Compliance. Audit Report Number May 7, 2015

HIPAA and Patient Safety: Why It Matters April 24, 2015 (GEN-AO1)

IBM Internet Security Systems October FISMA Compliance A Holistic Approach to FISMA and Information Security

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE ADDENDUM

Implementing Honest Broker System(s) in Academic Medical Centers: The Pittsburgh Experience

BUSINESS ASSOCIATE AGREEMENT

Cirius Whitepaper for Medical Practices

SOP Number: OCR-HIP-001 Effective Date: August 2013 Page 1 of 5

InfoGard Healthcare Services InfoGard Laboratories Inc.

UMDNJ Information Security Plan 2007

De-Identification 101

Big Data, Big Risk, Big Rewards. Hussein Syed

What is Covered under the Privacy Rule? Protected Health Information (PHI)

Practices to Research Data in Light of HIPAA and ANPRM

Somansa Data Security and Regulatory Compliance for Healthcare

A Pragmatic Guide to Big Data & Meaningful Privacy. kpmg.be

Data Privacy and Biomedicine Syllabus - Page 1 of 6

BUSINESS ASSOCIATE AGREEMENT TERMS

NEXPOSE ENTERPRISE METASPLOIT PRO. Effective Vulnerability Management and validation. March 2015

HIPAA BUSINESS ASSOCIATE SUBCONTRACTOR AGREEMENT

Secondary Use of Healthcare Data for Public Health. Leslie Lenert, MD, MS FACMI Director, National Center for Public Health Informatics

HIPAA-Compliant Research Access to PHI

Tulane University. Tulane University Business Associates Agreement SCOPE OF POLICY STATEMENT OF POLICY IMPLEMENTATION OF POLICY

IRB Application for Medical Records Review Request

Yale University Open Data Access (YODA) Project Procedures to Guide External Investigator Access to Clinical Trial Data Last Updated August 2015

HIPAA-P06 Use and Disclosure of De-identified Data and Limited Data Sets

Secure Cloud Computing Concepts Supporting Big Data in Healthcare. Ryan D. Pehrson Director, Solutions & Architecture Integrated Data Storage, LLC

HIPAA/HITECH Compliance Using VMware vcloud Air

Cloud Data Security. Sol Cates

Negotiating EHR Acquisition Contracts

Detecting Anomalous Behavior with the Business Data Lake. Reference Architecture and Enterprise Approaches.

What is Covered by HIPAA at VCU?

IBM Software Four steps to a proactive big data security and privacy strategy

Legal Insight. Big Data Analytics Under HIPAA. Kevin Coy and Neil W. Hoffman, Ph.D. Applicability of HIPAA

ARX A Comprehensive Tool for Anonymizing Biomedical Data

Data Privacy: The High Cost of Unprotected Sensitive Data 6 Step Data Privacy Protection Plan

Access Control patient centric selective sharing Emergency Access Information Exchange

Overview of the HIPAA Security Rule

HIPAA and the HITECH Act

DIGITECH AND HIPAA COMPLIANCE

Bridging Strategy and Data. Overview. Version

ASCO s CancerLinQ aims to rapidly improve the overall quality of cancer care, and is the only major cancer data initiative being developed and led by

IRB Policy for Security and Integrity of Human Research Data

This presentation focuses on the Healthcare Breach Notification Rule. First published in 2009, the final breach notification rule was finalized in

Big Data Integration and Governance Considerations for Healthcare

Recognition and Privacy Preservation of Paper-based Health Records

Secondary Uses of Health Data IMPAC s Oncology Data Alliance Program

Data Governance and Big Data - A Necessary Convergence. Richard Goldberg Chief Data Governance Officer Citibank Global Consumer Bank

De-Identification of Clinical Data

<Insert Picture Here> Oracle Database Security Overview

Winthrop-University Hospital

ROLE OF CONTRACT MANAGEMENT IN A HEALTHCARE COMPLIANCE PROGRAM DESIGN

When HHS Calls, Will Your Plan Be HIPAA Compliant?

OCTOBER 2013 PART 1. Keeping Data in Motion: How HIPAA affects electronic transfer of protected health information

IDAHO STATE UNIVERSITY POLICIES AND PROCEDURES (ISUPP) HIPAA Privacy - De-identification of PHI 10030

Database Forensics Secure Business Austria

Big Data, Not Big Brother: Best Practices for Data Analytics Peter Leonard Gilbert + Tobin Lawyers

BUSINESS ASSOCIATE AGREEMENT

HiSoftware Policy Sheriff. SP HiSoftware Security Sheriff SP. Content-aware. Compliance and Security Solutions for. Microsoft SharePoint

Extracting value from HIPAA Data James Yaple Jackson-Hannah LLC

HIPAA-P01 Uses and Disclosures of Protected Health Information Policy

HIPAA initially went into effect April 14, HIPAA is a set of rules that is to be followed by doctors, hospitals and other health care providers.

HIPAA BUSINESS ASSOCIATE AGREEMENT

future proof data privacy

DIGITAL GUARDIAN 6. The Foundation of Enterprise Information Protection

Backup and Data Protection for Hospitals

Societal benefits vs. privacy: what distributed secure multi-party computation enable? Research ehelse April Oslo

BUSINESS ASSOCIATE AGREEMENT

HIPAA Compliance & Privacy. What You Need to Know Now

White Paper Achieving HIPAA Compliance through Security Information Management. White Paper / HIPAA

Transcription:

Anonymizing Unstructured Data to Enable Healthcare Analytics Chris Wright, Vice President Marketing, Privacy Analytics

Privacy Analytics - Overview For organizations that want to safeguard and enable their personal information for secondary use Purpose-built software that automates the deidentification and masking of data using a risk-based approach to anonymize personal information in compliance with HIPAA requirements Integrated capabilities to anonymize structured and unstructured data from multiple sources Peer-reviewed methodologies and value-added services that certify data for secondary use 2

Secondary Use for Healthcare Data Definition Secondary use of health data applies personal health information (PHI) for uses outside of direct health care delivery. It includes such activities as analysis, research, quality and safety measurement, public health, payment, provider certification or accreditation, marketing, and other business applications, including strictly commercial 1 activities. 1. Definition sourced from white paper, Toward a National Framework for the Secondary Use of Health Data: An American Medical Informatics Association White Paper, J Am Med Inform Assoc 2007;14:1-9 doi:10.1197/jamia.m2273 3

The Proliferation of Unstructured Data According to IBM, Ovum and other researchers, 80-90 percent of all medical data today is unstructured... and that volume is doubling 1 every five years. Electronic health records where personal information resides in XML as free form text and needs to be anonomyized for analysis Medical devices where unstructured data or free form text from machine dumps (i.e. x-ray machines or CAT scans) is sent to a database(s) for analysis Online Forums where patients or providers discuss their conditions or cases, requiring anonymization to facilitate sentiment analysis and other forms of information analysis 1. http://ovum.com/2012/05/11/unlocking-the-potential-of-unstructured-medical-data/ 4

PARAT Software Providing organizations with a scalable set of capabilities to automate the anonymization of structured and unstructured data Automate masking, de-identification and risk of reidentification Configure anonymization depending on the sensitivity of the data Maintain data consistency by matching structured values to corresponding unstructured data Measure the overall quality of anonymized data to ensure that the re-identification risk is very small and its analytic value is high Stronger Safeguards. Richer Analysis. Integrated Solution. 5

How We Anonymize Unstructured Data? 6

PARAT: Before De-identification 7

PARAT: Discovery and Annotate 8

PARAT: Discovery and Annotate 9

PARAT: After De-identification 10

SIDE-BY-SIDE COMPARISON: Data Utility Achieved 11

Balancing Privacy and Utility for Secondary Use 1 Data Quality 2 Analytic Granularity 3 Depth of Insight Ensuring de-identified data has analytic usefulness by determining its relative risk associated with its disclosure, sharing and re-sale Allowing users to configure de-identification for patient level data without compromising privacy and costly breaches Enabling analysis of the total patient health experience, to compile a complete picture of this experience from multiple data sources and types 12

PARAT: National Institutes of Health Challenge Wants to anonymize unstructured text data from more than 400,000 patients Seeks to augment currently available data in deidentified format Solution PARAT Text PARAT Text is a standalone module for PARAT Why Privacy Analytics De-identified unstructured data would allow researchers to: 1. Test hypotheses for new research 2. Confirm potential sample sizes for proposed research 3. Find collaborators for cross-disciplinary research studies. Customer Profile The National Institutes of Health (NIH), a part of the U.S. Department of Health and Human Services, is the nation s medical research agency making important discoveries that improve health and save lives. 13

Learn More Drop on by Booth 13 14

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information