HEALTHCARE DATA DE-IDENTIFICATION SERVICES

iStock_000025351984_Small
Description

Customer Requirement:

Our client is a major player in Healthcare division in Indianapolis region. Client had a need to de-identify healthcare data to solve some of their challenging problems. As the need has grown, so do concerns over their privacy of protected health information (PHI).

To address this, our clients wanted to de-identify personal information using a risk-based approach that goes beyond simple masking techniques in order to produce a high quality dataset that meets their specific needs for secondary use like sophisticated research and analytics.

RADcube Solution:

RADCube allows healthcare organizations to quickly and easily apply a responsible de-identification methodology that ensures individual privacy and legal compliance. RADCube has a sophisticated risk-based methodology for implementing the HIPAA Expert Determination method. With years of experience operating in the world’s most restrictive data compliance environments, RADCube enabled our client to use and share data for secondary purposes while ensuring that you remain compliant with HIPAA and other global privacy regulations, standards and guidelines.

Our experts developed a de-identification approach for, and assessed it with a specific dataset that is uploaded to the clients’ repository. The goal is to create a data privacy protection approach for this specific dataset that meet or exceeded the de-identification requirements of the Privacy Rule of the U.S. Health Insurance Portability and Accountability Act of 1996 (HIPAA).

RADCube engaged a team of experts in de-identification to provide expert determination services. We provided theseservices in the following five project phases:

DISCOVERY PHASE

  • Conducted a Q&A project scoping with clients’ representatives
  • Estimated complexity and timeframe.
  • Presented deliverables to client for review.

ANALYZED SOURCE DATA AND DEFINED TRANSFORMATION RULES

  • Received source data or securely connected to client’s network
  •  Identified direct and indirect identifiers
  •  Defined masking, suppression and de-identification transformation rules

DEVELOPED AUTOMATED PROCESS

  • Created a software that transforms the source input data using the rules defined in the previous step
  • Produced the target data set using the automated process

PERFORMED QUALITY ASSURANCE REVIEW

  • Performed internal quality assurance review of the anonymized data to ensure accuracy
  • Presented client with the anonymized data to ensure satisfaction and acceptance

 

DELIVERED TARGET RESULT DATA AND SUPPORT PLAN

  •  Created the anonymized target data set or database
  • Provided the target data set or database to its intended final recipient
  • Established plans for support and ongoing operations
Date

5 April 2017

Categories