How to Optimize Patient Care with Secure Data-Driven Insights

The Imperative of Security, Privacy and Data Management in Healthcare

Last Published: Oct 26, 2023 |
Richard Cramer
Richard Cramer

This blog is co-authored by Jason du Preez, VP Product Development, Data Security & Privacy – Privitar, Informatica

Healthcare’s reliance on data is growing more pronounced every day. The widespread adoption of electronic health records has provided a rich depth of clinical data. Limitless possibilities are opened-up when this data is combined with information from new sources, such as genomic data and other real-world data sources, including wearables and personal behavioral data. Timely and accurate data guides diagnoses, shapes treatments, propels medical research and informs public health strategies.

Healthcare organizations in every region and jurisdiction are driving transformation programs to improve ways of collecting, combining, cataloging, protecting and accessing their data. They want to build public confidence in these systems while unlocking the value in data. Take as an example NHS England (part of the UK’s National Health Service, or NHS). Committed to a system of “data access as default,”1 NHS empowers data controllers to govern their data while providing clinicians, researchers and other stakeholders with data access through secure data environments (SDEs).

Yet, for all this opportunity, data carries tremendous risk if accessed or used inappropriately. Of course, there is the legal, regulatory and compliance perspective where misuse of healthcare data (referred to as electronically protected health information or ePHI in the U.S.) can result in restrictions and penalties. Even more important, and harder to repair, is the potential harm to the trust of patients, health plan members, clinicians and caregivers, on which entire healthcare systems depend.

Trust hinges on our ability to ensure data is managed responsibly, ethically and with an uncompromising approach to security and privacy. It also requires that we do this with transparency and clear communication channels to data subjects.

Privitar and Informatica

Informatica's recent acquisition of Privitar, a market-leading provider of data access management and privacy software, will provide healthcare organizations unprecedented control over who has access to what data, where and how. Incorporating Privitar capabilities in the Informatica Intelligent Data Management Cloud (IDMC) enables a comprehensive data management platform that streamlines integration, classification, cataloging and access management capabilities. 

While Privitar’s technology is used across industries, its healthcare credentials are especially unassailable. As the provider of a data de-identification solution in the NHS since 2018, it’s proven at enterprise and nationwide scale.2 It’s a perfect match for Informatica's 30-year history of supporting the healthcare market, counting 85% of the largest US health systems, 25 of the largest health plans, and 25 of the largest global pharmaceutical companies among our customers.

I’m excited by the expertise and innovation we can bring to bear for healthcare customers. Jason du Preez, founder and CEO of Privitar, brings his deep understanding of enterprise data privacy challenges and a team with award-winning pedigree for innovation on privacy-enhancing technologies (PETs).3 We share a vision of business and societal benefits, driven by timely insights from data, as we enable faster, safer access to accurate, protected, trusted healthcare data with the incorporation of Privitar capabilities in IDMC.

IDMC simplifies data management on the inherently complex modern data environments of healthcare and life science enterprises. Value is created by enhancing the productivity of data scientists, data engineers and data analysts, all while scaling operations.

IDMC is purpose-built for modern data architectures that invariably span multi-cloud environments (a combination of SaaS applications and typically more than one ecosystem) and hybrid setups (a combination of on-premises and cloud). These data ecosystems are extensive, complex and constantly evolving to accommodate new business needs and technology advances that change at an accelerating pace. In these complex environments, IDMC provides comprehensive and best-of-breed data management capabilities that perform with equal proficiency across the hyper-scaler ecosystems and on-premises technologies – essentially the Switzerland of data management.

Privitar’s capabilities address the rapidly evolving market requirements for data security and privacy controls at scale. They find a natural home as part of the Informatica IDMC. Access controls and data protection are best deployed as an integral component of a comprehensive data management and governance platform, serving a multi-cloud and hybrid architecture rather than bound to any one data platform. In this way, data protection is seamlessly integrated with the full breadth of Informatica’s IDMC, including data cataloging, data quality, data integration, application integration, master data management and data marketplace.

Data Access Management and Privacy for the Healthcare Enterprise

Our data access management solution supports a variety of deployment approaches that suit how large and complex healthcare organizations want to manage data access, privacy and protection. Privitar enables data controllers to encapsulate decisions on how data is used, what limitations are placed on access and which PETs are applicable on a use-case-by-use-case basis.4  Fine-grained contextual policies can be defined and shared to encourage broad adoption of best practices while federating control to individual entities or departments. All policy decisions and data use can be logged and monitored, ensuring transparency and auditability. This approach enables these systems to support the notion of accountability to authorities and data subjects.

Accountability is critical in a healthcare setting where data controllers must manage the complex web of regulatory requirements, such as the General Data Protection Regulation (GDPR)5 and Common Law of Duty Confidentiality in the United Kingdom,6 or the Health Insurance Portability and Accountability Act (HIPAA)7 in the United States, as well as burgeoning global Environmental, Social and Governance (ESG) mandates. Patient confidentiality concerns must be addressed in a way that is open and explainable.

As the healthcare industry evolves with digital capabilities, access to holistic data that cuts across components of the system and along the patient care pathway is needed to enhance patient-centered care, facilitate research and innovation and effect economic impact.

By integrating Privitar into Informatica’s end-to-end, AI-enabled data management platform, Informatica enhances the platform’s comprehensive data access, security and privacy controls.

But much of the advantage comes from the simplification of the solution design. Data privacy and security design can only be efficient if fundamental data management tenets are addressed and maintained as part of a modern data architecture. Informatica is a clear leader in data integration, data discovery and classification, and data quality. Now, these components can seamlessly feed into Privitar’s policy enforcement capabilities avoiding the classic “garbage-in, garbage-out” challenges we sometimes find when connecting heterogenous systems. This approach makes policy enforcement faster, less subjective and more reliable.

As we bolster data access management and privacy in healthcare by combining the strengths of Informatica and Privitar, artificial intelligence (AI) also plays a pivotal role in this evolving data management landscape.

The Healthcare Industry Is Ready for AI, but Is Your Data?

Rampant enthusiasm for all things AI is the order of the day. Healthcare is no exception. But successful AI requires data that’s accessible, trustworthy and fit for purpose. Even the most well-intentioned algorithm can wreak havoc if it’s trained with data that is inaccurate, biased or otherwise of poor quality. Unreliable outcomes can poison the perception of AI in the enterprise and hinder the adoption of this promising area of innovation.

IDMC provides the critical capabilities to govern, curate and democratize data with transparency that’s essential to fostering trust in data and the AI models that ultimately result.

The other side of the AI coin is using AI for automating, streamlining and simplifying the tasks of data management. This has been an area of focus for Informatica since 2018 when we introduced our CLAIRE AI-engine as part of the IDMC. The growth in data volumes continues to accelerate and the complexity and variety of data gets more challenging by the week. An enterprise’s thirst for insights demands more from data than ever before.

But budgets and the availability of the highly skilled staff needed to extract these insights are remaining flat or growing incrementally. To address this conundrum, Informatica is applying AI to automate routine tasks in data management. This automation enhances staff productivity by providing smart suggestions for integration, quality and governance tasks, allowing valuable, skilled staff to focus on the most complex and high-value tasks.

With data management that drives accurate AI, and AI that enhances data management, we are ready to seize opportunities and face the healthcare industry’s overarching challenges.

Advancing Healthcare with Governed, Protected Data Sharing 

Data management is clearly playing a pivotal role in elevating patient care, advancing medical research and ensuring most-needed healthcare efficiency. In this context, it’s critical that high quality data is delivered in a timely manner to an increasingly broad range of users. As this is carried out, we must ensure that we remain committed to protect patient privacy, maintain a stringent security posture and strive to ensure ethical data use. Trust and confidence in these systems is a critical success factor.

Next Steps

First Published: Oct 26, 2023