Truveta’s Approach to Protecting Patient Privacy - Truveta

Truveta’s Approach to Protecting Patient Privacy

Once customers find out about the incredible scope and diversity of our data platform, we’re often asked how we protect that data and maintain patient privacy. It’s an incredibly important topic. And it’s the reason that one of the first people we recruited to Truveta was a Chief Information Security Officer with decades of enterprise-level experience.

Today, we now run one of the most advanced data privacy and security systems in the industry.

Last year, we published a series of whitepapers explaining how these systems work. Since then, we have added more health system members to our network and significantly increased our data stream, including new sources of data through our partnership with LexisNexis Risk Solutions. As our platform has grown, our privacy and security systems have evolved right along with it.

To keep you up to date on these developments, we recently expanded our Privacy whitepaper, which you can now download here.

Our Approach to Protecting Patient Privacy

One of the highlights of this paper is a new chapter on how we safely and securely combine datasets. Being able to combine records for the same patient across health systems is one of the many benefits of the Truveta platform. But to maintain privacy, we can only do this after removing patient identifiers within records. This raises an interesting privacy question:

How to match records for the same patient that have already been de-identified?

In the paper, we explain how we do this through our partnership with LexisNexis Risk Solutions, using its next-generation tokenization solution, LexisNexis® Gravitas™.

With Gravitas Token, we’re not only able to match de-identified records for the same patient, but we can also account for changes in addresses, name changes, use of nicknames, and other variations in personally identifiable information (PII).

In this way, we are able to address one of the most challenging issues facing health data management today: de-duplication of patient records across health systems. The Gravitas Token enables us to match datasets with unparalleled precision. And we’re able to achieve this – all without exposing or sharing patient PII.

The paper also provides insights into how we are using statistical techniques to preserve data integrity while also maintaining data privacy. Additionally, we cover the independent process that led to the certification of our systems to meet the HIPAA Privacy Rule standards.

We invite you to download our updated paper Our Approach to Patient Privacy. It’s another vital chapter in our story of how we are committed to Saving Lives with Data.