A leading healthcare provider needed to collect patient and lab data from a dozen hospitals and information systems. Data needed to be cleansed and normalized for reporting, benchmarking, population health and planning purposes. In addition, de-identified data needed to be shared with researchers and analysts.
Data engineers were duplicating datasets for identified and de-identified versions, causing data sprawl and data management headaches. In some cases, access controls were enforced through column-level visibility, causing complexity for SQL queries and sharing visualization models/reports.
- De-identify and tokenize sensitive data
- Use templated rules to control access to sensitive data
- Minimize data duplication and simplify data management
- Share analytic dashboards and reports without compromising access to sensitive data
The healthcare provider turned to PHEMI for a robust data protection and compliance solution for sensitive data based on the Oracle Information Management reference model. The combined PHEMI-Oracle solution helped streamline the protection and sharing of sensitive data at scale across a variety of data types.
With PHEMI and Oracle, data engineers can reliably load, cleanse, organize and protect data while tracing data lineage and enforcing strict privacy and security throughout the workflow. Data Sharing and Usage Agreements can be defined and enforced to enable legal compliance with licensed, internal and public datasets.
Moreover, PHEMI Central manages and enforces data protection end-to-end: users write one query and access policies ensure they see only what they’re allowed to see – no data sprawl, no data management headaches and no SQL/data model complexity.
Supporting Oracle Public Cloud, Oracle Big Data Cloud at Customer, Oracle Big Data Cloud Service, Oracle Exastack and major Hadoop distributions, PHEMI lets organizations set access control rules to ensure rightful access to complex and sensitive data at speed.
Compliance reports and audit logs track user access requests, dataset proliferation and data usage history to detect suspicious or anomalous activities and conduct forensic audits.
In compliance with HIPAA, GDPR and Safe Harbor rules, PHEMI offers automated data protection capabilities to inventory and secure sensitive data. Sophisticated risk-based de-identification algorithms allow data to be shared safely.