TRENDING:

Big Data: Protecting Patient Privacy

Intermountain Healthcare, Deloitte Develop New Analysis Tool Marianne Kolbasuk McGee (HealthInfoSec) • July 2, 2013    
Big Data: Protecting Patient Privacy

To discover important correlations between patient medical treatments and outcomes requires lots of digging and data analysis. But the task also requires significant steps to protect patient privacy.

See Also: Take Inventory of Your Medical Device Security Risks

Toward those goals, Intermountain Healthcare and Deloitte have co-developed OutcomesMiner, a big data analytics platform that is being used by Intermountain, but is also available for use by other healthcare organizations.

Use of the OutcomesMiner tool can assist in research "that aims at answering the hard questions in healthcare - which is 'what works best for patients, and at what cost?'" says Brett Davis, a principle at Deloitte Consulting and manager of its health informatics practice.

Intermountain, based in Salt Lake City, Utah, is using OutcomesMiner with its own electronic health record repository, which has approximately 15 terabytes of data, including over 90 million patient records and data from over 200 systems, including laboratory, pharmaceutical and operations data, says Katherina Holzhauser, Intermountain assistant VP of information systems commercialization.

The tool allows comparative analysis of data to help identify and study "clinical nuances," such as how patient co-morbidities - including diabetes and high blood pressure - could factor into various treatment outcomes, Davis says.

For instance, Intermountain plans to use the new tool for research related to asthma. OutcomesMiner can help researchers examine correlations, such as whether asthma patients with other chronic conditions who take drug A have more emergency room visits compared with a similar population of asthma patients who are being treated with drug B, explains Holzhauser.

Not only is such analysis important for medical research, but also in assisting healthcare organizations and insurers in evaluating pay-for-performance programs, in which insurers and government payers such as Medicare reimburse healthcare providers based on patient outcomes, Davis adds.

Protecting Privacy

But what about privacy?

To protect the privacy of patients, Intermountain's use of OutcomesMiner involves data that is "curated, cleansed and de-identified," meaning relevant data is collected, scrubbed for inaccuracies, and stripped of patient identification elements, says Holzhauser. Professional statisticians are involved with the methodology Intermountain uses to de-identify the data, which also supports the HIPAA privacy rule related to 18 different elements of identification, she says.

Intermountain then de-identifies that data a second time before it is available for collaborative research to ensure that all possible patient identifiers are removed from findings, she says.

If researchers find enough evidence through these correlations - such as discovering a large population of patients who are having adverse outcomes from a particular medication or treatment - patients potentially can give consent to be part of further research, says Davis.

Collaborative Effort

Intermountain announced its partnership with Deloitte in March and just completed its "first pass-through" with OutcomesMiner on a focused data set this month, says Holzhauser. The intention is for internal researchers to leverage the tool particularly for hypothesis creation. "The tool helps us look for areas we might not have seen before, where we're seeing variants between different therapeutic treatments," she explains.

Intermountain is also open to collaborating with other healthcare institutions that also want to be part of various research efforts using OutcomesMiner, says Davis. In addition, independently, healthcare organizations, pharmaceutical firms, life science companies and other medical researchers can also choose to use OutcomesMiner to analyze their own big data sets, he says. In those cases, Deloitte will help those other institutions de-identify their data based on the firm's best practices for de-identifying data, while also taking into account local practices for de-identification, he says.

Deloitte is currently in discussions with other potential partners interested in utilizing the OutcomesMiner technology, he says. "We're looking at teaming up with like-minded healthcare systems."

Previous
26 Senators Question NSA's Tactics
Next
NIST Unveils Draft of Cybersecurity Framework

About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.



Around the Network

Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Why Health Firms Struggle with Cybersecurity Frameworks
Why Health Firms Struggle with Cybersecurity Frameworks
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.