HIPAA-CERTIFIED DE-ID ENGINE

Maintain Complete Control Of Your Data.

You choose who can access to your data and for what purpose.

Protect Patient Privacy

While Retaining More Data

Privacy concerns are increasing as healthcare data grows faster than ever from an increasing array of sources including claims, clinical, hospital, and research. At the same time, healthcare leaders understand the virtually unlimited value of patient-level data.

MSA balances data privacy and quality by providing a standardized de-identification methodology across data sources and data sets, across the enterprise, and across collaborative networks. Our HIPAA-compliant, patented de-id technology replaces PHI with one or more encrypted, irreversible tokens that allow the sharing of health data without revealing the underlying patient information.

MSA’s best practice approach creates a de-identified data set, enabling patient-level analytics and/or longitudinal alignment of the patient data across multiple data sources.

MSA anonymously links multiple disparate patient-level data sets, providing a comprehensive view of the patient journey.

Simple, Safe, and Cost-Effective

MSA’s state-of-the-art DE-ID Engine performs two functions:

1. De-identification of the data set (including removing, encrypting, and obfuscating patient information) and,

2. Insertion of encrypted patient tokens, which are used to link matching individual records across different data sets.

MSA has a proven record of generating reliable, trust-worthy, site-specific tokens.

The MSA DE-ID Engine can be configured to:

Work with any data layout and almost any file type

Handle any set of client-defined de-identification rules

Create one or more patient tokens comprised of patient identifiers consistently available in the raw PHI data sets

An example token strategy is to create a token using the first name, last name, and date of birth fields. All other patient identifiers in the data set are de-identified using encryption or obfuscation processes as required by the Expert Determination statistical certification. The result: a de-identified data set ready for patient level analytics and longitudinal patient alignment, and to be shared within and outside the organization.

The MSA DE-ID Engine uses personal, identifiable information

to assign a unique token identifier to each patient and includes lots of unique features

Flexible Deployment

Deployed within data provider environment, MSA HIPAA-certified HITRUST environment, or client environment

Data Cleaning

Robust data cleansing process is performed prior to de-identification

Patient Tokens

One or more patient non-reversible linking tokens is created based on combinations of PHI data

Non-Patient Token Data

Data encryption and/or obfuscation of non-patient token fields as required by HIPAA Data Certification or Safe Harbor

Token Quality

Token byte maps measure the quality of the token data

Multi-Layered Encryption

Multi-layered encryption designed to prevent data dictionary and other security attacks

THE INS AND OUTS OF THE DE-ID PROCESS

Delimited or Fixed-Length Flat Files, With or Without Segments

INPUT REMOVED ENCRYPTED OR OBFUSCATED PASSED THROUGH
PHI DATA: First Name
PHI DATA: Last Name
PHI DATA: Date of Birth
ANCILLARY PATIENT MATCHING FIELD: Patient Gender
ANCILLARY PATIENT MATCHING FIELD: Patient Zip
ADDITIONAL FIELD: RX Number
ADDITIONAL FIELD: Date of Service
ADDITIONAL FIELD: Time Stamp