TripleBlind to Highlight Business Benefits of Enhanced Data Sharing and Collaboration at Upcoming Industry Events

KANSAS CITY, MO., July 29, 2021TripleBlind announced today several upcoming events where the company will highlight new revenue opportunities made possible by increased data sharing and collaboration, while automatically enforcing regulatory standards such as HIPAA and GDPR. TripleBlind’s next generation cryptographic technology enables companies to share sensitive data without that data ever leaving the company’s firewall, and only allowing the data user to perform operations specifically authorized by the data provider. 

 

TripleBlind will participate in these upcoming events:

  • HIMSS Conference, August 9-13, to be held at Venetian-Sands Expo Center, Caesars Forum Conference Center and Wynn in Las Vegas. TripleBlind co-founder and CEO Riddhiman Das will present on the topic, Unlocking Data Platforms and Marketplaces, on Wednesday, August 11 from 2:15-2:35 p.m. and TripleBlind will exhibit in the Sands Expo Center, level 2, booth #7710. To schedule a meeting with TripleBlind during HIMSS, reach out to gaurav@tripleblind.ai. Click here to register.
  • Overcoming Privacy Hurdles: Approaches for Challenges in Data Sharing, Wednesday, August 25 at 12 p.m. CT. This webinar will focus on the opportunities created by enhanced data sharing while enforcing privacy standards such as GDPR and HIPAA. It will include Elizabeth Harding, shareholder at IP law firm Polsinelli, Fatima Khan, senior corporate counsel, privacy and product at leading independent identity provider Okta and Riddhiman Das, co-founder and CEO at TripleBlind. Click here to register.

 

About TripleBlind
TripleBlind’s patented breakthroughs in advanced mathematics arm organizations with the ability to share, leverage and monetize regulated data, such as PII and PHI, and mission-critical enterprise data, such as tax returns and banking transactions. It unlocks the estimated 105 petabytes of data stored by enterprises today that are inaccessible and unmonetized due to privacy concerns and regulations. With TripleBlind, decision-makers generate new revenue for their organizations by gaining deeper insights faster, creating improved modeling and analysis, and collaborating more effectively with customers and partners and even competitors, while enabling enterprises to enforce today’s regulatory standards, such as HIPAA, GDPR and PDPA. 

For more information, please visit tripleblind.ai

 

U.S. Media Contact:

Victoria Guimarin
UPRAISE Marketing + Public Relations for TripleBlind
tripleblind@upraisepr.com
415.397.7600

 

European Media Contact:

Kamyar Naficy
KNECTCOMMS for TripleBlind
kn@knectcomms.com
+44(0)7453 323 367

Secure and Private Compute Summit

TripleBlind: A Supplemental Solution to Confidential Compute and Secure Enclaves

The data ecosystem is broken. In the current market, if Company A wants to share data with Company B, it has to decrypt it, send it over the internet and then once received, Company B has to replicate it for use. Decrypting and duplicating data comes with multiple risks, including:

  • Company A cannot put any restrictions on the use of the data, 
  • Both companies face liability concerns,
  • Both companies are subjected to expensive and time-consuming contracts and negotiations,
  • And, both companies are trusting that the data will be used in a way that adheres to the Terms of Use.

Right now, the most popular solution to minimize risk for both companies A and B are secure enclaves. Secure enclaves enable confidential computing, a process that ensures different programs running on the same machine or cloud server cannot access one another’s memory, keeping data in use private. Secure enclaves act as a black box, keeping the data stored separately from other machine processes; subsequently protecting all of the data and code inside the enclave. However, secure enclaves have limitations. 

Secure enclaves store data on a public cloud, which solves issues related to keeping data safe from company employees and third-party vendors with access to the same physical hardware. With secure enclaves in place, the possibility of an intentional or unintentional breach is minimized. However, they do not solve privacy challenges from regulations like HIPAA, GDPR and other government regulations. Even with secure enclaves, the path to regulatory compliance is costly and strenuous. 

For instance, if a medical research lab wants to share patient data with a drug manufacturer using only secure enclaves, to be HIPAA compliant, the research lab has to remove the 18 PHI identifiers and be anonymized, consult third-party analysts, establish legal terms, negotiate BAA and good faith adherence to terms. Each of those steps cost money, with the last step putting the data at risk of abuse.

 

Secure Enclaves Do Not Solve Data Privacy Issues on Their Own; TripleBlind Does

As stated above, secure enclaves have been an effective solution for protecting data, but they are limited due to the fact that both the data and algorithm must be in the same physical location. TripleBlind does not have those same constraints. With TripleBlind, enterprises are not restricted by the physical location of their data or algorithm. 

By itself, confidential compute is expensive, time intensive and complex. Pairing it with TripleBlind’s Blind Data Utilization Toolbox, simplifies data regulation compliance and eliminates much of the work and cost associated with achieving data de-identification. 

 

By itself, TripleBlind can ensure compliance with any data privacy law or regulation. When combined with secure enclaves, TripleBlind creates a thorough approach to ensure sensitive data is never accessible by unauthorized users, programs, applications or companies at any stage of the data lifecycle.

 

Comparison of TripleBlind and Secure Enclaves

TripleBlind Secure Enclaves / Confidential Compute
Does not require movement of data residing in multiple locations or countries Requires data to be compiled in one place
Real time data de-identification with Blind De-Identification  No de-identification; requires manual anonymization and tokenization
Allows for easy aggregation of data from multiple sources while enforcing regulations Requires a great deal of paperwork, BAA, resources, and time
Enables data operations to occur across the world from anywhere  Does not allow operations on European data to take place from the US
Allows for keeping the raw data in the country during operations  Data must be moved so that the algorithm and the data reside on the

same server

Brings digital rights to the data – enforce any regulation into the rights that govern the data Does not enable digital rights on the data; trusted-but-curious parties can still access raw data
Easy to use via simple API  Difficult to use – requires complex lower level operations
Blind Learning protects training data leakage from the trained model  No model protection – training data leakage is still possible
Data residency compliant because raw data stays local  Does not solve data residency issues since data needs to be compiled

in one place

Keeps algorithm intellectual property secure  Algorithm can be susceptible to reverse-engineering of intellectual property & training data
Eliminates the need for data sharing agreements  Data sharing agreements are a necessity for this approach
Reduces liability for receiver of data  Even if best practices are followed, the receiver of the data has the raw data which still could be exposed
Reduces liability for sender of data  Sender of data cannot control how the receiver uses it, takes on a lot of risk
Does not address shared hardware compute concerns on public cloud  Specifically addresses shared hardware compute privacy needs on the public cloud
Enforces permissions on how the data can be used  Does not enforce permissions on how the data can be used
Maintains an auditable log of every operation done to every piece of data  Does not keep a auditable log of data operations
Does not require tokenization of data – works with unstructured (untokenizable) data Requires tokenization of data – not feasible 

with unstructured data

No limitations on operations on the data, as long as they are permissible  Accessing the GPU is difficult – training Neural Networks is a challenge
All software (no hardware dependencies) – vulnerabilities can be updated with a software patch All hardware – vulnerabilities are well known and take years to patch

Secure enclaves on their own are not enough to solve data privacy regulatory issues. Contact us today at contact@tripleblind.ai to learn about how TripleBlind provides enterprise data privacy unbounded by the physical location of the data or the algorithm.