The Department of Health and Human Services’ Office for Civil Rights’ breach portal reveals 2021 was the worst year ever for healthcare data privacy breaches. Nearly 45 million healthcare records containing patients’ protected health information (PHI) were exposed across 686 healthcare breaches. While the number of incidents that occurred increased only 2.4% in 2021, the number of patients affected increased 32%. As healthcare systems, insurance carriers, medical device manufacturers and others create, store and share more sensitive patient data, the amount of data exposed with each breach increases.
Similar to findings in the State of Financial Crime report which show that financial services companies that generate and handle data are hypersensitive to cyberattacks and data privacy breaches, healthcare organizations that collaborate using data are experiencing the same vulnerabilities. As the presence of healthcare data proliferates across mobile devices and cloud networks to accommodate trends such as remote work and telehealth, healthcare data becomes vulnerable to privacy threats, which IT departments may not even be aware of.
The number of attacks against healthcare third-party vendors and business partners increased by 18% compared to 2020. When looking at the top healthcare security breaches of 2021, it’s clear there is a need for healthcare enterprises to dramatically improve the quality of their data privacy practices when collaborating with other healthcare systems, vendors, partners and related entities.
Privacy-Enhancing Computation Allows Secure Collaboration with Partners
Privacy-enhancing computation (PEC) is designed to allow healthcare institutions to collaborate and innovate without giving up proprietary data. PEC solves for a broad range of data challenges and allows institutions to glean insights from data that has historically been inaccessible due to healthcare privacy regulations.
Here are seven examples of how PEC can increase collaboration and innovation despite the increased risk of healthcare data breaches:
- COVID created a need for telemedicine to be more widely used for radiology, increasing the number of reconstruction attacks to infer patient ID based on X-Ray images. Using X-Ray source images from Medical Imaging Centers where patient metadata has been obfuscated, Diagnostic AI Developers will have more quality data for training, making AI algorithm training on X-Rays more secure, more cost efficient and faster.
- By operating algorithms on de-identified data and without the risk of models being reverse engineered, hospitals and others who have developed highly-advanced diagnostics algorithms can license their algorithms for remote diagnostics, without exposing valuable IP.
- Because PEC-based operations enforce the appropriate privacy regulations (HIPAA, GDPR, CCPA, etc.), pharmaceutical companies and drug developers can use genomic data sequences to create life-changing drugs and vaccines.
- Because clinical trial participant data is protected by HIPAA, researchers often are not typically able to analyze or interact with trials until after the trials are completed. Using de-identified, real-time data throughout clinical trials, healthcare enterprises can conduct early indication trial reporting without violating regulations for blind and double-blind studies.
- As biobanks store data that spans across different hospital systems and legal jurisdictions, it can be challenging for companies to compliantly access that data due to differing privacy regulations. With access to a larger amount of diverse patient data from biobanks, pharmaceutical developers can improve their modeling and analysis.
- Using prescription data and sales information from pharmacies with shared customers, hospitals can gain more accurate insight into the medications that patients are actually taking to incorporate in their treatment and wider research.
- Prior to PEC, when combining multiple data types for analysis – including image, text, voice, video and more – data scientists needed to create a machine learning model for each type of data and manually combine those outputs to analyze. PEC allows for collaboration using any type of data, allowing healthcare enterprises to better create and train predictive and generalizable AI models.
TripleBlind has created the most complete and scalable solution for solving use cases and business problems that are ideal for Privacy Enhancing Computation. TripleBlind allows data users to compute on data as they normally would, without having to “see,” copy, or store any data. The TripleBlind solution is software-only, supports all cloud platforms and is delivered via a simple API. It unlocks the intellectual property value of data, while preserving privacy and ensuring compliance with HIPAA and GDPR.
Check out these recent blogs from the TripleBlind team to learn more about how privacy-enhancing computation can benefit the healthcare industry and increase data collaboration opportunities:
- The Ultimate Guide to Healthcare Data Security
- How Is Federated Learning Used in Healthcare?
- Why is Data Privacy in Healthcare so Important?