Data privacy management systems and methods

US 20050065824A1
Filed: 07/15/2004
Published: 03/24/2005
Est. Priority Date: 07/15/2003
Status: Abandoned Application

First Claim

Patent Images

1. A system for pre-processing a healthcare data records file to ensure compliance with privacy regulations governing personally identifiable information in the data fields of the data records, the system comprising:

a secure data processing environment for receiving and processing the data records file;

an application for auditing data fields in the data records to determine a need for encoding information in select data fields in the received data records to mask individual identity;

an encoding tool set disposed in the secure environment to generate encoding parameters for the selected data fields according to the determined need, wherein the encoding tool set comprises standard reference tables relating the individually identifiable information in the select data fields to select encoding parameters; and

an application for replacing the information in the selected data fields in the data records with the corresponding select encoding parameters.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for processing and managing health care data records in a manner, which ensures compliance with privacy regulations governing the presence of personally identifiable information throughout all data management processes of an organization. The systems and methods involve use of a secure preprocessing environment to audit health care data records received from suppliers, to verify compliance and to encode non-compliant data fields in the data records. Encoding parameters that allow longitudinal linkability of the data records by individual are selected to replace personally identifiable information in the non-compliant data fields.

Citations

22 Claims

1. A system for pre-processing a healthcare data records file to ensure compliance with privacy regulations governing personally identifiable information in the data fields of the data records, the system comprising:
- a secure data processing environment for receiving and processing the data records file;
  
  an application for auditing data fields in the data records to determine a need for encoding information in select data fields in the received data records to mask individual identity;
  
  an encoding tool set disposed in the secure environment to generate encoding parameters for the selected data fields according to the determined need, wherein the encoding tool set comprises standard reference tables relating the individually identifiable information in the select data fields to select encoding parameters; and
  
  an application for replacing the information in the selected data fields in the data records with the corresponding select encoding parameters.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The system of claim 1 wherein the select data record fields are data fields protected by HIPAA regulations.
  - 3. The system of claim 1 wherein the select data records fields comprise at least one of patient zip code, patient'"'"'s date of birth, patient'"'"'s age, transaction date, patient ID, and healthcare identifier.
  - 4. The system of claim 1 wherein the select encoding parameters are chosen to allow longitudinal linkability of the data records by individual.
  - 5. The system of claim 1 wherein the encoding tool set further comprises an application for detecting personally identifiable information in non-standard data fields and erasing such personally identifiable information.
  - 6. The system of claim 1 wherein the encoding tool set further comprises an application for detecting non-requested data fields and erasing such data fields.
  - 7. The system of claim 1 wherein the encoding tool set further comprises applications for optionally encoding information in data fields in addition to the selected data fields, wherein the encoding tool set comprises standard reference file relating the information in the additional data fields to select encoding parameters.
  - 8. The system of claim 1 wherein the encoding tool set further comprises applications for updating the standard reference tables in response to new values of individually identifiable information.
  - 9. The system of claim 8 wherein the encoding tool set further comprises applications for auditing the frequency of updating activity.
  - 10. The system of claim 1 wherein the secure data processing environment further comprises an application for auditing privacy regulation compliance of the data fields other than the select data fields for which a need for encoding information has been determined.
  - 11. The system of claim 1 further comprising an application for testing the likelihood that the information in the data fields could reveal the identity of an individual.

12. A method for preprocessing a healthcare data records file to ensure compliance with privacy regulations governing personally identifiable information in the data fields of the data records, the system comprising:
- using a secure data processing environment for receiving and processing the data records file from a data supplier;
  
  auditing data fields in the data records to determine a need for encoding information in select data fields in the received data records to mask individual identity;
  
  using an encoding tool set disposed in the secure environment to generate encoding parameters for the selected data fields according to the determined need, wherein the encoding tool set comprises standard reference tables relating the individually identifiable information to select encoding parameter; and
  
  replacing the information in the selected data fields in the data records with the corresponding select encoding parameters.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 13. The method of claim 12 wherein the select data record fields are data fields protected by HIPAA regulations.
  - 14. The method of claim 12 wherein the select data records fields comprise at least one of patient zip code, patient'"'"'s date of birth, patient'"'"'s age, transaction date, patient ID, and healthcare identifier.
  - 15. The method of claim 12 further comprising choosing the select encoding parameters to enable longitudinal linkability of the data records by individual.
  - 16. The method of claim 12 further comprising checking for the presence of personally identifiable information in non-standard data fields and erasing such personally identifiable information.
  - 17. The method of claim 12 further comprising checking for the presence of non-requested data fields and erasing such data fields.
  - 18. The method of claim 12 further comprising encoding information in optional data fields in addition to the selected data fields and using a standard reference file relating the information in the additional data fields to select encoding parameters.
  - 19. The method of claim 12 further comprising updating the standard reference tables in response to new values of individually identifiable information.
  - 20. The method of claim 19 further comprising auditing the frequency of updating activity.
  - 21. The method of claim 12 further comprising auditing privacy regulation compliance of the data fields other than the select data fields for which a need for encoding information has been determined.
  - 22. The method of claim 12 further comprising testing the likelihood that the information in the data fields could reveal the identity of an individual.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
IMS Software Services Ltd. (IQVIA Holdings, Inc.)
Original Assignee
IMS Software Services Ltd. (IQVIA Holdings, Inc.)
Inventors
Kohan, Mark

Application Number

US10/892,021
Publication Number

US 20050065824A1
Time in Patent Office

Days
Field of Search
US Class Current

705/3
CPC Class Codes

G06Q 10/10 Office automation; Time man...

G16H 10/60 for patient-specific data, ...

Data privacy management systems and methods

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Data privacy management systems and methods

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links