From Blunt Tools To Risk-based Privacy Techniques

This is the fourth in a five-part blog series focusing on how life sciences companies can establish leadership in the field of real-world evidence.

Increasing leverage of electronic health records (EHRs), imaging systems and social media is delivering groundbreaking patient-centric insight like never before. But as companies seek a deeper understanding of health outcomes via patient-level data, privacy-enhancing capabilities are becoming not only an imperative but also a critical source of leadership. These same capabilities are key to unlocking the full value of real-world evidence (RWE).

In our previous blog posts, we introduced four considerations life sciences companies should keep top of mind when building an RWE ecosystem. We also explored: how better research demands better privacy and how leveraging RWE sophistication can help establish leadership in the industry.

Today’s post focuses on another consideration – making a move from blunt tools to risk-based privacy techniques.

Risk-based methodologies (sometimes known as Expert Determination in the USA) enable de-identified and useful data for healthcare research via statistical techniques that minimize the probability of re-identification. Such techniques, including k-anonymity, have emerged through a large body of academic research and offer particular advantages in privacy protection as follows:

  • Increased quality, utility and agility: Risk-based methods enable more agile approaches, allowing high-risk chronological or geospatial information to be preserved. Dates, for example, can be generalized or aggregated rather than suppressed entirely, or zip codes can be shifted. This not only improves the utility of the data for research but also supports dynamic trade-offs; if geo-analysis is surplus to the research question, such sensitive information can be forsaken and other granular data retained.
  • Global evidence: Internationally respected industry associations, including the Health Information Trust Alliance (HITRUST), Institute of Medicine (IOM), Canadian Council of Academies, European-based PhUSE, and HIPAA regulators, all recommend risk-based methods, ensuring appropriate guidance in a global environment.
  • Application beyond RWE: Risk-based methods bridge the data divide,g., being recommended by the European Medicines Agency (EMA) for clinical trial transparency), enabling companies to take a uniform approach across different data types.

Privacy requirements are many and varied, and an increasing challenge for companies accessing ever growing numbers of diverse datasets. Risk-based approaches enable consistency in governing privacy by allowing the same methodology to be applied systemically across multiple complex scenarios. Companies that establish a holistic information governance framework can advance their RWE strategy with continuous automated flows of RWD, confident that all appropriate privacy measures are in place. They can further be positioned to collaborate with other stakeholders embracing risk-based privacy management, to share data and knowledge as part of a learning health system. This both strengthens their own evidence base and enhances their ability to advance health outcomes at a broader level.

Watch for the next post in our series, which will take a closer look at extended opportunities from privacy leadership in RWE.

Free Webinar: De-Identification 101

Join Privacy Analytics for a high level introduction of de-identification and data masking.
Watch now

Free Download: De-Id 101

You have Successfully Subscribed!