Sharing Data with a Partner for Product Improvements, R&D, and Product Differentiation

Sharing Data with a Partner for Product Improvements, R&D, and Product Differentiation

Client Context

Customer Shares Patient-Level Data with a Partner Company

As a distributor of a medical device produced by a partner company, this large company creates a report each time the device is used for a medical procedure. The report includes patient-level data that the company shares with its partner to be used for product improvements, R&D, and evidence (including metrics) of product differentiation.

Business Problem

Need to Balance Data Utility with Individual Identifiability

The company needs data that is of high-enough utility to be valuable to its partner, yet compliant with the regulatory requirements that the individuals represented by the data are not identifiable.

Solution

Privacy Analytics Performs an Evaluation of Identifiability

To measure the identifiability of the data, we statistically measured how distinguishable individuals represented in the data were in the population.  We also considered contextual factors influencing the likelihood of re-identification, including the:

  • Controls in place to ensure data recipients manage data access and use appropriately;
  • Motives and capacity of data recipients to re-identify the data; and
  • Contractual agreements in place between the company and its partner.

Based on the context and identifiability in the data itself, we developed a tailored anonymization strategy to maximize data utility in consultation with our customer.

Results

Rich Data, Compliant with GDPR and HIPAA Regulations

Privacy Analytics recommended a data anonymization (de-identification) strategy that maximized the value of the data based on how our customer’s partner intended to use it.

Following our recommendations, our customer can confidently share rich reports with its partner company for their product improvements, R&D, and competitive product differentiation. They can be fully confident that patient privacy is protected, with demonstrated compliance under the GDPR and HIPAA.

Learn more about Privacy Analytics’ anonymization services for DICOM.

More Case Studies

Previous
Next

Join the next 5 Safes Data Privacy webinar

This course runs on the 2nd Wednesday of every month, at 11 a.m. ET (45 mins). Click the button to register and select the date that works best for you.