Enveil CEO Ellison Anne Williams writes about the important role Privacy Enhancing Technologies (PETs) can play in enabling better collaboration in the healthcare arena and highlights three use cases where PETs can provide value today.
Public health breakthroughs rarely happen in a silo. Researchers crave access to any and every piece of relevant data available, especially in the midst of a pandemic. Access to real-time data from disparate, global sources can help public health officials advance critical decisions when every moment counts. However, securing access to this broader data landscape is not without its pitfalls. The sensitivities associated with these assets dictate that additional access cannot come at the expense of privacy and security.
While discussions on data sharing have been taking place in the health care industry for years, Covid-19 has notably advanced the conversation, especially as it pertains to sharing sensitive information on a global scale. Viruses know no borders, and the pandemic has made it clear that we need to be able to share public health data quickly and efficiently without tearing down the existing regulatory frameworks put in place to protect the privacy of the individual. Although as U.K. health secretary Matt Hancock said at a recent Founders Forum Health Tech Summit, there is also risk in letting privacy and security be a roadblock to progress: "We are absolutely rigorous about the needs of privacy but we mustn't let that get in the way of innovation that can improve people's lives. We must do both — allow for innovation of the data and allow for the highest quality of privacy and cybersecurity."
This search for balance is increasingly leading toward the use of privacy-enhancing technologies (PETs), which includes such technologies as homomorphic encryption, secure multiparty computation, trusted execution environments and differential privacy. While the category label — and the technologies themselves — are not new, PETs are gaining recognition for their transformational ability to enable and preserve data privacy throughout its processing life cycle. They allow data to be searched, shared and analyzed in a decentralized manner without compromising personally identifiable information (PII), protected health information (PHI), intellectual property or other sensitive indicators. This makes PETs uniquely equipped to overcome many of the access, regulatory and technical barriers that restrict the sharing of health care-related data today.
While PETs can deliver a broad range of business-enabling capabilities, it is important to understand and evaluate the differences between the technologies within the category. When determining which PETs technology is the best fit, organizations should start by considering the specific requirements of their use case (participants, data type, compute resources, results targeted) and the level of security their data assets require, as well as technology's ability to integrate with existing infrastructure.
By protecting data while it's being used or processed without requiring data to be pooled or moved from its point of origin/jurisdiction, PETs have the potential to serve as a key driver of data collaboration efforts in the healthcare arena, which commonly involve regulated or sensitive third-party data assets. How exactly would a PETs-led effort help public health leaders and global organizations achieve better collaboration? Here are three use cases where PETs could deliver real value for health care today.
Public Health Readiness
Health care professionals, public health officials, researchers and private sector partners rely on access to patient data in order to ensure they are prepared to combat public health challenges. PETs enable these critical parties to securely search, collaborate and derive insights from disparate third-party data assets without disclosing the search's content or putting the security of the underlying data in jeopardy. By enabling data to be securely searched across multiple architectures, repositories and security domains, PETs allow analysts at medical facilities and mobile testing sites to securely query sensitive patient and/or health data no matter where that data may reside. These secure data collaboration capabilities can increase efficiency and improve outcomes by providing an enhanced understanding of risk, ultimately allowing public health officials to make faster, better-informed decisions.
PETs can extend the boundary of trusted compute to third-party data locations, such as a commercial cloud environment, allowing sensitive operations to be securely performed on biomedical research data. Researchers and public health officials can search or analyze decentralized vaccine and treatment research data while safeguarding patient privacy and sensitive medical indicators throughout the collaboration effort. Using PETs, researchers can work together across organizational and privacy boundaries while still respecting regulatory barriers. This could allow them to access publicly available, commercial and government-held datasets while protecting their own sensitive interests and intellectual property.
Health Care Supply Chain
PETs can protect and enhance the operational value of the medical supply chain by enabling secure federated queries of medical supply inventories across third-party providers. When used by logistics providers, PETs enable medical resource teams and health care workers to securely and privately search and cross-match information from commercial supply chains. The technology can be integrated into existing workflows and deployed across various medical supply chain providers to enable broader clarity into gaps. By ensuring sensitive data remains protected during third-party interactions, PETs help ensure the integrity of health care providers' operational security.
Privacy-enhancing technologies are transformational in their ability to enable secure and meaningful access to PHI, PII, IP, and other sensitive health care information in an efficient, practical and decentralized capacity that is not otherwise possible. These innovative, collaboration-enabling technologies safeguard sensitive data without prohibiting organizations from performing the important search, sharing and analysis necessary to support critical activities such as vaccine and treatment research. PETs can facilitate collaboration while allowing sensitive/protected resident data to remain under the control of its respective country or jurisdiction as required by privacy regulations. By giving public health officials access to data collected and generated by health care workers and researchers around the globe, PETs can enable collaborative health care efforts with the potential to benefit us all.
Read the full article at Forbes.