HIPAA Solutions from Privacert

Privacert technologies allow an organization to share personal health information in a form that complies with the data sharing provisions of the Health Insurance Portability and Accountability Act (HIPAA). This is done by first performing a Privacert Risk Assessment on the dataset or data stream to be shared. If the dataset is assessed to be sufficiently de-identified, appropriate HIPAA certifications are available. On the other hand, a Privacert Risk Assessment that deems a particular version of a dataset as not being sufficiently de-identified, will often reveal simple manual changes that when implemented will sufficiently de-identify the dataset and thereby make the dataset safe for sharing.

Overview: Data Sharing under HIPAA

If your organization wants to share personal health information, such as:

hospital claims data
physician claims data
insurance claims data
pharmaceutical claims data
lab results
emergency room or hospital records

and your organization is a HIPAA covered entity (hospital, health provider, insurance company, etc.), then Privacert can help you share information under the de-identification provisions of the HIPAA Privacy Rule without becoming liable to HIPAA civil and criminal penalties. We first conduct a Privacert Risk Assessment to determine whether a particular version of your dataset is already eligible for sharing, and if not, to identify vulnerabilities. If your dataset complies with the HIPAA Privacy Rule in accordance to the Privacert compliance model for HIPAA, you will be issued a certificate of HIPAA Privacy Rule compliance. If that version of your dataset does not comply, the Privacert Risk Assessment usually reveals simple, manual process changes that will sufficiently anonymize the data. Below is a schematic overview.

Schematic overview for achieving HIPAA certification from
a Privacert Risk Assessment, with simple changes (if needed).


		HIPAA Solutions
		Privacert technologies allow an organization to share personal health information in a form that complies with the data sharing provisions of the Health Insurance Portability and Accountability Act (HIPAA). This is done by first performing a Privacert Risk Assessment on the dataset or data stream to be shared. If the dataset is assessed to be sufficiently de-identified, appropriate HIPAA certifications are available. On the other hand, a Privacert Risk Assessment that deems a particular version of a dataset as not being sufficiently de-identified, will often reveal simple manual changes that when implemented will sufficiently de-identify the dataset and thereby make the dataset safe for sharing. Overview: Data Sharing under HIPAA If your organization wants to share personal health information, such as: hospital claims data physician claims data insurance claims data pharmaceutical claims data lab results emergency room or hospital records and your organization is a HIPAA covered entity (hospital, health provider, insurance company, etc.), then Privacert can help you share information under the de-identification provisions of the HIPAA Privacy Rule without becoming liable to HIPAA civil and criminal penalties. We first conduct a Privacert Risk Assessment to determine whether a particular version of your dataset is already eligible for sharing, and if not, to identify vulnerabilities. If your dataset complies with the HIPAA Privacy Rule in accordance to the Privacert compliance model for HIPAA, you will be issued a certificate of HIPAA Privacy Rule compliance. If that version of your dataset does not comply, the Privacert Risk Assessment usually reveals simple, manual process changes that will sufficiently anonymize the data. Below is a schematic overview. Schematic overview for achieving HIPAA certification from a Privacert Risk Assessment, with simple changes (if needed).
		info@privacert.com


Privacert		Offices of Dr. Sweeney, 64 Linnaean St, Cambridge, MA 02138