HIPAA Solutions from Privacert

Privacert technologies allow an organization to share personal health information in a form that complies with the data sharing provisions of the Health Insurance Portability and Accountability Act (HIPAA). This is done by first performing a Privacert Risk Assessment on the dataset or data stream to be shared. If the dataset is assessed to be sufficiently de-identified, appropriate HIPAA certifications are available through Privacert. On the other hand, a Privacert Risk Assessment that deems a particular version of a dataset as not being sufficiently de-identified, will often reveal simple manual changes that when implemented will sufficiently de-identify the dataset and thereby make the dataset safe for sharing.

When simple manual changes are not available or adequate, the Privacert Appliance can be used to automatically de-identify the data at the data holder's site, continuously certifying the dataset in real-time. The resulting data retains essential details while also providing scientific assurances of anonymity.

Overview: Data Sharing under HIPAA

If your organization wants to share personal health information, such as:

hospital claims data
physician claims data
insurance claims data
pharmaceutical claims data
lab results
emergency room or hospital records

and your organization is a HIPAA covered entity (hospital, health provider, insurance company, etc.), then Privacert can help you share information under the de-identification provisions of the HIPAA Privacy Rule without becoming liable to HIPAA civil and criminal penalties. We first conduct a Privacert Risk Assessment to determine whether a particular version of your dataset is already eligible for sharing, and if not, to identify vulnerabilities. If your dataset complies with the HIPAA Privacy Rule in accordance to the Privacert compliance model for HIPAA, you will be issued a certificate of HIPAA Privacy Rule compliance. If that version of your dataset does not comply, the Privacert Risk Assessment may reveal simple, manual process changes that will sufficiently anonymize the data. However, if no such changes are available or appropriate for your needs, you can often use the Privacert Appliance remotely, or at your site, to automatically de-identify and certify your dataset in real-time. The Privacert Appliance provides on-going certification while simultaneously allowing more details to remain in the dataset. Below is a schematic overview.

Schematic overview for achieving HIPAA certification from
a Privacert Risk Assessment, with simple changes (if possible),
or by using a Privacert Appliance.


		HIPAA Solutions
		See also HIPAA Risk Assessments HIPAA Certifications Privacert Appliance (Demonstration) Privacert technologies allow an organization to share personal health information in a form that complies with the data sharing provisions of the Health Insurance Portability and Accountability Act (HIPAA). This is done by first performing a Privacert Risk Assessment on the dataset or data stream to be shared. If the dataset is assessed to be sufficiently de-identified, appropriate HIPAA certifications are available through Privacert. On the other hand, a Privacert Risk Assessment that deems a particular version of a dataset as not being sufficiently de-identified, will often reveal simple manual changes that when implemented will sufficiently de-identify the dataset and thereby make the dataset safe for sharing. When simple manual changes are not available or adequate, the Privacert Appliance can be used to automatically de-identify the data at the data holder's site, continuously certifying the dataset in real-time. The resulting data retains essential details while also providing scientific assurances of anonymity. Overview: Data Sharing under HIPAA If your organization wants to share personal health information, such as: hospital claims data physician claims data insurance claims data pharmaceutical claims data lab results emergency room or hospital records and your organization is a HIPAA covered entity (hospital, health provider, insurance company, etc.), then Privacert can help you share information under the de-identification provisions of the HIPAA Privacy Rule without becoming liable to HIPAA civil and criminal penalties. We first conduct a Privacert Risk Assessment to determine whether a particular version of your dataset is already eligible for sharing, and if not, to identify vulnerabilities. If your dataset complies with the HIPAA Privacy Rule in accordance to the Privacert compliance model for HIPAA, you will be issued a certificate of HIPAA Privacy Rule compliance. If that version of your dataset does not comply, the Privacert Risk Assessment may reveal simple, manual process changes that will sufficiently anonymize the data. However, if no such changes are available or appropriate for your needs, you can often use the Privacert Appliance remotely, or at your site, to automatically de-identify and certify your dataset in real-time. The Privacert Appliance provides on-going certification while simultaneously allowing more details to remain in the dataset. Below is a schematic overview. Schematic overview for achieving HIPAA certification from a Privacert Risk Assessment, with simple changes (if possible), or by using a Privacert Appliance. See also HIPAA Risk Assessments HIPAA Certifications Privacert Appliance Related Links The Privacert home page More about our technologies Our company vision Employment and reseller opportunities Contact us
		info@privacert.com


Privacert, Inc.		1420 Centre Ave #1207, Pittsburgh, PA 15219 (412) 201-0680 (412) 201-5408 fax