FAIL (the browser should render some flash content, not this).

Here are some questions that we get all the time:

Q: What is it exactly that your solution offers?

A: Healthcare providers have data flowing around their network.  These providers allow Bionymity to capture this data in real time, de-identify and pseudonymize this data and send it to our cloud-based database.  Then, we make this data available to researchers, public health stakeholders and other interested parties.

Q: What do you mean de-identify the data?

A: Before healthcare data can be used for research purposes, anything that can identify the patient needs to be removed or altered.  Specifically, there are some markers that need to be removed or altered for the data to not be subject to the HIPAA Privacy Rule.  Here is what we remove or alter:

•  Names (individual, employer, relatives, etc.)
•  Address (street, city, county, precinct, zip code – initial 3 digits if geographic unit contains less than 20,000 people, or any other geographical codes)
•  Telephone and Fax numbers
•  Social Security numbers
•  Dates (except for years)
•  Birth date
•  Admission date
•  Discharge date
•  Date of Death
•  Ages >89 and all elements of dates indicative of such age (except that such age and elements may be aggregated into a category “Age >90”)
•  E-mail addresses
•  Health Plan Beneficiary numbers
•  Account numbers
•  Certificate/license numbers
•  Vehicle Identifiers and Serial Numbers (e.g., VINs, license plate numbers)
•  Device Identifiers and Serial Numbers
•  Web Universal Resource Locators (URLs)
•  Internet Protocol (IP) address numbers
•  Biometric Identifiers (e.g., finger or voice prints)
•  Full face photographic images and any comparable images
•  Any other unique identifying number, characteristic, or code
 

Q: What does it mean to pseudonymize the data?

A: Each provider has their own Bionymity Provider Appliance (BPA) onsite de-identifying data and sending it to Bionymity's database.  Despite the fact that these appliances don't talk to each, either directly or though Bionymity's network, they will each create the same "fake name" when the same individual (e.g. John Doe) visits that healthcare provider.  This feature of the Bionymity Provider Appliance allows us to correlate data for the same patient from multiple healthcare providers. 

Q: What good is the data if you take out all those items?

A: All of the clinical data is still there; medicines (prescribed or given), lab results, procedures, chief complaints, diagnoses, allergies, and much, much more.

Q: Well, what good is finding patients who meet the eligibility requirements for clinical trials if we don't know who they are?

A: Though you don't know who they are (nor do we), we embed a "re-identifier" that only the original healthcare provider can use to re-identify the patient.  So, you find the eligible patients and tag them, then our system sends the re-identifier back to the provider so they know who they are.

Q: Is your system secure?

A: Absolutely.  Though data is passing through the Bionymity Provider Appliance at each provider's site, no data is stored on the appliance.  They are just used to de-identify and pseudonymize the data before the data is sent to us.  Before the data leaves the healthcare provider, all of the personal information has been removed.  Even though there is no personal data in our database, we protect our data from unauthorized access using the best methods available just like any other company.