Secure data access for external parties

With our solutions for de-identification & pseudonymisation, governance, and FHIR Station you can set up all kinds of data access projects, quickly and safely.

New technologies are creating unprecedented opportunities in healthcare, helping to speed up the development of more targeted medicines, to make diagnoses, to optimise clinical care paths, and much more. But to reap the benefits, enormous amounts of clinical data must be collected and exchanged.

Governments also need more and more data, to develop coherent health policies. And there are numerous situations in which hospitals must provide data to external parties, including other healthcare institutions and patients.

This personal, patient data is highly sensitive, so it is critical to avoid any problems related to privacy or data security. De-identification and pseudonymisation can be key techniques for reducing the risks.

Let us handle it

Building on our existing interoperability and process automation solutions, we have developed a comprehensive data access solution that allows you to set up all kinds of projects quickly and safely, with less time and effort.

This modular solution consists of various components.

Governance:

Outline, automate and document the governance process for each project.
- What data will you share, and with whom?
- How will you provide the data?
- What is the approval flow?
- How do you check the quality of the data you send? Etc.
De-identification & pseudonymisation:

Remove patient identifiers from the data you share, with minimal effort.

If the possibility for re-identification is required, you can link the data to a unique code that can only be traced back to the patient by authorised users under strict conditions.
- Configurable to your requirements
- For both structured and non-structured data (medical reports, DICOM data, csv files, etc.)
FHIR Station:

Unlock various data sources for applications that support FHIR from a single, centralised point of contact.
- Clear interface that lets you granularly define which data you share.
- Centralised audit component for all incoming and outgoing data flows.
More about FHIR Station

Frequently asked questions

Which application areas can Amaron solutions support?

We offer interfaces for a wide variety of applications:

Application area	Type patiëntendata	Uitwisseling met
Scientific research/ Clinical studies	Anonymised data	Registries such HealthData.be and the Belgian Cancer Register Pharmaceutical industry
Diagnostics (AI) and data exploitation	Pseudonymised data	Suppliers of AI services, such as HeartFlow, Icometrix, Zimmer, LynxCare, Awell, IQVIA, Cascador etc.
Making data (administrative and medical) centrally available to: the government other care providers (hospitals, laboratories, general practitioners, home care, etc.) suppliers of healthcare applications	Relevant data by name	ehealth platforms, such as the eHealth initiative of the Belgian Government (eBirth, Recip-e, etc.), COVID platforms, etc. Hospital care portal
Communication with patients	Relevant data by name	Patient portal PREM & PROM Health apps

Which components does the Amaron solution provide?

De-identification:
With our algorithms, you can quickly and securely de-identify patient data, then export it to government agencies, pharmaceutical companies or other organisations that use it for scientific research.
Pseudonymisation:
Our robust algorithms enable you to pseudonymise structured and unstructured data with minimal effort. Importantly, patients can receive a different pseudo-ID for each external party. This prevents data from being linked in the event of a data leak.
In addition to an API, we also provide a screen (UI) that the physician or another party can use to search for a patient with a pseudo-ID, in order to provide additional information to the external party.
Governance:
In addition to the actual data de-identification and pseudonymisation, we can also set up a governance layer, including the approval of the hospital’s Ethics Committee or DPO, to streamline data exchange. This service comes with an easy-to-use user interface.
Interfaces with external parties:
We can establish an interface for each external vendor, government organisation (eHealth) or other party, using web services.
FHIR Station:
Our FHIR Station gives you a centralised point of contact for unlocking various data sources within your healthcare organisation, for applications and services that support FHIR. Your organisation is prepared for the data exchanges of the future.
Connectivity across hospital systems:
You can also turn to us to connect the various sub-systems within your hospital (HIS, EPR, RIS, LIS, PACS etc.).

What is the difference between anonymised and pseudonymised data?

In the care sector, medical research relies on anonymous data. This data is also used as statistical input for developing healthcare policies. A typical example of this is the anonymised data that the Belgian healthcare institutions provide to Sciensano/Healthdata for epidemiological monitoring.

When you anonymise data, it is no longer possible to trace the person who is the source of the data. However, there is still some risk of identification. For example, it would not be difficult to use the date of birth of a 100-year-old patient to uncover their identity.

Combining two (or more) data sets may create some risk of identification. It is always good practice to carefully consider, in advance, which and how much data you will exchange, even if it is anonymised.

In certain situations, however, you may need to make data available to a third party, but then want to enable re-identification afterwards under strict conditions. Here, anonymisation is not an option.

One example could be radiology images that you have analysed in the cloud using an AI algorithm for triage or other purposes. Or an external algorithm that uses patient data to calculate which components are needed to perform a knee replacement. Or text and unstructured reports that you make available to a software application that processes and analyses the data in order to optimise care paths.

In order to share medical data safely and responsibly in such situations, you can pseudonymise it. This security measure involves deleting any personal data that can be traced back to the patient (name, date of birth, patient number, etc.) and/or replacing it. For example, you might replace date of birth with age, and municipality with region. The data is then linked to a code that can only be used in the hospital to identify the patient.

How does Amaron help hospitals to share data?

Amaron is the market leader and a trusted partner in Belgium in the field of connectivity between various subsystems within hospitals. For example, electronic patient records that retrieve information about patient movements and appointments from the hospital information system, or that exchange orders and results with laboratory information and medical imaging platforms etc. In the Netherlands and France too, more and more hospitals and service providers in the healthcare sector are seeing the advantages of Amaron.

Everything under control!

EFFICIENT:

A single, centralised modular solution for all your projects.

SOUND:

You build on your existing architecture, so the investment is quickly recouped.

FAST:

New projects are easy and quick to set up, so you save a lot of time.

SECURE

Patient privacy is respected at all times when processing sensitive personal data.

COMPLIANT

All steps taken in the governance process are documented and demonstrable.
You also have a detailed picture of which data have been accessed when, and by whom.

“We have created a building block that can be reused for different cases, which can save a lot of time. But the solution is also much more secure, and we can use a unique pseudonym for each service without any extra work. As a result, different exports can never be linked to each other.”

Goedele Antonissen, IT director OLV Hospital