Exchange data with external parties in a secure and controlled way: one central solution for all your projects

Safe data exchange

Healthcare organisations produce large amounts of data every day. As the terabytes of available information accumulate, there is a growing parallel need to leverage data for various purposes: to provide better patient care, support healthcare policy, advance clinical research, speed up diagnoses, enable efficient collaboration between healthcare institutions, and so on.

This means that healthcare organisations are increasingly called upon to share data securely with external parties: other healthcare organisations in the network, patients, the government or commercial partners such as pharmaceutical companies, AI providers and health apps.

Dealing with sensitive patient data

Safely exchanging medical information is complex, and requires both attention and care:

  • Patient data is scattered across a multitude of sources. Furthermore, there are many different data types and formats, such as structured versus unstructured data. Each requires a separate approach.
  • Working with sensitive patient information makes it even more important that you only share the data that is strictly necessary, and ensure this data doesn’t end up in the wrong hands. Diagnosis or treatment (primary use of the data) generally involves sharing different data than scientific research, for example, where there is no impact for the concerned patient (secondary use of the data).
  • You must take the necessary precautions for patient privacy and information security. This includes being able to monitor and demonstrate the processes you have set up for this purpose.
  • The applicable laws and regulations, aimed at closing the loopholes, are subject to changes. As a healthcare organisation, you need to be able to adapt to such changes smoothly.

Modular solution for different scenarios

ouvrir-des-donnéesCare organisations today still often choose to handle every data access project on an ad hoc basis, but this requires a lot of time and effort. As more projects come along, the efforts required will only increase, while resources will remain limited.

Building on our existing interoperability and process automation solutions, we have developed a comprehensive data access solution that allows you to streamline all kinds of projects.

You can set up these projects and share data in HL7, FHIR or another format, quickly and systematically. You may, for instance, make unstructured or structured information available in a standardised way to AI services or NLP platforms, which in turn analyse or code the data.

Our modular solution comprises a (1) governance component, (2) de-identification and pseudonymisation module, and (3) FHIR Station.

1/ Governance:

This module allows you to define granularly, automate and document the entire governance process for each project. All in accordance with your hospital’s security protocols.

  • Which data will you share, and with which parties?
  • How will you provide the data?
  • What is the approval flow and who is involved (DPO, legal department, ethics committee, etc.)? What tasks will you assign to which role?
  • How will you deal with changes during the process?
  • How will you check the quality of the data you share?

2/ De-identification and pseudonymisation:

Whether you work with structured datasets (DICOM, CSV files, etc.) or unstructured datasets (reports with medical findings, etc.), you don’t want patient privacy to ever be compromised. We provide solid algorithms that allow you to de-identify and pseudonymise data with ease.

  • De-identification:
    Based on pattern recognition, patients’ identifiers are removed from the files you share.
  • Pseudonymisation:
    If the possibility for re-identification is required, you can pseudonymise the data. The data is then linked to a unique code that can only be traced back to the patient by authorised users under strict conditions.
    This pseudonymisation is configurable to your requirements: for example, you can use the same pseudo numbers for all projects of the same supplier, or create different pseudo numbers for each new project.

3/ FHIR Station

FHIR is a new standard for the exchange of medical information, and is gaining ground at lightning speed. The low-threshold use of existing web technology enables in particular opportunities for mobile apps and other internet applications for patients and healthcare providers. The Belgian government is firmly committed to FHIR, and has asked that this standard be used for, amongst other things, the exchange of laboratory results and referrals.

  • With the FHIR Station, you have a central point of access to open your healthcare organisation’s various data sources to FHIR-supporting applications and services.
  • The intuitive interface enables authorised users to granularly define what data is shared. For example, you can make specific patient data linked to hospital admissions available for a defined period of time.
  • Every interaction with the FHIR Station is carefully logged in a central audit component. For all incoming and outgoing data streams, you can trace who accessed what patient-sensitive information, why, and how. If unusual behaviour is detected, you can quickly intervene.

>> More about the FHIR Station