TrueVault Launches SecureVault Tokenization Engine

TrueVault has launched a new feature of its flagship healthcare HIPAA-compliant data storage solution, SecureVault. A Tokenization Engine has now been incorporated which helps healthcare organizations share healthcare data with a range of different organizations that are not HIPAA-compliant.

Healthcare data is extremely valuable to many companies, but they may not yet be HIPAA-compliant so cannot legally be provided with the data unless it is first stripped of all personal identifiers. Providing healthcare data to those companies without removing personally identifiable information would be a violation of HIPAA Rules.

That is where the Tokenization Engine is of use. When PHI is passed to TrueVault, it includes personally identifiable information, so is subject to HIPAA Rules and it must be protected. The information is stored in SecureVault in a HIPAA-compliant manner.

The Tokenization Engine separates all personally identifiable information from the healthcare data. Once personal identifiers are stripped from protected health information, it ceases to be PHI and is no longer subject to HIPAA Rules. The PII remains securely stored in SecureVault, while the de-identified data can be sent to a non-HIPAA-compliant data warehouse.

If the personally identifiable information is retained, TrueVault assumes all liability for that information. The Tokenization Engine can also delete all personally identifiable information from PHI.

This new feature allows companies access to PHI without first having to become HIPAA-compliant, sign a business associate agreement with a HIPAA-covered entity, and have to accept certain liabilities with respect to the PHI they receive. AI companies can be given access to health behavioral data to train their AI models without having the burden of HIPAA compliance.

By gaining access to this valuable data, many more AI and machine learning companies can be given access to valuable data, which in turn will accelerate the development of valuable healthcare solutions and ensure they come to market in the shortest possible time frame.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.