August 3, 2021
Accelerating Healthtech Innovation: Introducing the Healthcare Data Privacy Vault
Some of the most difficult challenges that healthtech companies face today involve the handling of highly sensitive PHI data. How can you build an app that ensures data privacy and security but also lets you use PHI data to provide services and drive health outcomes? How can you ensure that data is available only in the right places, used in the right ways, and shared properly with third-party partners? How can you ensure compliance with all the rules and regulations that govern healthcare data?
Wrestling with these questions has inevitably required lots of time and resources and slowed the pace of healthcare innovation. The most common approach to these challenges involves using fragmented security tools and processes that each introduce new complexities and only make the problem worse. They result in complex systems that are difficult to maintain and difficult to secure.
There is a better way. Today, we’re pleased to announce the Skyflow Healthcare Data Privacy Vault, delivered as an easy-to-implement API. It is built around sophisticated privacy-preserving technology and is also designed to allow the secure use of sensitive PHI data across systems and downstream applications. It can help healthtech companies — and the healthcare industry in general — to build better apps and systems more quickly, enable the highest levels of data privacy and security, and ensure compliance with HIPAA, HITRUST, GDPR, and other regulations.
The Data Privacy Vault Approach
Skyflow’s vault approach enables all types of health companies to build their workflows without the hindrance of privacy or security concerns. So, whether you are a direct-to-consumer care provider for mental health or diabetes, insurance provider, or even a clinical trials provider, you can build applications and solutions with a vault to collect, store, use, share, and analyze secured PHI with ease.
Skyflow’s API-first platform supports developer-friendly interfaces via REST, SQL, gRPC, CLI, and language-specific SDKs and components (iOS(Swift), Android (Kotlin), Angular, JS, and React). It also supports a web app, Skyflow Studio, for sensitive data management and analytics. Here are the key elements of the vault that help make this happen:
- Built for an evolving compliance landscape: Skyflow removes the compliance burden (SOC2, HIPAA, GDPR, CCPA, HITRUST) and adapts to the continually changing global compliance landscape of rules and regulations.
- HIPAA-ready, workflow ready, privacy-preserving: Our pre-built healthcare vault schema helps you to get started quickly, while the Skyflow platform lets you extend this schema or build your own using our custom schema builder. The custom schema builder provides you with secure Skyflow data types specific to the the 18 HIPAA identifiers. These data types come preconfigured with security settings like encryption, tokenization (random, format-preserving, token by value), redaction, masking, and encrypted operations; all configured according to a given field’s HIPAA identifier type.
- Fine-grained data governance: Skyflow’s unique governance engine simplifies data sharing with an expression language to provide fine-grained control over data access. It lets you enforce fine-grained, event-driven, and condition-based policies by combining policy-based access control (PBAC) over your vault, which gives you the ease of role-based access control (RBAC), with the granularity of attribute-based access control (ABAC) across different users and systems. You can control which data partners have access to, for which purposes, and in what format. You can also audit, track, and verify every access request made to the vault to ensure that only authorized entities access sensitive data. Additionally, the combination of policies and configuration of vault fields help to de-identify data, ensuring that there is no leakage when performing key healthcare/healthtech analyses.
- Built to empower developers: With an API-first approach, secure SDKs (Client-side: iOS(Swift), Android (Kotlin), Angular, JS, and React) and components, and the ability to provide an intercept gateway, Healthcare Vault can easily fit into any architecture so you can preserve the privacy and security of your mission-critical sensitive data.
How to Learn More
Skyflow’s Healthcare Data Privacy Vault is available to customers today. To learn more, check out our upcoming webinar, “The Healthtech Innovator’s Guide to Data Privacy, Security, and Compliance.” To talk to a salesperson and get a demo, sign up here.