Accelerating Healthtech Innovation: Introducing the Healthcare Data Privacy Vault

Some of the most difficult challenges healthtech companies face today involve the handling of highly sensitive PHI data. How can you build an app that ensures data privacy and security but also allows that PHI data to be used to provide services and drive health outcomes? How can you ensure data is available only in the right places, used in the right ways, and shared properly with third-party partners? How can you ensure compliance with all the rules and regulations that govern healthcare data?

Wrestling with these has inevitably required lots of time and resources and slowed healthcare innovation. The most common approach to these challenges involves using fragmented security tools and processes that only make the problem worse. They result in complex systems that are difficult to maintain and difficult to secure.

There is a better way. Today, we announce the Skyflow Healthcare Data Privacy Vault, delivered as an easy-to-implement API. It is built around sophisticated privacy-preserving technology and is also designed to allow the secure use of sensitive PHI data across systems and downstream applications. It can help healthtech companies and the healthcare industry in general build better apps and systems more quickly, enable the highest levels of data privacy and security, and ensure compliance with HIPAA, HITRUST, GDPR, and other regulations.

The Data Privacy Vault Approach

Skyflow’s vault approach enables health companies of all types to build their workflows without any privacy or security concerns; whether it's direct-to-consumer care providers for mental health or diabetes, insurance providers, or even clinical trials providers, they can build applications and solutions with a vault to collect, store, use, share, and analyze secured PHI with ease.

Skyflow’s API-first platform supports developer-friendly interfaces via REST, SQL, gRPC, CLI, and language-specific SDKs and components (iOS(Swift), Android (Kotlin), Angular, JS, and React). It also supports a web app, Skyflow Studio, for sensitive data management and analytics. Here are the key elements of the vault that help make this happen:

  1. Skyflow removes the compliance burden (SOC2, HIPAA, GDPR, CCPA, HITRUST) and adapts to the continually changing compliance rules and regulations globally.
  2. Our pre-built healthcare vault schema allows you to get started quickly, while the platform enables you to extend the schema or build your own using our custom schema builder. The custom schema builder provides you with secure Skyflow data types that come preconfigured with security settings covering the HIPAA 18 fields, including encryption, tokenization (random, format-preserving, token by value), redaction, masking, and encrypted operations based on the field type.


  1. The governance engine simplifies data sharing for you with expression language to control the access of data. It enables you to enforce fine-grained, event-driven, and condition-based policies through policy-based access control (PBAC) to your vault, which gives you the ease of role-based access control (RBAC) and the granularity of attribute-based access control (ABAC) across different users and systems. You can control what data partners have access to, for which purpose, and in what format. You can also audit, track, and verify every access request made to the vault to ensure that only the proper entities access the data. Additionally, the policies combined with the configuration on the vault fields help de-identify data, ensuring there is no leakage when performing key healthcare/healthtech analyses.


  1. With an API-first approach, secure SDKs (Client-side: iOS(Swift), Android (Kotlin), Angular, JS, and React) and components, and the ability to provide an intercept gateway, the vault can easily fit into any architecture supporting both scenarios of securing data as you collect information or as you store it. 



How to Learn More

Skyflow’s Healthcare Data Privacy Vault is available to customers today. To learn more, check out our upcoming webinar, “The Healthtech Innovator’s Guide to Data Privacy, Security, and Compliance.” To talk to a salesperson and get a demo, sign up here.