Why Protegrity Prime Our unique data security technologies are built for today's data-driven businesses. Learn More
Data Discovery Uncover where sensitive data resides
Data Management Control every corner of the enterprise
Data Protectors Protection beyond platforms
Professional Services Security experts for every need
Security Gateways Data security that goes with the data
Vaultless Tokenization Go beyond encryption
Contact Us

Healthcare Case Study

HIPAA & Internal Privacy Policy

Company Overview

Major healthcare enterprise, providing and coordinating services to government sponsored programs. Contracts with numerous physicians, hospitals and Federally Qualified Health Centers (FQHCs) across many states in the USA.


Business Problem

The company needed to improve patient outcomes to reduce overall cost per member utilizing predictive analytics.

However, governance policies dictated that analysts should not have access to sensitive Protected Health Information (PHI) and Personally Identifiable Information (PII). This meant protecting data in Teradata, Oracle and SQL Server, as well as applications and files.

In addition, recent security breaches by other companies in the industry drove a mandate to review and secure sensitive data from external threats and unauthorized access.

Requirements and Challenges

Protect PHI and PII according to HIPAA & internal governance requirements
De-identify data while permitting unhindered predictive analytics on the data
Protect sensitive data at the field level, within Teradata, Oracle and SQL Server

Protegrity Solution

Protegrity implemented Database Protectors to de-identify PHI and PII data across Teradata, Oracle, and SQL Server, applications, and files.

Fine grained data security was applied utilizing Protegrity Vaultless Tokenization (PVT), and is centrally managed by the Protegrity Enterprise Security Administrator (ESA).

PVT replaces sensitive data with secure tokens without requiring changes to existing tables or applications. This method also preserves data types and lengths, and protects only the sensitive data, allowing for predictive analytics without divulging protected information to analysts.

ESA provides a separation of duties, which allows the security team to prevent access to sensitive data from data analysts, and defines alerts and auditing on the entire data security system.

Results & Benefits

Sensitive patient data protected with PVT, satisfying privacy requirements
Enabled secure predictive analytics, improving patient outcomes and reducing cost per member
Fast implementation and dedicated staff for case management
Centralized policy-based access controls, monitoring, and reporting
Heterogeneous support across Teradata, Oracle and SQL Server
No changes to existing tables or applications