Major healthcare enterprise, providing and coordinating services to government sponsored programs. Contracts with numerous physicians, hospitals and Federally Qualified Health Centers (FQHCs) across many states in the USA.
The company needed to improve patient outcomes to reduce overall cost per member utilizing predictive analytics.
However, governance policies dictated that analysts should not have access to sensitive Protected Health Information (PHI) and Personally Identifiable Information (PII). This meant protecting data in Teradata, Oracle and SQL Server, as well as applications and files.
In addition, recent security breaches by other companies in the industry drove a mandate to review and secure sensitive data from external threats and unauthorized access.
Protegrity implemented Database Protectors to de-identify PHI and PII data across Teradata, Oracle, and SQL Server, applications, and files.
Fine grained data security was applied utilizing Protegrity Vaultless Tokenization (PVT), and is centrally managed by the Protegrity Enterprise Security Administrator (ESA).
PVT replaces sensitive data with secure tokens without requiring changes to existing tables or applications. This method also preserves data types and lengths, and protects only the sensitive data, allowing for predictive analytics without divulging protected information to analysts.
ESA provides a separation of duties, which allows the security team to prevent access to sensitive data from data analysts, and defines alerts and auditing on the entire data security system.