Privacy enhancing technologies (PETs) and their role in navigating healthcare’s data sharing challenge.
When it comes to data, there are few categories more personal or sensitive than information relating to our health.
In addition to its value to the individual, healthcare data can also serve as a critical source by which medical professionals and researchers extract important insights — insights that, as we’ve seen throughout the pandemic, serve to enhance and enrich our understanding for the good of society as a whole.
While we may recognise the benefit of such assessment, the thought of exposing our personal health information is still a concept that most of us find hard to receive.
This feeling of personal exposure is why recent headlines relating to data sharing by the NIH tend to elicit strong reactions.
We need to believe that our personal data, especially information generated via health events such as a doctor’s visit or hospital stay, is being both protected and securely handled.
The days of paper files and data that was never accessed by anyone beyond your personal physician are long gone. The reality is that virtually all data will be used and shared in some capacity, but we absolutely should expect – and demand – that organisations do it in a manner that respects our privacy.
Healthcare is not the only industry wrestling with balancing data usability and privacy. We see similar challenges in financial services where banks want to obtain a clear global operating picture for functions like customer onboarding as well as fraud and money laundering prevention.
To do this at scale, banks need to be able to efficiently share financial data across privacy jurisdictions and between entities to derive insights, cross-match, and further analyse the data while ensuring the sensitive assets are never exposed.
In order to achieve this privacy threshold, these financial institutions are increasingly turning to Privacy Enhancing Technologies.
At its core, privacy enhancing technologies or PETs are a family of technologies that preserve, enable, and enhance the privacy of data while it’s being used.
While many of the technologies within this category – homomorphic encryption, secure multiparty computation, and trusted execution environments, to name a few – have been studied for decades, a renewed expectation of privacy combined with recent technology breakthroughs and a growing, heterogeneous regulatory landscape have driven the rise in commercial applications for PETs.
The capabilities enabled by these technologies are important because they have the potential to fundamentally change the way we use, share, and collaborate with data — and anyone working with sensitive data needs to be paying attention.
To help ensure you’re ready for the changes ahead, here are three things every person working in the healthcare industry should know about privacy enabling technologies:
PETs enable secure and private data usage in ways that were never before possible.
PETs protect data while it’s being used or processed, a gap that is often overlooked by traditional data security practices. By protecting the interaction with the data, PETs allow organisations to securely use data without increasing their risk.
For example, they could allow NIH or other entities to search over the data of individual hospitals without revealing sensitive search content or compromising the security or ownership of the underlying data. Data owners maintain full control over their data assets, only granting auditable access to the relevant portion of the data.
PETs will change the way we do business.
Surveys are increasingly showing that consumers want and expect privacy and businesses will need to find ways to ensure those expectations are met.
With PETs, businesses can prioritise individual privacy without sacrificing their ability to put data to use and unlock value.
PETs uniquely enable decentralised, secure data sharing and collaboration, removing the need to centralise sensitive data in order to extract insights in a private and secure manner.
PETs are ready to be used at scale today for a number of healthcare use cases.
You may wonder why, if these technologies have existed for decades, aren’t we already using them? The answer is a combination of the previously referred to market factors and the fact that the technology just wasn’t ready yet.
A number of PETs can, and are, being used today for commercial applications at scale. This number will only increase — Gartner predicts that by 2025, half of large organisations will implement privacy-enhancing computation for processing data in untrusted environments and multiparty data analytics use cases.
The PETs family of transformational technologies is ready with a solution for healthcare’s data sharing challenge.
Privacy enhancing technologies can enable entities to extract value from sensitive data assets without exposure, duplication, or pooling.
These capabilities are already being used at scale and healthcare professions will be well-served to understand how and where PETs can help unlock data value in a secure and private way.