The Datalys Center's methods exceed the guidelines set forth by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) for the collection of de-identified data. All communications are encrypted over a secure connection using Transport Layer Security (TSL) protocols similar to submitting credit card information to an online store. In addition, the Datalys Center and our technology partner (Arivium, Inc) follow the data security and storage guidance provided by the Centers for Disease Control (CDC), and the PCI Data Security Standard (PCI DSS) provided by the Security Standards Counsel. While the PCI DSS was specifically created for the financial markets, these high standards are applicable to all forms of data. The CDC standards (specifically Section 5 and Appendix B) addresses data security and storage of public health surveillance data while the PCI DSS provides an actionable framework for data security processes that include prevention, detection and appropriate reaction to security incidents. These security processes apply to both the application and the de-identified data submitted to the research database.
The de-identified research database must abide by additional guidelines. Wide scale or multisite injury surveillance programs would not be feasible without the de-identification of data. Therefore, the Datalys Center and Arivium also follow the guidance regarding the de-identification of data provided by the department of Health and Human Services (HHS) Office of Civil Rights (OCR). The guidance provided by the OCR (specifically point 1.3. De-identification and its Rationale) states: “The increasing adoption of health information technologies in the United States accelerates their potential to facilitate beneficial studies that combine large, complex data sets from multiple sources. The process of de-identification, by which identifiers are removed from the health information, mitigates privacy risks to individuals and thereby supports the secondary use of data for comparative effectiveness studies, policy assessment, life sciences research, and other endeavors.” The OCR Guidelines, Section 164.514 of the HIPAA Privacy Rule provides the standard for de-identification of protected health information. “Under this standard, health information is not individually identifiable if it does not identify an individual and if the covered entity has no reasonable basis to believe it can be used to identify an individual.” The Datalys Center follows the Safe Harbor method to de-identify and aggregate the research data.
Guidance Regarding Methods for De-identification of Protected Health Information. U.S. Department of Health and Human Services, Office of Civil Rights; 2012
All data exported from any of the three applications listed above are de-identified and encrypted before export to the research database. When exported, the data are encrypted using the latest industry Transport Layer Security (TLS) standards. The screen shots will provide an example of what the AT sees (Figure 2) and what is received in the research database and viewable at the Datalys Center (Figure 3). It is important to note that at no time can Datalys personnel see the client side application, nor view any of the client side information. The data extracts are completely devoid of identifiable information, but are coded and unintelligible without the programming code. Submission of data occurs automatically each night and does not require extra effort on behalf of the athletic trainer.
The Datalys Center owns its own database and injury surveillance application servers. Our certified partners maintain and operate their own database and application infrastructure related to their commercial applications. Datalys’ servers are maintained in a network operating facility located in Grand Rapids, Michigan. Both are supported 24/7/365 by our technology partner Arivium, Inc. of Grand Rapids, Michigan. Security is implemented using both physical and logical controls. Only authorized personnel with card key access are allowed into the data center and server rack.
The Datalys Center utilizes a multi-level backup procedure. RAID drives provide redundant copies of the database, with real time updates for the hard drives holding the production database. RAID drives are exact, real-time copies of redundant hard drives. This scheme of redundant drives mitigates the risk of hard drive hardware failure. Redundant drives transfer to the operating drive automatically in the event of a single drive failure, allowing the database to continue to operate. The failed drive is then replaced and automatically synced with its partner, immediately restoring redundancy. Additionally, the databases are backed up each night to a remote offsite location. The result is a copy of the database held for up to 30 days that can be restored to the production database as needed or in the event of catastrophic failure.
For more information, please contact us via email or call 855-832-4222.