Security Labeling Services for Healthcare

The application of Edmond’s SLS for Healthcare (SLS-H) directly supports the Health Level 7 (HL7) Data Segmentation for Privacy (DS4P) and Healthcare Privacy and Security Classification System (HCS) standards to provide fine-grained access control of sensitive and statutory-protected health data. Specific privacy protection scenarios include enforcing security and privacy of:

  • 42 CFR Part 2 protected data
  • USC Title 38 Article 7332 and Article 1.736 protected data
  • Data relevant to the HITECH Self-Pay Use Case

The SLS-H achieves this by tagging the electronic record and the data stream, using SNOMED CT, ICD-9 vocabularies for decision considerations, and applying rule constraints. The record or data stream is tagged and transformed, accessible to only those users who have been granted the privilege of viewing or being notified of specific data elements. The SLS not only enforces who can access the record, but which portion of the electronic health record, live and in real time, prior to authorization of access.

ESC maturation of the technology in healthcare includes demonstrating and operationalizing DS4P features including: Document, Clinical Domain, Observations, Data Sequestering, Data Redaction, and Data Masking enforcing HL7’s Security Classification Model (e.g. Do-not-Redisclose), Patient Consent Discovery, and Organizational Policy.

A Technology Readiness Level (TRL) 7 evaluation was successfully completed in July 2016 with one of the largest health providers in the nation: The Department of Veterans Affairs.  The TRL7 test and demonstration included the SLS-H prototype in an operational environment that included integration with the VA’s Identity and Access Management (IAM) enterprise suite for authorization decisions hosted in the VA’s automation center’s cloud.  The test also included successful demonstration of the Natural Language Processing (NLP) to identify those patients that have protected conditions that are not coded but are present in the unstructured data such as clinical notes.  One early result of ESC’s efforts in the test was to discover certain conditions resulted in the improper coding of HIV that would have been undetected if ESC had not incorporated NLP in the SLS, providing a useful quality assurance check on daily operations nationwide.

SLS-H design is depicted below.  This design provides an extensible capability to redact and mask data below the document level, with the ability to effectively exchange data and ensure protection of all sensitive data elements.  This enables Privacy Officers to evolve organizational policies to more than placing the sensitivity label “high water mark” at the patient level, and enforce document field or data element protection.  Our design also allows organizations to automatically label healthcare information to distinguish those patients who have sensitive data such as 38 USC 7332 protected conditions from those that do not, thereby eliminating the need to require individual patient authorizations for the majority population who do not actually have 38 USC 7332 protected conditions prior to a disclosure, thereby simplifying organizational policies to be able to use “Opt-Out” as a default.

SLS-H Interface Diagram and Major Elements