Mercy partners with Johnson & Johnson
Investing $383mn in 2017 to support the local community Mercy Health has sought to provide high quality services, serving over 250,000 people with over 244 programmes.
The largest non-profit healthcare system in Ohio, the organisation has established a data platform that uses real-world clinical data to evaluate medical device performance. Johnson & Johnson Medical Devices Companies (JJMDC) has announced that it has entered a research collaboration with Mercy to utilise this platform.
Mercy includes more than 40 acute care and specialty (heart, children’s, orthopaedic and rehab) hospitals, 800 physician practices and outpatient facilities, 44,000 co-workers and 2,100 Mercy Clinic physicians in Arkansas, Kansas, Missouri and Oklahoma.
“We began this project to make sure the devices Mercy uses work for patients,” said Dr Joseph Drozda, Mercy’s director of outcomes research and pioneer in using unique device identifiers for tracking implanted medical devices (e.g., coronary stents, pacemakers, etc.)
“With more than 8,000 new medical devices entering the market each year, it’s critical that we find better ways to evaluate their performance.”
JJMDC will utilise Mercy’s data infrastructure to inform and improve regulatory decision making and health outcomes for medical devices.
- Cleveland Clinic harnesses Apple’s Health Records, promoting patient record accessibility
- Top 10 innovative healthcare pioneers
- Research on the benefits of 3D printing in a trauma hospital
The JJMDC and Mercy collaboration comes just months after another device manufacturer announced a similar data partnership with Mercy. Dr Drozda believes this type of exchange is catching on because the Food and Drug Administration is encouraging the use of real-world data to evaluate medical devices.
“Not only does Mercy have diverse data, we have the data platform, quality, scale and sophisticated data scientists to turn this data into meaningful information. That’s critical where patient outcomes are concerned,” he adds.
Since Mercy installed its Epic EHR more than a decade ago, Mercy’s IT backbone and recognised analytics leader Mercy Technology Services has been building it out. An early adopter of Epic’s EHR, Mercy became the nation’s first to be accredited by Epic to offer EHR solutions to other hospitals, including Epic in the cloud, implementation and optimisation.
EPIC enables coordinated patient care and up-to-date information-sharing among physicians' offices, the emergency department, and inpatient and outpatient hospital care teams. It also allows the organisation to build in functions such as medication scanning and clinical alerts to prevent harm and provide safer care.
Today, Mercy has accumulated millions of data points in longitudinal patient records with more data accessible from fields versus being obscured in physician notes within the EHR.
Where Mercy still has data in a note, it uses award-winning natural language processing (NLP) capabilities to extract and measure it.
Data de-identification - why it matters in healthcare
Large amounts of healthcare data is generated yet goes unused due to privacy concerns. To address this, data privacy firm TripleBlind has created Blind De-identification, a new approach that allows healthcare organisations to use patient data while eliminating the possibility of the user learning anything about the patient’s identity.
We asked Riddhiman Das, co-founder and CEO to tell us more about data de-identification.
Why is data de-identification important in healthcare?
Blind De-identification allows every attribute of any given dataset to be used, even at an individual level, while being compliant to privacy laws, rules, and regulations by default.
Governments around the world are adopting global data privacy and residency laws like GDPR, which prohibit citizens’ personally identifiable information data from leaving the borders of the country. While great for data protection, data residency laws result in global silos of inaccessible data. TripleBlind allows computations to be done on enterprise-wise global data, while enforcing data residency regulations.
In the US, HIPAA compliance has relied on what is called the Safe Harbor method, which requires removing 18 types of personal patient identifiers like names, email addresses, and medical record numbers. The Safe Harbor method can be too restrictive with the data or can leave too many indirect identifiers, which puts the patient data security at risk. Getting de-identification wrong could make an organisation liable for a costly mistake.
What does TripleBlind's solution do?
With TripleBlind, data is legally de-identified in real time with practically 0% probability of re-identification. Our solution allows analytics on data containing personally identifiable information and protected health information with zero possibility of re-identifying an individual from the dataset. This allows healthcare organisations to access more meaningful data, creating more accurate and less biased results.
For example, a healthcare drug researcher in a rural, predominantly white area, would only have patient data that would reflect their local population. With TripleBlind’s de-identification, they could more easily leverage third-party data from another healthcare facility in a more diverse region, creating a more complete data set that more accurately reflects the larger population. This has the possibility to create more accurate diagnoses and better drug results for more diverse populations.
How can healthcare organisations use this in practice?
TripleBlind is blind to all data and algorithms. That means we never take possession of customer data. We only route traffic between entities, enforce permissions, and provide audit trails. The enterprise’s data remains under their control. TripleBlind does not host, copy or control their data, algorithms or other information assets, ever.
We facilitate a connection to an encrypted version of their information assets. Our technology allows the algorithms and data to interact in an encrypted space that only exists for the duration of the operation. Organisations use their existing infrastructure, so it’s not hardware dependent.