IRI Adds Re-ID Risk Scoring to Help Businesses Comply with HIPAA
FieldShield Software and Expert Services Address the “Expert Determination Method” Rule
Melbourne, FL - April 3, 2018 - Innovative Routines International (IRI, The CoSort Company) has successfully embedded peer-reviewed statistical risk measurement functions into the IRI FieldShield data masking product to rapidly score the likelihood that a masked data set can still identify an individual.
The HIPAA Expert Determination Method rule requires that protected health data has only a statistically “very small” chance of re-identification. IRI’s new risk scoring wizard applies industry-approved algorithms to measure, and report on, these assessments.
While the masking of personally identifiable information (PII) like names and Social Security Numbers in files and databases is commonly performed, a potential attacker can still identify people from remaining “quasi-identifiers” in the data. A Carnegie Mellon study reported that 87% of the U.S population can be identified from their gender, date of birth, and a 5-digit zip code.
According to US Client Manager Lisa Mangino, IRI added risk scoring technology to FieldShield -- and IRI’s larger Voracity data management platform -- to address quasi-identifiers, too. “Now, data security architects can find, classify, de-ID, score, and then further generalize the quasi-identifiers in the same pane of glass,” she explained. Each de-ID operation also produces an XML audit log, runtime statistics, and job diagram, to further verify compliance actions.
These features are all supported in the same integrated development environment -- built on Eclipse -- called IRI Workbench. Workbench includes multiple job design and deployment modalities for data discovery, integration, migration, governance, and analytics. Users run job wizards connected to their data sources that discover, categorize, mask, and risk-score their data. They can also transform, cleanse, unify, convert, prototype, and analyze data there.
In addition to combining all this technology into a single user interface, IRI is also providing its customers in the healthcare industry -- both HIPAA-covered entities and business associates -- access to a HIPAA data SHM/EDM compliance course. This three-hour, five-part course covers PHI discovery, de-identification and risk scoring processes applied to structured data sets containing key- and quasi-identifiers. The course also covers expert determination, data generalization, compliance certification, breach insurance, and breach claim defense.
About IRI, The CoSort Company
IRI is a US data management and protection ISV founded in 1978 and represented in 40 cities worldwide. IRI’s uniquely fast and versatile data manipulation software -- and its rich Eclipse job design environment -- provide uniquely price-performant, ergonomic solutions for big data and BI/DW architects, data security and governance officers, DBAs, and application developers. The company offers fit-for-purpose, data-centric security tools like FieldShield, as well as a larger platform, Voracity, to support data discovery, integration, migration, governance, and analytics. Visit www.iri.com for more information.
Eric Leohner, IRI
321-777-8889, ext. 229