How to overcome security barriers to unlock medical data

​The healthcare industry is one of the most data-rich industries, but due to strict privacy and security laws, data scientists cannot do much with this data. But now, thanks to the use of strong security settings and privacy-preserving analytics in cloud computing, Providence Health is beginning to unlock the "handcuffs" of data scientists and innovate on big medical data.

With 52 hospitals, more than 1,000 clinics and approximately 120,000 employees, Providence Health & Services is one of the largest healthcare groups in the United States. Like most healthcare companies, Providence Health takes steps to maintain the integrity of patient data. After all, no one wants to violate HIPAA (Health Insurance Portability and Accountability Act/Healthcare Electronic Exchange Act), which carries a $50,000 fine for each violation.

Security is at the forefront of the Renton, Washington-based company's efforts to update its data analytics architecture, starting with migrating its legacy SQL Server data warehouse to Microsoft Azure. On the cloud. Lindsey Miko, Providence's director of data science, said the company took extra precautions to ensure tight controls over the data were maintained as it worked with Databricks and others to set up a new data environment in late 2019.

"Providence sets a uniquely high standard for secure clouds," Miko said. "Every tech company I work with ... thinks this is what a secure cloud looks like. And then they start working with us, and they quickly have doubts about setting the standard. We're working hand-in-hand with Microsoft and Databricks to build With the new deployment architecture, we needed something that was isolated from the public internet and could properly protect patient data.”

Snowflake is also involved in Providence’s new cloud-based data architecture. The initial project was to migrate an aging SQL Server warehouse to a Snowflake data warehouse, which would provide a more scalable system for analyzing business and clinical data. Providence is large enough to accommodate users in multiple data warehouses, so the Databricks and Snowflake environments exist independently.

Cost control is an important goal for Providence’s new cloud warehouse, which is used for traditional analytics as well as building and running machine learning models. As a nonprofit Catholic hospital with a mission to help the poor and needy, Providence has a responsibility to provide affordable care, and analytics can help in that regard.

"We also know that there is a cost bubble in health care. Patient costs are going up all the time. The health care system's margins are razor-thin. It's a lose-lose," he said. “So, finding ways to leverage data and analytics to control costs — that’s the bread and butter of the entire healthcare system.”

Some of the initial use cases involve using machine learning models to predict patient needs, including things like morbidity and length of stay, etc. Those forecasts are fed into a staffing model that tells Providence what service staffing needs are likely to look like over the next two months.

The infinite elasticity of the cloud is a major upgrade from what the company has been using before. Although the data warehouse migration began before the COVID-19 pandemic, Miko and his team completed much of the work during the pandemic. The healthcare company took advantage of several machine learning models that come with Epic Systems' electronic medical records (EMR) software out of the box, and they worked well. As Epic’s largest user, the success of the machine learning model bodes well for Epic’s R&D team.

At the same time it accelerates the deployment of next-generation systems, including telemedicine. "We're ready. We have a very robust infrastructure to handle telemedicine. Being able to move huge amounts of data to telemedicine. It's also driving the development of predictive analytics. Around mortality risk, ICU length of stay and early in the pandemic There are some other models deployed. These are apps built into Epic. This is just the first step in a long journey. There are many more opportunities for AI to improve clinical care," Miko said.

For example, the company is performing real-time analysis of health level 7 (HL7) medical documents sourced from Epic. This data is processed using Spark Streaming and then loaded into a form in the Databricks warehouse in real time.

He said: "This work started out to establish what we call a mission control center, which can have a real-time view of what is going on in the hospital."

One of the early use cases for Mission Control Center is to gain visibility into an individual hospital's resources to determine whether it is capable of handling incoming patients. This is a useful tool to help prevent hospital overcrowding, which was a very real threat at the height of the COVID-19 pandemic.

Leveraging analytics and artificial intelligence to improve business and clinical operations, he said: “That’s a great place to start, once you have real-time visibility into what’s going on in the healthcare system — who’s there, What you need and connect it to their diagrams - you can start to predict what's going to happen next. You can start to optimize decisions about clinical care or surgery. So I'm very interested in mission control."

The company is considering leveraging some more powerful artificial intelligence technologies, including deep learning, to further optimize its operations and improve medical services. Specifically, it's working with John Snow Labs and its Spark NLP model to be able to extract meaningful data from doctors' medical records. ​

Security and privacy are paramount when dealing with this level of sensitive data, so Spark NLP’s first priority is to identify doctor records about patients. The healthcare company is using pre-trained models from John Snow's lab that can recognize identifiers such as dates, names, addresses and zip codes.

“It works surprisingly well,” said Nadaa Taiyab, a senior data scientist at Tegria, a technology and services company owned by Providence.

In the tag After the identifier, Providence replaces the data with dummy data, eliminating the risk of private health information (PHI). This process enables Providence to use aggregated medical data to perform advanced analytics and train machine learning models.

While the obfuscation step reduces the risk of PHI falling into the wrong hands, there are times when real patient data is needed, especially when using machine learning models, Taiyab said. "If you aggregate it, you can't use it for machine learning, if you're trying to predict something at the patient level." "If you want to predict it at the population level, that's one thing. But you need Have patient-level data” to make patient-level predictions.

Providence can also use its patient data for further medical research through the Institute for Systems Biology (ISB). ISB is a medical analytics company based in Seattle, Washington, founded by Dr. Leroy Hood, one of the researchers on the Human Genome Project. The data security work Providence did enabled it to share data with ISB, which it acquired in 2016.

Miko said ISB’s ability to mine Providence’s large medical data warehouse will be important to ISB’s research on health conditions, such as long-term COVID-19. "This is just one example of what it means when you can deploy and integrate data in a secure cloud environment," he said.

Investments in building a secure cloud data architecture are expected to pay off as Providence explores other ways to use advanced analytics and artificial intelligence to improve its healthcare mission.

"Providence has designed a blueprint for a secure cloud for healthcare," Miko said. "It takes a lot of practice, a lot of learning, a lot of collaboration with our partners. Improving it every step of the way. The deployment model changes as we learn new things. But we think there's a very solid one A blueprint for this.” Access to data remains one of the main barriers to progress on this front. The work Providence has done to reduce security and privacy risks is a good first step, but more needs to be done. ​

The above is the detailed content of How to overcome security barriers to unlock medical data. For more information, please follow other related articles on the PHP Chinese website!