PHI Handling

Jori prioritizes the protection of patient privacy and ensures compliance with relevant regulations, such as HIPAA. When importing data from your EHR system, we employ a robust process to strip and anonymize protected health information (PHI) while preserving the data's usefulness for analysis and research purposes.

Address Abstraction

To maintain patient privacy while enabling the study of disease spread, we have implemented a custom address abstraction technique:

1. During the data import process, our platform extracts the patient's address information from the BULK FHIR files.

2. The address is then transformed using our proprietary algorithm, which generates an abstracted location that is accurate within a 30-mile radius of the original address.

3. The abstracted location replaces the original address in the imported data, ensuring that the patient's precise location cannot be identified.

4. The abstracted location data is stored in our platform's database, allowing for analysis and visualization of disease spread patterns without compromising patient privacy.

This address abstraction technique strikes a balance between protecting individual privacy and enabling valuable public health research. By providing a general location within a 30-mile radius, we can still derive meaningful insights into disease transmission and geographical distribution while safeguarding patient confidentiality.

PHI Stripping and Anonymization

In addition to address abstraction, our platform employs comprehensive PHI stripping and anonymization techniques:

1. During the data import process, our platform identifies and removes all personally identifiable information (PII) and protected health information (PHI) from the BULK FHIR files.

2. This includes, but is not limited to, patient names, dates of birth, social security numbers, phone numbers, email addresses, and any other unique identifiers.

3. Where necessary, PHI is replaced with anonymized identifiers or tokens to maintain data integrity and allow for longitudinal analysis without compromising patient privacy.

4. The anonymized data is then stored in our platform's secure database, accessible only to authorized users with appropriate permissions.

By stripping PHI and anonymizing the data, we ensure that patient privacy is upheld throughout the data lifecycle. Our platform's data handling practices are designed to meet or exceed the requirements set forth by HIPAA and other relevant privacy regulations.