PII Vault is changing the way people manage and protect data. It is also enabling people to spend more time discovering insights within their data and less time on legacy workflows. We thought others would be interested to learn just how much more productive people can be when they aren’t shackled by archaic and out-of-date processes.
This is the first in our series of Q&As with Anonomatic PII Vault users.
Anne Azaloff, MBA, SHRM-CP, is a Healthcare Data Analyst for Oncology Practice Solutions (OPS) which provides business management expertise to support oncology practices and physicians nationwide. Her role requires her to be a quantitative and creative thinker who must understand the business needs of a healthcare organization, how to use data to achieve those needs, and know how to communicate through the data. Her daily duties include organizing and managing large and varied data sets from multiple sources, creating, and maintaining strict data governance policies and procedures and analyzing healthcare data to optimize business operations, and communicating the findings using data visualization and detailed reports.
Anne was introduced to Anonomatic PII Vault by Domo which is OPS’ data visualization tool of choice. When she started looking at data analytics platforms, one of her primary requirements was that patient data would be secure and any potential data privacy risks could be completely mitigated. She had seen other healthcare organizations and practice management systems that have data analytic platforms that fully expose patient data including names, social security numbers, date of birth, and address – all their private healthcare data. Usually, all this information is completely unnecessary to the analysis. The only item that makes individual PII necessary is that it allows for patient counts to aggregate data. She knew that allowing this type of unnecessary exposure was a severe disservice to the patient’s right to privacy. After meeting the Anonomatic team and learning more about PII Vault, she agreed with Domo’s recommendations to deploy PII Vault at the start of her privacy pipeline.
Recently, we caught up with Anne to ask her a few questions about being a healthcare data analyst, her thoughts on current state data privacy techniques, and how PII Vault helps her deliver results.
What sparked your interest in becoming a healthcare data analyst?
I have always been curious and driven to understand the why and the how of things, love puzzles, and am deeply connected to the world through art. Becoming a data analyst allowed me to meet at the nexus of all those drivers. I’ve had the opportunity to be in many different roles- from a hospice caregiver to CEO to an author. For me, the use of data analytics has been at the heart of my success in each of those roles. Data is the words; analysis tells the story. Or better still, data is the paint, analysis is the picture. Once I became entrenched in viewing and exploring the world through data, it was impossible to operate without it. Being a healthcare data analyst allows me to do something I am truly connected to and that I derive meaning from.
Tell us more about the data you analyze. What kind of data do you analyze?
Right now, a lot of the data I analyze comes from revenue cycle activity. It includes items like charges, payments, and contractual adjustments. That information can be viewed by financial class, payer, practice location, medical provider, individual patient demographics, diagnosis, or procedure code. In addition, I look at population health data and large datasets from the Centers for Medicare & Medicaid Services (CMS) to determine things like whether our organization is aligned with nationwide trends or what percentage of the market we have captured.
Where do you get this data? What systems?
Since we serve multiple practices in the southeastern region, the data comes from multiple practice management systems, billing systems, payment clearinghouses, banking, and finance systems, and EHRs.
What does the data help you understand?
The data helps the organization understand a multitude of things: financial trends; treatment trends; variances in payment activity; whether contracts need to be renegotiated or payment terms need to be updated; how to better humanize the revenue cycle to meet patients where they are at and support them through their healthcare journey; practice performance by location, provider, diagnosis mix, etc.; internal and external staff performance metrics; labor planning; and population healthcare trends- just to name a few.
How do you present the data to management/clients?
The data is presented through Domo dashboards, weekly and monthly reports, ad hoc reports, and lots and lots of conversation and communication.
What is the biggest takeaway you’ve learned over the years from analyzing all this healthcare data?
Always triple-check your data, be prepared to explain the logic used in your analysis, and document, document, document!
Do you work with 3rd party data providers?
I use publicly available 3rd party datasets from CMS, which has Non-Identifiable Data Files (also known as public use files or PUFs) available. Non-Identifiable Data Files do not contain any protected health information (PHI) or personally identifiable information (PII). As a result, there are no set privacy restrictions.
What is the problem you’re solving by using PII Vault?
By using PII Vault we are ensuring the patients’ right to privacy and dignity, as well as mitigating all data breach risks associated with a data analytics platform. Personally, I believe that the PII Vault solution should be used at a practice management system level so only the right individuals, with the right access, see the right and necessary data.
How do use PII Vault?
The PII Vault is installed as a Domo Workbench plugin. Data is pulled via queries from the source, like an EHR or the practice management system into the Domo Workbench. Then within the Workbench, PII Vault allows me to create a schema that assigns privacy levels and actions to each attribute. Once the schema has been created and attribute privacy actions have been assigned, the data is run and is exported to Domo. One example is patient charge records are pulled from the billing system via a Workbench query. The query includes the patient account number, full name, location of service, what procedures were completed, and all payment activity. The patient’s name and account number are fully redacted and replaced with a poly numeric ID using the PII Vault. The scrubbed data goes to Domo and is used to create visualizations, practice activity statistics, and financial reporting. Having a patient-level granularity available to the data consumers allows them to view their specific practice activity and trends without exposing patient data.
Where does PII Vault fit in your data pipeline?
The PII Vault is part of the initial data pipeline. The data flows from the source to the PII Vault and then is disseminated to the various data analytic systems.
Tell us about your experience using PII Vault with Domo.
The experience using the PII Vault has been wonderful. The PII Vault team is proactive and responsive. When the needs of the organization changed, the PII Vault team met each change with a solution. They worked tirelessly to ensure the PII Vault was providing exactly what OPS needed currently and were proactive about future data complexity solutions. They were engaged partners in the entire process. Communication between the PII Vault team, myself, Domo representatives, and the implementation team was not only frequent, but it also actually added value and structure to the Domo implementation process.
Assuming you’ve used other anonymization techniques, how does PII Vault compare to others?
The other data anonymization technique that I’ve used is the complete removal of PII. This technique creates data that is usable at an aggregate level but makes it impossible to analyze the data using patient counts. A single patient could receive a treatment 100 times or 100 patients could receive the same treatment 1 time. When you remove the patient identifiers, it is impossible to know which case it is, you only know the treatment total is 100.
What’s next for PII Vault at OPS?
OPS is growing and adding new clients constantly. PII Vault will be part of the data platform implementation for each of those clients. This encompasses thousands of patients and millions of records- each one will be secure because we use the PII Vault.
What would you tell others interested in PII Vault?
Involve the Anonomatic PII Vault team early in your process. They are trusted and valued partners that will meet your data privacy needs and allow you to mitigate the risks associated with PII.