At Verana Health, data is our business.
We hold more than 90,000,000 de-identified patient records, comprising nearly a half billion individual healthcare encounters. Because of this, we mark Data Privacy Week with equal parts excitement and pride.
Patient data drives the impact we make across the healthcare ecosystem. This includes helping healthcare practitioners report quality care metrics, leading to better care for their patients. It also includes helping life sciences companies generate critical insights from our de-identified, quality data modules, Qdata®.
As the steward of healthcare information, data privacy is our highest priority. But as General Counsel of a digital health company, my commitment to data privacy is not just professional—it’s personal.
When tackling a legal question, I think about the patients we serve, and how they will benefit from our work
Patients at the Center of Data Privacy
To serve a company that supports medical practices, life science companies, and ultimately patients, the legal team at Verana health is asked to balance both possibility and ethos. Our questions don’t end at whether a novel proposal is legally permissible; we must also consider whether we should move forward.
When tackling a legal question, I think about the patients we serve, and how they will benefit from our work. Will they receive better quality of care from a trusted practitioner in our real-world data network? Will they benefit from the opportunity to discover a new treatment as part of a clinical trial we’re supporting? Will they learn more about a drug they were prescribed through a post-market study enabled by insights we generated?
The patients whose de-identified data power Verana Health’s insights include my father, who recently finished treatment for an aggressive form of prostate cancer, and my sister-in-law, who was diagnosed with glaucoma in graduate school. Their anonymized electronic health records help us advance treatments and accelerate clinical research, and I want them to feel confident in how we protect their data. I also want them to feel proud of the insights we derive—and the clinical progress that can be made—from their de-identified information. I want this for all patients.
Our security and compliance framework is built around industry-leading NIST standards, and we build our business with a Privacy by Design model.
How Verana Health Protects Data
Working in digital health inspires me to approach legal issues with an eye toward the future. In an industry that was rocked by a pandemic—and forced to rethink the way technology shapes medical care—Verana Health, and companies like it, are part of the conversations that will impact the future of data privacy regulation and practice.
At Verana Health, the privacy of patient data is protected in myriad ways. This includes through our:
- HITRUST certification
- Role-based firewalls preventing unauthorized use
- Rigorously maintained access controls to the most sensitive data, and
- Cross-functional review of all new initiatives that touch on data privacy
Our security and compliance framework is built around industry-leading NIST standards, and we build our business with a Privacy by Design model. Our de-identified data modules are certified by experts, and every member of our workforce must pass a custom privacy exam.
Our commitment to data privacy doesn’t end in the legal department. Our executive team comprises industry experts on health data analytics, and our Board of Directors includes clinical leaders who provide invaluable insights on impacts to providers and patients. The controls we have around privacy are set, and regularly pressure-tested, by leaders in the field. Protecting data is in our DNA.
I’m proud of the systems we’ve built to support data privacy, and the way they enable us to advance clinical care. However, systems are only part of the story. As we consider what’s to come, it’s the individuals behind the de-identified data who inspire me the most.