After introducing “MANTA 4 Finance” as the pilot segment of our new “MANTA 4 Industries” series, we are moving on to another industry that MANTA is very familiar with. Read about what issues MANTA helps its healthcare customers solve in the article below.
Regulatory Compliance and GDPR
It can be said that the regulatory requirements in terms of data protection for this industry are even more strict than in other industries. The companies’ systems contain large amounts of sensitive personal data that, as we all know now, has to be safeguarded with extra care. The General Data Protection Regulation (GDPR) and Health Insurance Portability and Accountability Act (HIPAA) threaten astronomical penalties for noncompliance.
A big problem may also arise from an inability to accommodate the fundamental rights of data subjects (right to access, right to erasure, right to restrict data processing, etc.). In these cases, the company has to show the supervisory authority exactly how it secures its data.
In the worst-case scenario, if there would happen to be a data breach, the healthcare provider would have to prove that it did everything humanly possible to stop it! Data lineage is a way of showing that, by drawing out an end-to-end map of the data flows and all their movements within the BI and analytics environment.
Some of the consultancy companies that MANTA works with have recognized that the biggest struggle regarding GDPR compliance is most likely tracking customer data across multiple databases. The subject of data anonymization, personal identifiable information (PII), consists of data elements that alone or in combination can directly or indirectly lead to the identification of a specific individual.
Companies must identify the various locations where sensitive or noncompliant data is being stored as well as discover the relationships between this data. Not all records are equally sensitive; not all need to be anonymized. Sometimes, only parts of the data need to be re-written (e.g., a name and a country code in the same table will most likely not lead to the identification of a customer, but adding a city name could end up leading to quite precise identification).
Using MANTA you can construct and analyze metadata models that will identify PII in any component of your BI and analytics solution.
IoT and Healthcare
With all of the abovementioned regulations, healthcare is one of the most monitored industries in the world, and for good reason! It will only get harder to comply with these regulations, especially with the desire to digitalize all customer records and add IoT concepts that integrate data from wearable sensors. These wearables usually sync data in real time as well, giving doctors the ability to remotely monitor patients. This makes them a real-time security threat for medical experts, doctors, insurance providers, you name it! (Hence the possible data breach threats mentioned above.)
The complexity of today’s BI and analytics environments makes it almost impossible to search for these relations manually. Luckily, MANTA can automatically analyze all database objects and data processing logic within your database, and if an additional description about the level of sensitivity of each record is provided, it can identify the locations of sensitive records. Then you can eliminate all potential threats to compliance as well as make sure you didn’t fail to find a complete record of customer data.
Do you have any questions for us, or do you want to read one of our case studies regarding this industry? Then hit us up at firstname.lastname@example.org and we will gladly reply!