Pioneering provider of software solutions that support real-world Big Data analysis of healthcare data in a secure and HIPAA-compliant manner
UPK software and services enable healthcare organizations to quickly and easily apply a risk-based de-identification methodology to ensure individual privacy and regulatory compliance.
UPK’s software is compliant with regulations and globally accepted standards and guidelines.
The UPK Solution
We are firmly committed to advancing healthcare through data analytics while protecting patients’ privacy.
Before UPK came along, private patient information was protected simply by removing it wholesale. If it wasn’t there, the thinking went, it couldn’t be exposed. Unfortunately, if the patient’s identifying information was removed, it also meant that there was no way to combine their healthcare data in one file (e.g. their hospital stay) with their data in another file (e.g. their pharmacy prescriptions after they were discharged).
At UPK, we take a different approach. We’ve designed a cutting-edge, patent-pending, de-identification process that replaces private patient information with an encrypted “token”, a unique placeholder that can’t be reverse-engineered to reveal the original information.
UPK’s de-identification process is HIPAA certified using the statistical method, meaning our tokenized data set is legal and safe to use AND contains more information.
Furthermore, we can create these same patient-specific tokens in any data set, which means that now Data Set A can now be combined with Data Set B using the patient tokens to match one record to another.
The use of UPK’s de-identification tokens means that no PHI needs to be shared by the owners of either data set to combine the data!
Secure, aggregated healthcare data’s promise
At UPK, we believe that the application of Big Data Analytics on Real World Evidence (RWE) will improve the practice of medicine.
Among its many potential benefits and applications, big healthcare data can:
- Help patients find the best provider to treat their condition
- Help providers better diagnose, treat, and monitor their patients
- Help pharmaceutical and medical device manufacturers identify areas of medicine that are unfulfilled to design treatment interventions that patients need
- Help academic centers and registries spot safety concerns, and alternative treatment algorithms that lead to superior outcomes
- Help payers find better and less expensive courses of treatment for the patients they insure
Our team has deep experience in:
Medical Claims Systems
Electronic Medical Records
…and of course, HIPAA compliance.
Advantages of UPK’s technology
If you own healthcare data, you don’t need to send your data to us to de-identify it.
It doesn’t help you protect your PHI if you must send that data to an outside group to secure it! UPK software is sent to you and used within your system – we never see your data or PHI.
You don’t need to give us access to your system to use our software.
Preventing data breaches is an important part of your cybersecurity plan for protecting PHI, and giving external parties access to your system compromises that security. Our software is self-contained – you install it with our guidance but are never required to give us access to your system.
Our de-identification algorithms are site-specific.
This specificity means that a breach at one site can never be used to re-identify PHI tokens at your site. In fact, if you have multiple sources inside your organization, you can have source-specific UPK tokens and the integrity of each source is maintained even while you merge the data into one database.
You can keep your existing encryption engine.
UPK replaces your data’s PHI with a token that is then encrypted using your existing encryption software. But that doesn’t mean you can’t combine your data with the data from someone using a different UPK encryption engine – our LINK software is specifically designed to join data under these circumstances.
Now you can de-identify your free text fields too.
UPK doesn’t just secure the structured fields in your dataset – our unique Scrubber application is the first fully-automated de-identification engine for open notes fields. Now you can mine medical histories, physician notes, and other free text fields for insights!
Connect your data to the Social Security Death Index.
Because the standard Death Index file provided by the SSA contains PHI, it is technically a HIPAA violation to allow your employees to join the file to your data sets. Not to worry – UPK is an approved recipient of the current Death Index file, which we de-identify using your site’s tokens and send to you for easy bridging to your data sets.
Who we are
Our solutions are based on several decades of direct experience with Real World Evidence, big healthcare databases, and HIPAA-compliant data warehousing. UPK Core software was originally implemented for Aileron Solutions (now owned by IMS Health) and has been rapidly adopted across the healthcare landscape ever since.
UPK’s technology is in use by EMR providers, provider sites, healthcare service companies, and many more. Several billion healthcare records are processed by UPK software every week.
Our clients have been our best marketing, and our growth has been fueled almost entirely by word of mouth.
We pride ourselves on offering the Industry’s most cost-effective solution, with rapid deployment and implementation supported by high-touch customer service.
But we don’t stop there.
UPK continues to add offerings to expand the utility of healthcare data while always protecting patient privacy. Our team of compliance professionals, technologists, and data experts stand ready to help you secure your data AND unleash its power.
Co-Founder and CEO
Software Development and Implementation Manager
Healthcare Data Engineer
Co-Founder and Executive Chairman
Jason LaBonte, Ph.D.
Chief Product and Science Officer
Director of Business Development
Chief Financial Officer
Board of Advisors
UPK as an organization strives for excellence, and we are proud to work with outside experts to anticipate changes in the regulatory and information technology landscape so we can continuously improve our offerings. Our Board of Advisors is composed of leaders in healthcare data analytics and compliance who offer their insight for your benefit.
Niall is the former Chief Data Officer at the Centers for Medicare & Medicaid Services (CMS), and is now the President and Executive Director of the Health Care Cost Institute (HCCI). Niall is a nationally recognized expert in health care policy, the use of health care data to enable and accelerate health system change, and data transparency. .
Evelyn de Souza
As the former data privacy and security leader for Cisco and McAfee, Evelyn focused on overhauling and re-institutionalizing privacy, security and compliance. Today she serves as a strategist, empowering organizations of all sizes to make strategic and secure uses of their data. To that end she co-founded Cloud Data Protection Cert and Open Source Privacy providing organizations standard blueprints for secure data enablement.
Charles Safran MD MS FACMI
Charles is a Professor of Medicine at Harvard Medical School and Chief of the Division of Clinical Informatics at Beth Israel Deaconess Medical Center where he has helped develop and deploy large institutional clinical computing systems, electronic health records, clinical decision support systems. He was the President and Chairman of the American Medical Informatics Association and Vice-President of the International Medical Informatics Association.
Patrick Baier PhD
Patrick is a renowned HIPAA expert and is a prominent certification expert in healthcare data de-identification. Patrick is a noted cryptologist and statistician, and has authored numerous patents, articles, and other publications.