Identity Manager logo

Identity Manager

Privacy-preserving identity resolution and de-identification for real-world data interoperability across unlimited data sources.

Solution by HealthVerity
Visit website

Overview

HealthVerity Identity Manager is a standalone De-Identification as a Service (De-IDaaS) platform designed for organizations working with real-world data (RWD) that require privacy-preserving identity resolution. It is built for research-quality use cases and addresses the limitations of legacy tokenization technologies by providing a persistent, unique HealthVerity ID (HVID) that serves as a single source of truth for linking and unifying patient records across first-party and third-party data sources.

Identity Manager operates independently of HealthVerity Marketplace, though it can also integrate with it. It is certified as HIPAA compliant and is designed to support FedRAMP-aligned security standards, making it suitable for organizations with strict regulatory and compliance requirements.

Core Capabilities

  • Standalone De-ID service that functions with or without HealthVerity Marketplace
  • Supports identity resolution across a single dataset or multiple datasets of the customer's choice
  • Processes and de-identifies up to 1 million records per second
  • Generates a persistent, unique HVID that is client-specific but interoperable across all clients and data sources via a cloud-based master patient index
  • HVIDs can be customized to limit or expand how research-ready data is enabled, supporting various levels of enterprise compliance, patient privacy, and regulatory frameworks
  • Can be deployed and operational within the same day

Privacy and Security Architecture

  • All PII is processed behind the customer's firewall using a custom De-ID engine, producing a one-way cryptographic salted hash
  • The salted hash is sent securely to HealthVerity's matching environment, which operates as an independent service — HealthVerity itself never has access to the encrypted hashes
  • Hashes are resolved to HVIDs within the matching environment; HealthVerity only receives the HVID, then produces a client-specific variation to deliver to the customer
  • This three-step process ensures the HVID cannot be reverse-engineered back to PII
  • The HIPAA compliance of this process has been certified by Dr. Brad Malin of Vanderbilt University
  • Architected with multiple layers of security, contrasting with legacy tokenization approaches where tokens are direct expressions of PII and may be vulnerable to reverse engineering or brute force attacks

Deployment Modalities

  1. Batch: Customers receive a pre-configured file that enables processing of records behind their own firewall, keeping all PII with the data owner.
  2. API: Customers write to the HealthVerity Identity API for real-time record processing, with all PII remaining with the data owner.
  3. Hosted: Customers pre-configure PII to a consistent data layout, which is encrypted and transferred via secure file transfer to a privacy-protected virtual environment, processed, and then securely deleted.

Data Interoperability and Use Cases

  • Supports a limitless combination of data sources for a wide range of use cases
  • The universal HVID is interoperable across datasets of the customer's choice or can be synchronized with HealthVerity Marketplace, described as the nation's largest healthcare and consumer data ecosystem
  • Supports creation of a master patient index for internal data, collaboration with third-party data, or licensing through HealthVerity Marketplace
  • All four processing modalities can be implemented in any environment — centralized or decentralized — and require only hours to install and execute

Identity Manager supports organizations regardless of their security protocols or technical expertise. Its pricing model is described as simplified, and the platform is positioned as an alternative to legacy tokenization solutions for teams seeking research-grade patient data interoperability with strong privacy guarantees.

Meta

Domain
Clinical & Health Data Management
Subdomain
Clinical Data Anonymisation & Redaction
Software type(s)
Integration / Middleware
Deployment type(s)
Hybrid
Industry vertical(s)
Academic / ResearchBiotechCRODiagnostics / IVDPharma
Development stage(s)
ClinicalPost-Market & RWEResearch & Discovery
Target user(s)
Research ScientistBioinformatician / Computational ScientistIT / Systems Admin / Data Engineer
Compliance standard(s)
HIPAA