Built with BigQuery: How Tausight enables ePHI security at scale

Editor’s note: The post is part of a series showcasing partner solutions that are Built with BigQuery.

Tausight is a startup focused on reducing the impact of healthcare-specific cybersecurity incidents by simplifying the way hospitals and healthcare systems detect and manage Protected Health Information (PHI) risk.

Founded in 2018 by David Ting, co-founder and former CTO of Imprivata, Tausight’s ePHI security intelligence uses machine learning and natural language processing (NLP) to create a detailed understanding of clinical workflows. Tausight’s platform can help save costs on storage, enables visibility to the exchange of electronic Protected Health Information (ePHI), and allows clinicians to work securely from any device or location.

The challenge of shadow ePHI

The Health Insurance Portability and Accountability Act (HIPAA) defines ePHI as having any of 18 distinct demographics that can be used to identify a patient. Healthcare providers and anyone who interacts with PHI are required by laws and regulations (such as HIPAA) to ensure that ePHI is secure and not exposed to anyone without proper authorization.

Should there be a cyber incident, organizations must identify how many patients are compromised, what information was compromised, and prove that all patient data was properly secured. Lack of visibility to ePHI can result in millions of dollars in fines, loss of reputation and business.

Unstructured ePHI moved or created outside the electronic health record (EHR) becomes much more difficult to track, control, secure, and manage, as it gets stored locally, on cloud drives, on removable drives, and shared across applications. Sometimes, this data is called Shadow PHI – it exists, but can’t be seen.

Traditional solutions struggle with accurately identifying ePHI, due to the richness of the structured and unstructured correspondence used in clinical care, resulting in many false or missed detections. Systems are often so tightly tuned to reduce false positives that it results in a huge number of false negatives – missed ePHI files.

Tausight’s AI-powered intelligence platform

Tausight’s NLP AI model goes beyond looking for patterns, it analyzes the context of the data within the document to identify sensitive patient data.

Tausight’s solution runs in the background and provides near-real-time visibility into where ePHI is stored, who is using it, how it’s being used, if it’s encrypted, and where it’s being moved. Organizations gain the knowledge and understanding of their overall ePHI posture across their business, providing insights for user training and additions or changes to controls, workflows, and policies needed to stay compliant.

Tausight is designed and operated with three key tenets:

• Do no harm: We can not impact a clinician's ability to perform their duties.
• Simple and cost-effective: Install and press ‘Go’ to find sensitive data effectively.
• Do not collect and store sensitive data: All file classification must be done on the endpoint.

With the final tenet in mind, Tausight endpoint sensors run NLP models on Tensorflow Lite. All PHI and sensitive data detection can be done locally, so only events and file metadata (but not file content) need be sent to Tausight’s platform running on Google Cloud.

Helping reduce risks and accelerate responses

Tausight enables organizations dealing with ePHI to better manage its use and reduce data sprawl by understanding user behaviors and providing education on better ways to handle ePHI while not interfering with patient care.

Organizations that use Tausight are able to minimize their exposure and liability by moving, removing, and archiving ePHI that is no longer needed, or may not be needed on a regular basis.

For example, a large research hospital running Tausight on clinician endpoints discovered ePHI in a cache file automatically created by an email client. These files represented risk in the event of malware, ransomware, and loss or theft of the device. Upon identifying this, the IT organization made a change to the email application so that it did NOT create these cache files.

In another example, a mid-size critical-care hospital running Tausight on a large file server identified a very large quantity of files containing PHI that had not been accessed in over 10 years, some over 15 years. They were not part of a legal hold or a designated record set and therefore were candidates for archival and removal. Removal of these files reduced the overall exposure of PHI as well as reducing IT costs for storage and backup.

Tausight security intelligence can also be leveraged in the event that a hospital is breached. Tausight can quickly accelerate the regulatory discovery and reporting process, saving weeks to months and millions of dollars in expensive consulting and legal time and fees. For example, a law firm that provides post-breach services utilizes Tausight to classify affected data to determine what files contained patient information.

Tausight is built with BigQuery

Tausight on Google Cloud detects, tracks, and analyzes PHI activity and risk in real time in today’s distributed healthcare ecosystem. As a Google Partner, Tausight relies on the highly scalable platform built around Dataflow and BigQuery. This capability is an important part of the choice to run on Google Cloud’s BigQuery as Tausight generates ePHI-related telemetry from all endpoints involved in patient care and expects to be able to inventory and analyze time-varying events across a network.

Incoming sensor telemetry is transformed and stored in BigQuery to form the basis for core analytics and reporting metrics that require rapid aggregation of large amounts of data. Customized analytics are also performed for customer-specific reporting needs, such as analyzing the patterns of an endpoint or user to see how they interact with ePHI.

Additionally, curated messages are selectively written to ElasticSearch to provide customer-facing analytics, reporting, and alerting. This information is used to inform CIOs, CISOs, security, and compliance officers on how ePHI is used and most importantly, provides visibility and insight into the existence, location, movement, use, and security of ePHI across their enterprise, both inside and outside their corporate networks.

Visit Tausight to learn more about their healthcare-first PHI security intelligence platform.

The Built with BigQuery advantage for ISVs and Data Providers

Built with BigQuery helps companies like Tausight build innovative applications with Google’s Data and AI Cloud. Participating companies can:

• Accelerate product design and architecture through access to designated experts who can provide insight into key use cases, architectural patterns, and best practices.
• Amplify success with joint marketing programs to drive awareness, generate demand, and increase adoption.

BigQuery gives ISVs the advantage of a powerful, highly scalable unified AI lakehouse that’s integrated with Google Cloud’s open, secure, sustainable platform. Click here to learn more about Built with BigQuery.