Privacy concerns around big data have been mounting, but a Vancouver-based company hopes to have solved the problem with a new initiative designed to protect personally-identifiable information in large data sets.
Vancouver-based Phemi produces products to securely collate and analyze large amounts of structured and unstructured information. This week, the firm introduced a technology that it calls Zero Trust.
The feature enables privacy officers to automatically lock access to data by default, and then open it up according to the roles and responsibilities of each user. It uses an identity verification system to decide who gets access to the data, explained Adam Lorant, the firm’s VP of marketing and product management.
As large datasets are imported into the product, it automatically indexes them, extracting metadata from all of the information it consumes.
“Once you have all of this rich metadata, you now need to be able to control who is allowed to see and do what with the data, and that’s the other half,” said Lorant. “So users have certain attributes that are completely separate from the data attributes.”
Those attributes could be organizational such as a user’s department or title, or more technical, such as what device and subnet they are using. A lot of this can be sourced from an LDAP-compatible directory service.
“Based on all of those things, the attributes of the data, the authorizations and the needs of the user, we can now supply rules,” he said.
When analyzing the data, Phemi’s Hadoop-based system also applies pattern matching to label potentially sensitive personal information such as social security numbers or addresses, for example. This thing gives the privacy officer some extra guidance when they are tagging different data fields as accessible by people with different roles.
The data sets can be made available to different classes of user based on access privileges. A statistician may only be able to see visualizations of aggregate data, for example, whereas a researcher might be allowed to see identifiable records.
Phemi follows Privacy by Design, a product design technique advocated by former Ontario Privacy Commissioner Ann Cavoukian. The concept advocates designing products with privacy in mind from the beginning, and revolves around seven foundational principles designed to protect privacy.
Phemi, which last month raised $12.2 million in a series A funding round, includes healthcare and life sciences among its target markets. Today, it also announced that the Life Sciences Institute of B.C.’s Personalized Medicine Initiative has used Phemi Central to collect and manage genomic and clinical data for its Molecular You Pathfinder project. This will create new molecular-level information about 20,000 participants over the next five years, helping scientists to detect disease risk.
The company also produces a specific version of its product for healthcare clinics, called Phemi Clinical. It is a care management platform designed to improve clinic productivity and patient outcomes.
The company’s offerings also target financial services, oil and gas, telecommunications, the public sector and general enterprise data warehouse optimization.