Protecting Sensitive Health Data to Bring Families Together
TULIP is a simple do-it-yourself online search platform that empowers intended parents with vast egg donor choice, expert knowledge and coaching support. Fertility patients from all over the world can now search TULIP’s proprietary database of nearly 20,000 egg donors to easily find their perfect match.
Parent company Donor Concierge was looking for a way to reduce the time and administrative burden that comes with finding the right match between donors and recipients, but they could not find a donor database or tool that had everything they needed. This led to the realization that an opening for such a database in the market could be filled and TULIP Fertility was born. Says Founder Gail Sexton Anderson, “This is a huge decision and our hope for TULIP is that fertility patients can have the choice and control that they need and want when making such a huge decision about the future of their family”. Because fertility information goes far beyond basic health data to include personal choices and preferences, they knew the database had to be extremely secure, but still easy for their clients to use.
In addition to the Founders’ personal desire to keep donor information private and secure they also had to comply with HIPAA data security guidelines. The Health Insurance Portability and Accountability Act (HIPAA) is not only focused on the privacy and security of personal health data, but they also require a risk analysis & management process. Being able to prove during an audit where and how your ePHI is stored and accessed as well as the risk mitigating controls you have in place can quickly become a burden to operating a large donor database.
ALTR provided the TULIP team with a data protection service that was both flexible and extremely secure. Enabling tokenization as a service was simple and easy to set-up and maintain moving forward. Additionally, ALTR’s SaaS delivery model allowed Tulip’s development team to protect large amounts of health information inside of normal data flows without requiring major application overhauls. TULIP could now store and process almost any type of data securely with ALTR’s Data Security as a Service platform.
In addition to securing TULIP’s data, ALTR was also able to help them with their challenges around HIPAA compliance. This is because ALTR provides a secure audit trail of every request for data.
While ensuring security and compliance was the highest priority to the TULIP team, they also knew they needed a solution that would grow with them. This is another important reason they chose ALTR. They wanted to ensure that no matter how big their customer base grew, it wouldn’t affect performance down the road. Securing over 20 data points per donor, the TULIP database has been growing strongly over time.
Within 7 days, ALTR was able to provide TULIP with maximum flexibility for their developers while implementing the highest level of security for their customers. The burden of security was lifted immediately, and they were able to shift their focus to building additional features and capabilities.
TULIP went live in October 2020 without a hitch and is growing well. They rest easy knowing their customers’ data is secure and that they are not sacrificing performance for this best-in class security. And their customers appreciate it too!