Health data demo contract
Used in health insurance
for healthcare
This is a simplified health data contract that shows how privacy implications of sensitive health data can be captured in a STRM data contract. We consider a patient's medical practice and city sufficiently broad to be not sensitive. Direct PII (like names) requires the highest purpose for decryption. Indirect PII such as cohort identifiers like (combinations of) medications could easily lead to identification but are indirect. Heart rates and blood pressures can lead to K=1 identification (even without a patient id), but in this example we want to retain the integrity between data points to be useful.
Event Contract reference
strm-demo/health-demo-contract/1.0.0
Schema reference
strm-demo/health-demo/1.0.4
Event contract overview
| Type | Field | Value | Description |
|---|---|---|---|
| Key field | patient_id | Links events to the associated field for privacy processing. | |
| PII field | diagnosis | 2 | needs consent |
| PII field | medication | 2 | needs consent |
| PII field | patient_address | 3 | needs consent |
| PII field | patient_id | 1 | needs consent |
| PII field | patient_name | 3 | needs consent |
| Validations | none | No validations applied |
Serialization schema fields
| Field | Description |
|---|---|
| patient_id | . |
| practice_id | . |
| patient_name | . |
| patient_address | . |
| patient_city | . |
| medical_bloodpressure | the current blood pressure described as SYSTOLIC / DIASTOLIC |
| medical_heartrate | the current heart rate in a whole number |
| diagnosis | the current diagnosis as text |
| medication | what (if any) medication is this patient using |