...
Technology alone will not solve organizational issues or policy variance. We have modeled SPIN to fully recognize the care provider relationships, investigator data use agreements, and legal privacy definitions which regulate how freely data can flow between institutions. To leverage the existing infrastructure already in place, we have created a "Peer Group" based model wherein individual institutions choose who to exchange data with and what types of data to share. For example, a single hospital may authorize neighboring hospitals to share De-Identified cancer data for research. Other hospitals may collaborate for public health surveillance. As we deploy these systems across Harvard Medical School and elsewhere, we increasingly find that once the agreements are in place, multiple health applications can concurrently reside on the same SPIN network.
Security = Anonymization & Authentication & Authorization
...