Date: December 1, 2020
Artisight, Inc. licenses its software and data services to hospitals as tools to help collect and aggregate data to help coordinate events, personnel, and procedures for multiple operating rooms and patient bays in a hospital setting. Hospital customers can use the software to display the status of individual operating rooms, procedures, assets, materials, patients, surgeons, anesthesiologists, nurses, and other hospital staff members working in these areas. It collects data from a variety of sources, including video cameras that monitor the status of these spaces and assist in the management functions of their software in addition to generating data for optimization problems. With artificial intelligence, the software is able to monitor an area for specific events and assets to coordinate highly efficient processes on a large scale.
For the privacy of patients and hospital staff, our software stores videos without any identifying images, links to individual patient records, or searchable tags, besides the surgical procedure and hospital name. That is, the videos are stored overnight to a permanent database with only the name of the procedure name (e.g. Laparoscopic cholecystectomy) and hospital name (e.g. Northwestern Memorial Hospital). An algorithm will identify the heads of both staff and patients and cover them with a black box in each frame. The stored de-identified video are used to train the artificial intelligence functions of the software at the hospital’s request.
In order to assist with clinical documentation, our software does interface with the hospital’s electronic medical records. During this interface, the database is temporarily populated with protected health information. This allows the software to document events captured by the artificial intelligence in the appropriate patient’s chart. However, no protected health information, like a medical record number, name, or address, is stored permanently. This information is dumped from the databases during the nightly backup process that stores the videos.
1. What Kinds of Personal Information Artisight Collects
Artisight’s software collects and displays on its digital dashboards Personal Information about patients in the hospital’s operating rooms and patient bays managed by our software. The main categories of Personal Information gathered by our software are:
- Patient names (displayed as initials)
- MRNs and encounter IDs (not displayed)
- Hospital staff names
- The procedures being performed on these patients
- Video of patients taken by cameras in operating rooms and patient bays (not displayed)
As described previously, our system removes faces/heads from images of patients and staff members before video is stored within the system. Thus, the video, once stored in the system’s database, does not constitute “Personal Information” or “Protected Health Information.”
The software also collects additional information from hospital staff, which does not include Personal Information. Most of this information relates to timestamped events. The software itself generates and reports on quality metrics, timestamps, and other information reported to the hospital that do not relate to individual patients. This information is store separately and without a link to the videos.
Most of the Personal Information relating to patients collected by the software constitutes “Protected Health Information” (“PHI”) within the meaning of the Health Insurance Portability and Accountability Act (HIPAA) and regulations issued under HIPAA. Accordingly, Artisight enters into HIPAA “business associate agreements” with our hospital customers to protect the privacy and security of PHI collected by our software. Of note, this information is used in a temporary database that is permanently deleted from our systems each night. We do not keep any PHI in our permanent databases.
The hospital can configure our software to collect additional categories of information, some of which may be Personal Information, including PHI. We may have access to these additional categories of information in connection with our maintenance of the software.
2. How Artisight Collects Personal Information
The software collects patient Personal Information from two sources:
- Patient names, IDs, planned procedures, and other confidential information collected from the hospital electronic medical records systems via HL7 or report sharing interfaces (e.g. Flat file download).
- Video collected from video cameras in operating rooms, hallways, and patient bays per the hospital’s request
The software receives information from electronic medical records systems via a structured electronic transmission using a standard format. The information is encrypted while in transit.
The video stream is transmitted to our system via encrypted (using TLS encrypted channels, typically on a VLAN if provided by the hospital. On arrival, it is analyzed for objects and events of interest and stored in a temporary database. Overnight, the video is converted to a permanent database. During the conversion, the heads of staff and patients are blacked out and the hospital and procedure names are stored to the video. The video files are all saved with the same date and timestamp, so they are impossible to query by date or time.
Hospital staff members input Personal Information about staff members (names, positions, phone numbers) for the purposes of workflow coordination. A hospital may also input additional configurable categories into our databases via its own collection methods at their request. This data is kept in a permanent database as it is used on a daily basis for workflow coordination. It does not constitute patient information or protected health information.
3. Use of Personal Information
Artisight uses the collected Personal Information to display on digital dashboards for the purpose of disseminating important information to staff members. In this manner, the software facilitates coordinated events, personnel, and procedures across multiple operating rooms and patient bays. We will also use the Personal Information to locate the appropriate patient record for documentation in the electronic record. However, this only occurs for patients on the day of surgery. As we do not retain PHI, we have no ability to locate patient records after the day of their surgery.
The stored de-identified videos will be used to train and update, from time to time, the computer vision algorithms, to perform existing functions of the system, and to assist in the development of new features of the software that may be unique to the hospital, hence the need to tie the institution and procedure names to the videos.
4. Sharing or Disclosing Personal Information
We do not sell, share or rent Personal Information under any circumstances. We do not permanently store Personal Information. All PHI is held in temporary databases for less than 24 hours.
We may, however, sell, transfer, or otherwise share some or all of Artisight’s assets in connection with a merger, acquisition, reorganization, or sale of assets of our business, or in the event of bankruptcy.
We may disclose the Personal Information we collect and the other collected data used by the software when required by a subpoena, court order, search warrant, other legal process, requests by law enforcement agencies, or applicable law though we have no ability (videos are stored with procedure and hospital name only, not date, time or PHI) to locate specific video records and they will contain facial blurring. Also, we may disclose Personal Information and data collected by the software to maintain the security of our or the hospital’s software or systems, resolve disputes, or investigate misuse of our software or these systems.
5. Safeguarding Personal Information
Artisight maintains reasonable and appropriate administrative, technical, and physical safeguards to:
- Provide assurances of the confidentiality and integrity of the Personal Information we collect or to which we have access,
- Protect against reasonably anticipated threats to the confidentiality or integrity of the Personal Information in our possession or that we access, including the threats of unauthorized access or use, and
- Require compliance with our privacy and security practices by Artisight personnel and third parties that have received access to Personal Information we have collected.
Among other things, the hardware on which our software runs are located on client premise and thus are protected by our customers’ firewalls and physical security measures. Some of our services will run in the cloud on Microsoft Azure per our clients’ requests. In all deployment configurations (cloud, on-premise, or hybrid), our systems are SOC-2 compliant. All data and video transmissions are encrypted with the TLS 1.2 encryption protocol.
The de-identified videos are stored on encrypted media owned by Artisight, Inc. and are password protected. All servers deployed behind the hospital’s firewall remain the property of Artisight, Inc. at all times. All servers are kept up to date with appropriate antivirus and security measures.
6. Access to Personal Information and Making Changes
It is possible that a patient or representative or a patient may seek to exercise individual rights regarding PHI in our possession under HIPAA’s privacy regulations, including:
- Requests to limit uses or disclosures of PHI.
- Requests to access or receive a copy of PHI about the patient.
- Requests for amendments to PHI about the patient.
- Requests for an accounting of disclosures of PHI about the patient.
Our agreements with our hospital customers require our customers to notify us promptly of any such requests. We will then work with the customer to assist in a response to the patient. However, we do not have the ability to retrieve specific procedure videos and we do not store permanently any PHI. Therefore, we would have little if any information relevant to a specific patient to share upon request.
Individuals wishing to contact us directly to access Personal Information in our possession or amend it may write to us at [email@example.com]. Our privacy group will provide a response to any such requests.
7. Contact Information
8. Resolving Complaints
Please send us enough information and whatever documentation or evidence you have to support your position in order for us to investigate and evaluate what you have submitted to us. We may write to you asking for more information if we do not have sufficient information to evaluate or resolve your complaint.