Mastering Data Sharing

Master data management technology enables information to be shared
using a federated data model, ensuring complete data and privacy protection.

By Scott Schumacher
 

Every day, the different military departments and branches face similar challenges in assuring mission success. Every day each must collect information from a vast array of disparate data sources, identify known or suspected persons of interest to help eliminate potential threats, and then coordinate action based on that information.

For the sake of national security, today’s military must be able to share this type of information throughout the organization despite differences in organizational hierarchies, strategies, data models and more.

The military can securely share information today—on demand and in real time—using technology that exists now and is already being used by a range of agencies within a variety of programs.

The technology is master data management (MDM). Also known as “entity resolution,” this technology works by performing probabilistic matching across data sources to provide a consolidated, composite view of a single individual. That information can then be shared using a federated data model, ensuring complete data and privacy protection.

Data sharing and exchange are an absolute necessity, and are quickly becoming a technology requirement. In 2004 and 2005, the president issued executive orders—stemming from the Intelligence Reform and Terrorism Prevention Act of 2004—to enhance information sharing among agencies.

Attempts have been made to create information sharing networks focused on terrorism prevention, such as the Joint Regional Information Exchange System, but few have been successful. In that particular case, the differences between the needs of the parties involved became too great.

One of the barriers was an issue of privacy and security—and determining who would have access to this highly sensitive information. Privacy and security, and protecting data, have become hot-button issues for all agencies amid reports of missing laptops that contain sensitive information.

The reason is that most data sharing today is done by downloading data, transmitting it to another location, and storing it where it was not originally meant to be stored—on a laptop or desktop outside of the organization itself. Obviously, that model must change.

The need, therefore, is not only to share information, but to share information in a way that is secure, that allows access only to authorized users, and protects the integrity of that data—all while protecting citizen and servicemember personally identifiable information. This is precisely what MDM does.

Common Assets

MDM is “a workflow-driven process in which business units and IT collaborate to harmonize, cleanse, publish and protect common information assets that must be shared across the enterprise. MDM ensures the consistency, accuracy, stewardship and accountability for the core information of the enterprise,” according to Gartner Group.

MDM systems work by accessing and comparing similar records about a single entity, such as a hospital patient, and then eliminating duplicates and potential errors and linking all this information to form a single, accurate version of a record.

For example, let’s say Jane Smith grew up in New York City, moved to Denver after college, then got married—changed her last name to Jones—and moved to Los Angeles. In the context of a national health information network, for example, MDM technology would be able to help locate all the different medical records of the same Jane Smith Jones and identify them as multiple records from one person.

The technology reaches these “conclusions” by performing probabilistic matching across a range of data sources to provide a consolidated, composite view of a single entity—an individual, group, location or other things. The technology is sophisticated enough to compensate for aliases, missing information, incorrect information, and even differences in languages and international naming conventions.

Simply put, MDM is designed to analyze a vast amount of information, and make connections among the information—to establish relationships where none may have been obvious before. One of the key advances in this technology, and the one that makes large scale data-sharing operations possible, is that these advanced comparison algorithms are applied in real-time.

Having a single, accurate version of an entity also lets organizations ensure the integrity of the information they provide to others.

Military Potential

Within the military, the potential applications for MDM are near endless, from threat detection to military identity management to military health IT initiatives.

As MDM provides a complete set of information about a single entity, or a single “person of interest,” the technology can be critical in helping detect and eliminate potential threats. By linking information that had been thought unrelated, the military has the potential to identify suspected persons of interest or link already known persons of interest to others not yet identified.

An increasing number of federal agencies, state governments and health care institutions are turning to MDM as a solution for information sharing within and outside their organization. While many are highly sensitive implementations, some are gaining exposure and recognition, and can serve as examples of successful deployments.

In the health care industry, patient records are critically private. Yet, it is rare that one person, with an entire history of medical visits and procedures, stays in one place and does not move or travel. The challenge in the health care industry is to allow hospitals and other health care facilities to share patient records, which can be critical to patient health, without compromising the records themselves.

An MDM solution solves this challenge. In fact, the health care industry is one of the first users of this technology. One of the most advanced regional and national health information networks running today was created by Massachusetts SHARE (Simplifying Healthcare Among Regional Entities)—a collaborative initiative run by the Massachusetts Health Data Consortium.

In its work with Computer Sciences Corp. and the public-private collaborative Connecting for Health, MA-SHARE has participated in a three-state prototype health-information network linking about 20 million medical records associated with 500,000 patients across networks in Massachusetts, Indiana and California.

In the U.S. public sector, law enforcement is using MDM as well, as several regions around the country link case data from multiple agencies—federal, state and local—to provide information about criminal suspects through a single search portal. This system segments the data so that law enforcement officials within a specific state or locality can share information with each other and with federal agencies, although they cannot see information about investigations going on in other states. Each jurisdiction has its own set of security policies, procedures and governance boards regarding how and with whom to share data.

Federated Model

Part of the appeal of MDM technology is the way it can be set up in a federated data model, which is the cornerstone of this technology’s data protection capabilities.

A federated data model provides organizations the ability to access and present data without actually moving the data from its local database. Federated data technology creates an index of, and pointers to, data stored in multiple source systems. It’s like a virtual arrow that says, “Data, this way.”

Data sharing within a federated data model means the owner of each source database decides exactly what data will be shared with others, both within and outside the organization. Access rules continue to be applied because the data has not moved.

The differences of the federated model are evident when compared with more traditional ways of sharing data.

With a transactional approach, data is shared through a transactional hub system. This type of system physically stores data from multiple source systems in a centralized database and shares it with users throughout the enterprise. While this type of data-sharing solution is effective, it can also be rather costly and time consuming. It may take years, and millions of dollars, to redesign data systems, data models and data flow. Additionally, it requires the original data leave its original database. It requires restructuring of data ownership. Any time data is restructured or moved, risk becomes a factor.

A federated approach incorporates aspects of centralization, but ultimately lets individual units retain local control for security, regulatory and other mission-process purposes. A federated system establishes a central “index” of where data can be found, rather than creating a database of the records themselves.

Unlike a transactional hub approach, a federated solution does not require replication, migration or modification of pre-existing data. Legacy systems that maintain agency information continue to function as originally intended; the model does not modify processes already running. Privacy, access control and other agency policies are kept intact.

Rules are generated to govern data selection, qualification and filtering to ensure only the appropriate information is presented to any given user at any given time. Because rules are established using a software interface, administrators can alter them at any time to accommodate new mission requirements and regulations.

Intra-military information sharing is critical to mission success. There is a way to share and secure information simultaneously, through MDM, which is being used today to enable real-time information sharing. With this type of solution, each branch can deliver the right data at the right time and achieve mission success. ♦