The mission of i2i is to promote fair care; to eliminate unnecessary spending and enable an optimal distribution of funds within the health care ecosystem. i2i does this by performing data analyses. These data analyses are discussed with doctors and other health care professionals, so that they are able to provide fair care.
For these data analyses, i2i processes large amounts of privacy-sensitive data on behalf of health care providers and health insurers. The data that i2i analyses as a processor comes from healthcare providers (hospitals, pharmacies, mental health care institutions), health insurers and public sources such as the Central Bureau for Statistics (CBS). The data that i2i receives is privacy-sensitive and also contains data about the health of people.
The personal data of patients and policyholders are not relevant for the analyses of i2i, the analyses are aimed at recognising patterns and not at individual persons. Therefore, all personal data is anonymised or pseudonymised. i2i cannot identify persons based on its data. In addition, i2i has taken a number of security measures to protect the confidentiality of the data.
Confidentiality of data and analyses
- i2i only processes anonymised or pseudonymised personal data, which means that i2i does not process any personally identifiable information. This guarantees a safe and careful handling of personal data.
- i2i has set up and certified its business process according to the NEN 7510 standards: 2017 and ISO/IEC 27001:2013. Verification of the certificates is possible via this link for NEN 7510 and via this link for ISO 27001 or by telephone with BSI Group The Netherlands on telephone number 020 34 60 780. Internal audits are periodically carried out and an external audit is performed annually to check whether the requirements for secure data processing are still being met.
- i2i only processes data in accordance with the purpose for which the data was supplied.
i2i does not share any data with third parties. The data that i2i receives from health care providers is not shared with health care insurers or other third parties without the consent of the relevant health care provider.