A significant recent development in the U.S. healthcare data science landscape is the Department of Health and Human Services’ (HHS) proposed modernization of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. Announced in April 2025, this initiative aims to address the challenges posed by emerging technologies, particularly artificial intelligence, and the escalating threats to data security. The proposal includes mandatory practices such as encryption, multifactor authentication, and social engineering training, reflecting a proactive approach to safeguarding Protected Health Information (PHI) in an increasingly digital healthcare environment.
To better understand the implications of these regulatory changes, we spoke with Tamanno Maripova, an award-winning data analyst, creator of predictive healthcare and NLP models, and holder of a Master’s degree in Business Analytics and a Master’s degree in Supply Chain Management from Adelphi University, a leading institution in business and analytics education.
Tamanno, with your advanced education in Business Analytics and Supply Chain Management, how do you assess the current readiness of healthcare organizations to meet new regulatory demands?
Most healthcare organizations recognize the importance of regulatory compliance, but their readiness varies widely. Institutions with established data governance frameworks and in-house analytics teams are better positioned to adapt. However, smaller providers often lack the infrastructure and expertise to implement safeguards such as encryption, multifactor authentication, and secure data pipelines. To meet new requirements, the sector must invest in both technology and workforce development, particularly in areas such as cybersecurity, risk assessment, and validation of AI systems. A proactive strategy that aligns compliance with operational goals will be essential for successful integration.
Having developed a predictive model at Dantist Clinic in Kazakhstan that reduced patient no-show rates by 40%, what challenges do you foresee in aligning AI-powered systems with the new security expectations?
Aligning AI-powered systems with new security expectations presents several challenges. First, many predictive models were initially built without considering enhanced data protection requirements, such as encryption at every stage of data processing. Retrofitting these models to meet higher security standards requires significant technical adjustments, including redesigning data storage, transmission protocols, and access control mechanisms. Second, model interpretability becomes critical: healthcare organizations must demonstrate the accuracy of AI systems and their compliance with privacy standards. Third, the human factor remains a significant risk. Without comprehensive training in cybersecurity practices, even the most technically secure systems remain susceptible to vulnerabilities. At Dantist Clinic, careful feature selection and risk-based design helped ensure both predictive performance and responsible data handling. Going forward, integrating cybersecurity principles into AI development from the outset will be essential to meet evolving regulatory expectations.
At CorpDev, you developed an NLP pipeline that analyzes qualitative data from interviews and feedback forms. How can advanced NLP solutions help healthcare organizations strengthen compliance efforts under the new HIPAA framework?
Advanced NLP solutions hold the potential to revolutionize healthcare data security. They enable healthcare organizations to process large volumes of unstructured text, including patient surveys, clinical notes, and internal reports, precisely and accurately. By applying techniques such as tokenization, entity recognition, and topic modeling, organizations can identify compliance risks embedded in everyday communications. For example, automated scans can detect references to unsecured data sharing or gaps in consent documentation. This proactive monitoring supports early intervention and strengthens adherence to privacy standards without relying solely on manual audits.
In my work at CorpDev, the NLP pipeline extracted strategic insights and improved data governance by standardizing the analysis of qualitative information. A similar approach in healthcare settings can enhance audit readiness, support risk assessments, and facilitate continuous compliance tracking. Implementing NLP as part of a broader security and analytics infrastructure will enable organizations to manage regulatory obligations more efficiently while preserving the richness and utility of unstructured healthcare data.
Given your experience training analysts at CorpDev and Adelphi University, what skills do you believe are most critical for data professionals to navigate the intersection of AI innovation successfully?
To succeed in today’s healthcare landscape, data professionals require a solid foundation in both technical and regulatory areas. Key competencies include machine learning, data encryption, risk assessment, and maintaining audit-ready data management practices. Understanding healthcare-specific regulations, such as HIPAA, and applying this knowledge when designing AI systems and analytics workflows is equally essential.
Based on my experience training analysts at CorpDev and Adelphi University, I have found that the most effective professionals combine technical expertise with critical thinking and a strong sense of ethical responsibility. Approaching AI development with a focus on both innovation and data protection from the outset enables organizations to strengthen compliance while fully realizing the benefits of advanced analytics.
You were recently recognized with the 2024 BrainTech Award for Best Big Data Solution for your work in forecasting optimization using advanced time series modeling and big data analytics. Could you share more details about this project?
I was honored to receive the BrainTech Award for Best Big Data Solution, which acknowledges contributions to advancing forecasting accuracy through the application of big data analytics. This recognition reflected the effectiveness of aligning technical methodologies with operational needs.
The project focused on improving forecast quality by analyzing complex datasets and facilitating more informed decision-making in dynamic environments. Its success demonstrated the power of a structured, data-driven approach in helping organizations respond more effectively to changing conditions and improve planning capabilities.
Tamanno, looking ahead, how do you see the future of data science in healthcare as security and compliance requirements continue to grow?
Data science will remain central to healthcare, particularly as organizations strive to enhance operational efficiency, improve patient outcomes, and comply with increasingly complex regulatory requirements. Predictive analytics, natural language processing, and AI-driven decision support tools will become even more critical, but their development will need to incorporate security and privacy considerations at every stage.
Future success will depend on developing solutions that are transparent, auditable, and adaptable to evolving regulations. Organizations will need professionals who can bridge the gap between technical innovation and regulatory compliance, ensuring that AI and data science tools drive performance improvements and maintain trust. I plan to continue contributing to this evolution by developing secure and scalable analytics solutions and promoting best practices for the responsible adoption of AI in healthcare.
