Data privacy solution TripleBlind secures $24M backed by General Catalyst, Mayo Clinic

TripleBlind is taking a new approach to enterprise-level data sharing that preserves privacy, and the startup just scored $24 million to keep up with strong demand for its technology.

The Kansas City, Missouri-based company developed a proprietary cryptographically enforced data privacy solution that enables enterprises to enforce the data privacy regulations in place in more than 100 countries—such as the General Data Protection Regulation (GDPR) in the EU and the Health Insurance Portability and Accountability Act (HIPAA) in the U.S., as well as the regulations in four U.S. states, such as the California Consumer Privacy Act (CCPA).

TripleBlind developed a way to encrypt data so they can be shared without being decrypted or leaving the data owner's firewall. TripleBlind does not host or access the data, the company said.

Company executives say the technology significantly differs from existing solutions and is not based on homomorphic encryption, secure enclaves, tokenization/masking/hashing and differential privacy, synthetic data, federated learning or blockchain. 

The oversubscribed series A funding was led by General Catalyst and Mayo Clinic. This round follows TripleBlind’s pre-seed raise of $8.2 million announced in March.

RELATED: Mayo Clinic taps Google Cloud as strategic partner to accelerate innovation in AI, analytics and digital tools

“Bringing together AI algorithms and data in ways that preserve privacy and intellectual property is one of the keys to delivering the next generation of digital medicine,” said John Halamka, M.D., president of Mayo Clinic Platform, in a statement. “These novel privacy-protected solutions promise to usher a new era of collaboration.”

Halamka joined the TripleBlind board as an observer.

Mayo Clinic also invested in the company's seed round. TripleBlind is collaborating with Mayo on data analysis, algorithm training and validation on one-way encrypted data and on next-generation algorithm sharing. Mayo Clinic researchers are using TripleBlind’s tools to validate interoperability of encrypted algorithms on encrypted data and the training of new algorithms on private data, the organizations said.

TripleBlind’s solution enables entities to share and collaborate with data anywhere in the world. without the need to share raw data, thus preserving privacy and security while meeting regulatory standards, according to the company.

The company estimates there are some 43 zetabytes of data stored by enterprises today that are inaccessible and not commercialized due to privacy concerns, operational complexity and regulations. 

RELATED: Google, Ascension defend their health 'data transformation' partnership

“When we launched last November, the primary interest in TripleBlind’s solution was among healthcare organizations, to more effectively share data while enforcing HIPAA and GDPR,” said Riddhiman Das, TripleBlind’s co-founder and CEO, in a statement. “Today, interest has grown exponentially and now includes leaders in financial services, media and telecommunications, energy and many other industries where sharing data assets is critical to sustained, long-term growth. The strong interest from our current and new investors highlights the growing market need for data privacy solutions that are both effective and efficient.”

In addition to General Catalyst and Mayo Clinic, series A round participants include AVG Basecamp Fund, Accenture Ventures, Clocktower Technology Ventures, Dolby Family Ventures, Flyover Capital, KCRise Fund, NextGen Venture Partners and Wavemaker Three-Sixty Health.

Healthcare organizations increasingly need to collaborate on data while preserving privacy, data rights and intellectual property.  

"Particularly important today in the healthcare industry, as the lack of data mobility results in fragmented and non-optimal care,” said Quentin Clark, managing director of General Catalyst, in a statement.

“At General Catalyst we believe that TripleBlind’s platform for enabling teams to work together with the most private and sensitive data is a necessary part of how companies will be able to have agility while respecting the privacy of their customers, and the intellectual property of their partners," Clark said.