THIIC PROTOCOL

Tokenized Healthcare Identity Interchange Cryptography.

Bilateral encryption protocol that enables data partnerships without any PII transit, without vendor middleware fees, and without either party giving up control of their own data. Patent-pending. Production-deployed.

Learn more at thiic.com ↗ Talk to Our Team ↗

WHAT THIIC IS

A bilateral exchange. Not a data transfer.

THIIC runs the computation between two parties — neither of whom has to share their raw data with the other, with a third party, or with a middleware vendor. Hashes are exchanged. Overlap surfaces. Both parties see the matched cohort size; neither sees the underlying records.

Brand Side

Brand PHI

Local hashing in brand environment. Ed25519 private key signs the transmission. HMAC-SHA256 for integrity. AES-256-GCM for encryption layer.

Local hash · sign · encrypt

Transmit one-way

Verify Summit signatures

Receive matched IDs

Raw data never left brand environment.

THIIC Protocol

Receive · verify signature

Decrypt · compute overlap

Sign response

Encrypt · transmit

< 90 sec

Summit Side

Summit Cohort

Local hashing in Summit environment. Ed25519 private key signs responses. Hash-chain integrity verified bilaterally on every exchange.

Receive · verify brand signature

Compute overlap

Sign and transmit result

Summit data never left Summit environment.

WHY THIIC EXISTS

The problem data partnerships can't solve alone.

When a pharma brand wants to match their first-party patient list against Summit's cohort — for lookalike modeling, attribution, or audience expansion — the standard answer is: one party sends their data to the other, or both send to a third-party clean room. Both options require trust. THIIC requires none.

Traditional approach

Data transfer: One party sends raw PHI to the other — legal risk, compliance risk, security risk.

Clean room: Both parties send data to a third-party vendor — vendor sees everything, margin stacked, dependency created.

Manual match: Offline hash exchange via spreadsheet — no audit trail, no encryption, no replay protection.

Trust required. Risk transferred. Cost added.

THIIC approach

Bilateral: Brand's PHI never leaves brand environment. Summit's data never leaves Summit environment.

Cryptographically enforced: Ed25519 signatures, HMAC-SHA256 integrity, AES-256-GCM encryption. Hash-chain audit log.

No third party: No middleware vendor, no clean room, no data escrow. Summit and the brand only.

No trust required. No risk transferred. No margin stacked.

HOW THIIC WORKS

The four-step exchange.

THIIC implements a four-step bilateral exchange. Each step is cryptographically signed and verified. No step requires either party to share raw data with the other.

Local Hash

Brand hashes patient identifiers using SHA-256. Summit hashes its cohort using the same algorithm. Both parties retain their raw data.

Sign + Transmit

Brand signs hashed payload with Ed25519 private key, encrypts with AES-256-GCM, transmits one-way. Summit does the same in the opposite direction.

Verify + Unwrap

Both parties verify each other's Ed25519 signatures, decrypt the payload, and verify HMAC-SHA256 integrity. No replay possible — each token is single-use.

Overlap + Return

Summit computes overlap count. Signs result. Encrypts. Returns matched cohort size and identifier references. Neither party sees the other's underlying records.

15–30 second exchange. Auditable. Hash-chain integrity verified bilaterally on every run.

WHAT THIIC ENABLES

Three use cases. Zero data transit.

Use Case 01

Lookalike Modeling

Brand seeds a DSP lookalike model using Summit's verified patient records. Model stays in DSP. Brand never shares their seed list with Summit.

No PII transit

Use Case 02

Attribution Matchback

Match Summit-seeded campaigns to downstream Rx fulfillment events. Brand's fulfillment data stays with the brand. Summit's response contains only matched count — no underlying records.

No PII transit

Use Case 03

Suppression List Scrub

Brand sends hashed suppression list via THIIC. Summit scrubs Summit-seeded leads against the brand's existing patients before delivery. No brand data enters Summit's environment.

No PII transit

SECURITY ARCHITECTURE

Built for production. Designed for audit.

THIIC isn't a whitepaper protocol. It's running in production. Every exchange is signed, verified, and logged in an append-only audit trail with hash-chain integrity.

Ed25519

Edwards-curve Digital Signature Algorithm. Ed25519 key pairs for signing each transmission. Batch verification supported.

AES-256-GCM

Authenticated encryption. No unauthenticated decryption. All payloads encrypted at rest and in transit.

HMAC-SHA256

Hash-based message authentication. Integrity verified on every payload before decryption proceeds.

Hash-chain Audit

Append-only audit log. SHA-256 chain integrity. Each entry references the previous entry's hash. Tamper-evident.

GET STARTED WITH THIIC

Start with a pilot exchange.

Every THIIC implementation starts with a pilot exchange on a defined cohort scope. We'll walk through the architecture, run the first exchange, and show you the audit log — all in a single session.

Schedule a THIIC Demo ↗ Learn more at thiic.com ↗

info@summitaudiencesegments.com