Company Profile - Philadelphia, PA
HealthVerity
The largest privacy-protected healthcare data ecosystem in the country - built to connect everything about a patient while knowing nothing about who they are.
The largest privacy-protected healthcare data ecosystem in the country - built to connect everything about a patient while knowing nothing about who they are.
Somewhere in a cloud region, a request runs. A life sciences researcher wants every American who started a GLP-1 drug, then later showed up in a lab result, then filed a medical claim. She gets 19 million matched journeys back. She never learns a single name. She never needs to.
That trade - total connection, zero identity - is the whole business of HealthVerity. The company sits between more than thirty national data suppliers and the pharmaceutical companies, insurers, and government agencies that want to study them. It bills its Marketplace as the nation's largest privacy-protected healthcare and consumer data ecosystem: 340 million de-identified individuals, stitched into longitudinal patient journeys, all without violating a privacy rule.
It is not a flashy product. There is no app to download, no patient who signs up. HealthVerity is plumbing - the kind of infrastructure that is invisible right up until you realize an enormous amount of modern medicine runs through it.
For decades the industry told itself a comforting story: if only there were more data, the breakthroughs would come. The story was wrong. The data already existed - in pharmacy systems, claims warehouses, lab databases, electronic medical records. The problem was that none of it could be safely connected. A pharmacy record and a hospital record might belong to the same person, but proving it meant touching the one thing the law forbids you to touch: the patient's identity.
So researchers worked with fragments. A prescription here, an outcome there, never the line between them. You could see that a drug was filled. You could not reliably see what happened next. The patient journey - the actual story medicine cares about - kept breaking apart at exactly the moments that mattered.
This is the tension HealthVerity exists to resolve, and it runs through everything that follows: how do you link a person's records to each other without ever linking them back to the person? Get it wrong in one direction and the data is useless. Get it wrong in the other and it's a privacy breach. The space in between is narrow. HealthVerity decided to live there.
In 2014, Andrew Kress and Andrew Goldberg started HealthVerity. Kress was not new to the idea. He had already built one of the largest linked de-identified healthcare data assets in the country at SDI Health, growing it to more than 600 employees before IMS Health acquired it in 2011. He had seen what worked, and - more usefully - what was still broken.
Kress is, on paper, an unlikely data-infrastructure founder. He holds a B.A. in English from Yale. Perhaps that is the point: the company's product is essentially a question of identity and meaning - what counts as the same person, told across a hundred disconnected sources.
The bet was specific. Not "collect more data." Instead: build the matching layer first - a privacy-preserving way to assign a persistent token to an individual, so any record about them could be synchronized with any other, while the identity stayed sealed off. Solve identity and privacy as one problem, and the data ecosystem would assemble itself on top.
Former SVP at IMS Health and CEO of SDI Health (acquired by IMS in 2011). B.A. in English, Yale. Built a big linked health-data asset once; came back to do it cleaner.
Co-founded HealthVerity in 2014 and runs operations. The other half of a founding team that, conveniently, only has one first name to remember.
Caption: Yes, both founders are named Andrew. No, they will not be changing it for your convenience.
HealthVerity calls its framework IPGE, and it is less a product than a discipline. Identity resolves which records belong to the same person. Privacy keeps that person de-identified throughout. Governance enforces who is allowed to see what. Exchange moves the result to whoever licensed it. The clever part is that all four run together - you cannot pull one out without the system collapsing into either uselessness or a lawsuit.
A self-service cloud platform to discover, license and build custom patient cohorts from 30+ national suppliers - claims, prescriptions, labs, EMR - across 340M+ de-identified individuals.
Identity resolution that uses probabilistic matching to unite scattered patient records into one persistent, longitudinal journey - without exposing who the patient is.
Synchronizes the patient journey and surfaces next-best actions for life sciences commercial and clinical teams. FLOW 1.1 reached general availability in 2024.
Proof, in this business, is not a logo wall. It is whether serious people will stake published research on your data. More than 100 peer-reviewed publications have. The Marketplace's reach grew again in 2025 when Premier, Inc. joined as a supplier, and the data has been concrete enough to track real-world outcomes for the 19.1 million-plus Americans on GLP-1 drugs - the most-watched class of medicines of the decade. HealthVerity has also earned an outside tell of legitimacy most data vendors never get: its own Harvard Business School case study on real-world data and evidence.
The mission, in the company's own words, is to power "a high-governance, privacy-compliant way for our partners to synchronize and exchange real-world data across the broadest ecosystem, enabling longitudinal patient journeys, frictionless access to data and better patient outcomes." Strip the jargon and it is a refusal: the refusal to accept that you must choose between protecting patients and learning from them.
That refusal has a competitive edge to it. HealthVerity operates in a crowded field - IQVIA, Komodo Health, Datavant, TriNetX and others all want to own the patient-tokenization layer. What HealthVerity sells is not just data but trust as infrastructure: governance baked so deeply into the product that compliance is the feature, not the friction.
Real-world evidence is projected to roughly double as a market between 2025 and 2030. Regulators increasingly accept it. AI models are hungry for exactly the kind of clean, linked, governed data HealthVerity assembles - and an AI trained on improperly sourced health data is a liability, not an asset. The companies that can prove their data is both connected and consented-clean will have something rarer than scale. They will have permission.
Which brings the story back to where it started. That researcher, running her query, pulling 19 million matched patient journeys out of the cloud, learning everything about a population and nothing about a person. A decade ago that query was impossible - not technically, but legally and ethically. The records existed; the bridge between them did not.
HealthVerity built the bridge. It is unglamorous, mostly invisible, and quietly load-bearing for a growing share of how new medicine gets studied. The names are still torn off. That was always the point.