Case Study: Cognoa achieves FDA- and HIPAA‑compliant clinical research data protection and 100x faster data access with Immuta

FDA and HIPAACompliant Data Protection for Clinical Research

Cognoa, a pediatric behavioral health company developing digital diagnostics and therapeutics, faced the challenge of training machine learning models on highly sensitive AWS-hosted patient data while meeting HIPAA and FDA requirements. Their legacy approach relied on manual scripts, month‑old snapshots and data copies, which slowed research and made it difficult to demonstrate compliant, auditable access for double‑blinded clinical trials. Cognoa turned to Immuta for granular policy enforcement to accelerate HIPAA‑compliant machine learning.

Immuta implemented attribute‑based, purpose‑driven access controls, real‑time policy enforcement, audit logging and a service‑account model to support double‑blind studies, later migrating Cognoa to Immuta SaaS for easier maintenance. The result: 100x faster data access (“same day, same hour”), reallocation of 2 FTEs from manual access tasks, protection of 160+ tables, and clear, auditable proof of FDA and HIPAA compliance for clinical trials.

Cognoa

Charlie Qin

Data Platform Owner