THIIC is Summit's proprietary bilateral cryptographic protocol for healthcare identity exchange. Production-deployed. Patent-pending. Built specifically to enable data partnerships without vendor middleware.
THIIC resolves identity between Summit and any partner directly — no LiveRamp, no Acxiom, no identity graph, no vendor in the middle. The bilateral key exchange happens only between Summit and the partner.
Traditional identity resolution vendors charge per-record match fees. THIIC eliminates per-record fees by making the resolution a platform capability, not a vendor service. The license covers the resolution layer.
LiveRamp, Acxiom, and most identity resolution vendors are owned by holding companies. Summit's THIIC is independent — no holding company owns the identity graph, no conflicts of interest, no data sharing obligations to third parties.
Neither party derives the shared key alone. Summit and the partner each contribute entropy to a bilateral key that only the two parties can derive. No single party can produce the matching hash without the other.
THIIC is built specifically for healthcare identity use cases. The protocol accounts for PHI-adjacent data models, HIPAA Safe Harbor de-identification standards, and BAA compliance requirements that generic identity vendors don't address.
THIIC uses standard cryptographic primitives — no proprietary algorithms, no black-box implementations. AES-256-GCM, SHA-256, ECDH — all standard, all auditable, all implementable by any party with standard cryptographic libraries.
THIIC uses bilateral key derivation to match partner CRM data against Summit's cohort without transmitting any raw PII. The eight steps below describe the full resolution flow.
Partner Safe. THIIC's bilateral architecture means a breach of Summit's systems yields wrapped hashes — not raw PII, not the bilateral key, not resolution capability. Partners' data is not exposed through a Summit breach.
Summit Safe. A breach of a partner's CRM yields wrapped hashes from that partner's sessions — not raw PII, not the bilateral key, not the ability to derive Summit's resolution. Summit's data is not exposed through a partner breach.
No Recovery. A bundled, signed, wrapped payload intercepted in transit cannot be unwrapped without the bilateral key. No PII recovery, no cohort access, no resolution capability. The bundle is inert.
In the unlikely case both Summit and a partner are breached, bilateral key exposure is theoretically possible. In this scenario, both parties coordinate on key rotation immediately. See the THIIC whitepaper for full mitigation protocols.
THIIC resolves identity for campaign activation — it doesn't perform the aggregate analytics that clean rooms handle. Use clean rooms for analysis, use THIIC for activation.
Identity graphs map cross-device and cross-channel identity. THIIC resolves against Summit's condition-confirmed cohort specifically. Use identity graphs for cross-channel matching, use THIIC for Summit cohort resolution.
THIIC resolves who the patient is. The activation platform determines where they see the ad. THIIC feeds the activation layer — it doesn't compete with DSPs, SSPs, or media buying platforms.
Every resolution operation in THIIC is logged immutably. The audit trail is designed for prosecution-grade requirements — every operation timestamped, every key derivation recorded, every signature verified. For pharma brands with strict compliance requirements, THIIC's audit log is the documentation trail that stands up in regulatory review.
THIIC is built into Summit Exchange. Any brand or partner with a Summit license can use THIIC for identity resolution. For clean-room partners, DSP integrations, or data partnership structures, contact Summit to discuss the integration architecture.
THIIC can integrate with The Trade Desk, DeepIntent, and other DSPs for audience-matched activation. Discuss integration specs with Summit's engineering team.
THIIC works alongside AWS Clean Rooms, Snowflake, and other clean room platforms. Use clean rooms for aggregate analysis, THIIC for Summit cohort activation.
THIIC's bilateral architecture enables data partnerships where neither party transmits raw PII. Summit is open to data partnership structures where THIIC enables both parties to participate without raw data transit.