Session 16 Security Frameworks in Data Warehousing and...
Transcript of Session 16 Security Frameworks in Data Warehousing and...
![Page 1: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/1.jpg)
Session 16
Security Frameworks in Data Warehousing and Their Interplay with Healthcare Analytics
Patrick NelliSenior Vice PresidentHealth Catalyst
![Page 2: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/2.jpg)
Learning Objectives
• Discuss the balance between data utilization and security/privacy
• Share examples in key areas that impact this balance Monitoring Data de-identification Cloud environments User access
3
![Page 3: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/3.jpg)
Why
We have an obligation to patients to make the best use of the data that we collect on their behalf
4
Data Utilization
Security / Privacy
![Page 4: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/4.jpg)
Top Technology Initiatives Driving IT Investment
5
14%
27%
29%
30%
0% 5% 10% 15% 20% 25% 30% 35%
Other
Data / Business Analytics
Security
Cloud Computing
Source: 2016 State of the CIO – Survey. Exclusive Research from CIO (http://www.cio.com/)
Why
![Page 5: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/5.jpg)
6
![Page 6: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/6.jpg)
Security and Privacy
7
• Multiple layers of security and privacy Physical Controls Preventive Controls Detective Controls Administrative Controls
Many More (HITRUST – 14 Control Categories based on ISO 27001)
• For today, primarily focus on detective
![Page 7: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/7.jpg)
Balancing Act #1
Monitoring
8
Data Utilization
Security / Privacy
![Page 8: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/8.jpg)
Poll Question #2
9
What is the most prevalent security incident pattern in healthcare (by frequency of confirmed data breach incidents)?
a) Cyberespionageb) Insider and privilege misusec) Stolen assets (e.g. laptops)d) Web application attackse) Walking away with paper recordsf) Unsure or not applicable
You Will Never
Catch Me!
![Page 9: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/9.jpg)
`
10
11%
3%
3%
3%
7%
19%
22%
32%
0% 5% 10% 15% 20% 25% 30% 35%
Everything ElseCyberespionage
CrimewareWeb Apps
Point of SaleStolen Assets
Misc. ErrorsPrivilege Misuse
Source: Verizon 2016 Data Breaches Investigations Report
Security Incident Patterns in Healthcare(% of total incidents, only confirmed data breaches)
**Higher Than Any
Other Industry
![Page 10: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/10.jpg)
`
11
55%
57%
60%
61%
61%
68%
78%
85%
0% 10% 20% 30% 40% 50% 60% 70% 80% 90%
Network monitoring toolsIntrusion detection systems (IDS)
Audit logs of access to pt. recordsPatch and vulnerability management
Data encryption (data at rest)Data encryption (data in transit)
FirewallsAntivirus/malware
Tools Implemented for Information Security By Acute Care Providers
Source: 2016 HIMSS Cybersecurity Survey
![Page 11: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/11.jpg)
Our Perspective
• Logs aren’t enough, need monitoring• Manual Search and BI on top of logs Human reviews
• Automated Alerting rules (PagerDuty, Azure OMS, etc.)
12
![Page 12: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/12.jpg)
Monitoring
13
Stack Examples Example Metrics
Analytical Applications / Reports
Web-based, Qlik, Tableau, BO
Usage, click paths, performance
Analytics Environments Specialty focused environments for Predictive Analytics, NLP, Image Analysis
Performance, run times, model metrics (rmse, accuracy)
Database / Data Store / ETL / Compute
SQL Server, Oracle, DataLake
Queries, Access (AD), ETL run times
VMs / Hardware OS (Windows / Linux),Virtualization (HyperV, VMWare)
Event logs (installs, invalid logins, failed applications), performance logs
Network Switches, Firewalls, Routers Invalid logins, suspicious login patterns (IP-analysis)
Benefits
Security / Privacy
Performance / Efficiencies
Product D
evelopment
![Page 13: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/13.jpg)
Triple Benefit of Monitoring Analytics Products
• Security / Privacy
• Performance / Efficiencies
• Product Development
14
![Page 14: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/14.jpg)
Triple Benefit of Monitoring Analytics Products
• Aligns with Level 4 and 5 of HITRUST Policy Process/Procedures Implemented Measures Managed
• Enables streamlined re-certification (SOC 2, HITRUST)• Enables audit of access and appropriate use
15
Security / Privacy – Overview
![Page 15: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/15.jpg)
Triple Benefit of Monitoring Analytics Products
16
Security / Privacy – Ex. Appropriate Use
WHERE p.PersonNM = ‘Pete Hess’
![Page 16: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/16.jpg)
Triple Benefit of Monitoring Analytics Products
17
Security / Privacy – Ex. Appropriate Use
![Page 17: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/17.jpg)
Triple Benefit of Monitoring Analytics Products
• Automate Access Review
Query access groups (Active Directory)
Query database access (SQL Server) or application access (Qlik, Tableau, Web)
Query SQL queries (IDERA) and application usage (Qlik, Tableau, Web)
18
Security / Privacy – Ex. Access
![Page 18: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/18.jpg)
Triple Benefit of Monitoring Analytics Products
19
Performance / Efficiencies
![Page 19: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/19.jpg)
Triple Benefit of Monitoring Analytics Products
20
Performance / Efficiencies
![Page 20: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/20.jpg)
Minimize Total Time Through
the Loop
Triple Benefit of Monitoring Analytics Products
21
Product Development – Overview (Think Lean)
LEARN BUILD
MEASURE
IDEAS
CODEDATA
Session CountsDistinct UsersReturn Users
(Cohort Analysis)Click PathsSelections
Satisfaction Survey (Net Promoter
Score)A/B Tests
Source: Eric Reis, The Lean Startup
![Page 21: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/21.jpg)
Triple Benefit of Monitoring Analytics Products
22
Product Development – Example
![Page 22: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/22.jpg)
Triple Benefit of Monitoring Analytics Products
23
![Page 23: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/23.jpg)
Balancing Act #2
Data De-Identification
24
Data Utilization
Security / Privacy
![Page 24: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/24.jpg)
Safe Harbor
25
• 18 data elements removed/transformed
• Problematic Areas
All elements of dates (except year) for dates
All geographic subdivisions smaller than a state
“The covered entity does not have actual knowledge that the information could be used alone or in combination with other information to identify an individual who is a subject of the information”
![Page 25: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/25.jpg)
• No one-size-fits-all transformations
• Curse of dimensionality (k-anonymity)
• Tradeoff between anonymity and utility
• Hard to get right, restricts vast majority of analytical use cases
Expert Determined
26
Source: [1] http://toddwschneider.com/posts/analyzing-1-1-billion-nyc-taxi-and-uber-trips-with-a-vengeance
![Page 26: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/26.jpg)
Data Flow
AnalyticalValue of Data
Category
Location
Analytical Use Cases
Full PHI (Untransformed)
Secure Environments
Ad hoc querying, analytical applications,
reports, decision support, etc.
Redacted Data (Still PHI)
Secure Environments
Ad hoc querying, analytical applications,
predictive analytics, image analysis, etc.
HIPAA De-Identified Datasets
Varies
Product development, summary aggregated
metrics
Privacy & Security Risk
Data Continuum
![Page 27: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/27.jpg)
Balancing Act #3
Cloud
28
Data Utilization
Security / Privacy
![Page 28: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/28.jpg)
Cloud Environments
29
Overview
Stack Examples Example Metrics
Analytical Applications / Reports
Web-based, Qlik, Tableau, BO
Usage, click paths, performance
Analytics Environments Specialty focused environments for Predictive Analytics, NLP, Image Analysis
Performance, run times, model metrics (rmse, accuracy)
Database / Data Store / ETL / Compute
SQL Server, Oracle, DataLake
Queries, Access (AD), ETL run times
VMs / Hardware ?????
Network ????? Attempted sign-ons,
Benefits
Security
Performance / Efficiencies
Product Developm
ent
• Most of the analytics stack will eventually move to the cloud
• However, first cloud pressure will be for specific analytics use cases
![Page 29: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/29.jpg)
Cloud Environments
30
Best Practices – Leverage Their Audits
Source: 13 Effective Security Controls for ISO 27001 Compliance When using Microsoft Azure
![Page 30: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/30.jpg)
Cloud Environments
31
Best Practices – Monitoring
![Page 31: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/31.jpg)
Cloud Environments
32
Best Practices – Alerting
![Page 32: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/32.jpg)
Cloud Environments
33
Best Practices – Security Center
![Page 33: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/33.jpg)
Topic We Are Contemplating
34
Data Utilization
Security / Privacy
![Page 34: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/34.jpg)
User Access
• Streamline user permission granting process Make select reports / applications
available to everyone within certain roles Involve data stewards
• Role based security Simplify roles
35
![Page 35: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/35.jpg)
Lessons Learned
36
1. Data is useless if you don’t put it in the hands of analysts, operators, and clinicians. Need to strike a balance between security/privacy and data exposure.
2. Logging is not enough, need to make the data actionable through search and BI. This can lead to multiple benefits:
a. Security / privacy
b. Performance efficiencies
c. Better product development
3. Data de-identification is typically not a good balance of utilization and security.
4. Cloud environments, if set up properly, help with the balance of utilization and security.
![Page 36: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/36.jpg)
Analytic Insights
AQuestions &
Answers
37
![Page 37: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/37.jpg)
What You Learned…
38
Write down the key things you’ve learned related to each of the learning objectives
after attending this session
![Page 38: Session 16 Security Frameworks in Data Warehousing and ...hasummit.com/wp-content/uploads/2016/05/16... · 5/16/2016 · Security Frameworks in Data Warehousing and Their Interplay](https://reader034.fdocuments.in/reader034/viewer/2022050411/5f886879312b932b271639e8/html5/thumbnails/38.jpg)
Thank You
39