×

Healthcare privacy breach prevention through integrated audit and access control

  • US 9,438,632 B2
  • Filed: 02/20/2015
  • Issued: 09/06/2016
  • Est. Priority Date: 05/30/2012
  • Status: Active Grant
First Claim
Patent Images

1. A non-transitory computer-readable medium for storing instructions, the instructions comprising:

  • one or more instructions that, when executed by one or more processors, cause the one or more processors to;

    receive an access log for a medical records database,the access log including information identifying occasions in which users access medical records in the medical records database;

    map the access log for the medical records database to generate a mapped log,the mapped log comprising information identifying roles associated with the users, information identifying accesses of the medical records by the users, and user identifications,the mapped log including a plurality of mapped role-access pairs;

    reduce the mapped log to generate a reduced log,the reduced log comprising role-access pair statistics associated with a mapped role-access pair of the plurality of mapped role-access pairs,the role-access pair statistics including an average access for a user associated with the mapped role-access pair, an identification of the user associated with the mapped role-access pair, and an access count associated with the user;

    derive an updated access policy for the medical records database based on the reduced log,the updated access policy including a plurality of proposed role-access pairs;

    proxy access, of client devices, to the medical records database according to the updated access policy;

    assign the plurality of proposed role-access pairs to risk subsets,the risk subsets comprising;

    underrepresented role-access pairs of the plurality of proposed role-access pairs,underutilized role-access pairs of the plurality of proposed role-access pairs,utilized role-access pairs of the plurality of proposed role-access pairs, andunutilized role-access pairs of the plurality of proposed role-access pairs;

    determine, based on sizes associated with the risk subsets, a level of compliance with a privacy requirement based on assigning the plurality of proposed role-access pairs to the risk subsets; and

    provide the level of compliance.

View all claims
  • 0 Assignments
Timeline View
Assignment View
    ×
    ×