Healthcare privacy breach prevention through integrated audit and access control

US 9,438,632 B2
Filed: 02/20/2015
Issued: 09/06/2016
Est. Priority Date: 05/30/2012
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer-readable medium for storing instructions, the instructions comprising:

one or more instructions that, when executed by one or more processors, cause the one or more processors to;

receive an access log for a medical records database,the access log including information identifying occasions in which users access medical records in the medical records database;

map the access log for the medical records database to generate a mapped log,the mapped log comprising information identifying roles associated with the users, information identifying accesses of the medical records by the users, and user identifications,the mapped log including a plurality of mapped role-access pairs;

reduce the mapped log to generate a reduced log,the reduced log comprising role-access pair statistics associated with a mapped role-access pair of the plurality of mapped role-access pairs,the role-access pair statistics including an average access for a user associated with the mapped role-access pair, an identification of the user associated with the mapped role-access pair, and an access count associated with the user;

derive an updated access policy for the medical records database based on the reduced log,the updated access policy including a plurality of proposed role-access pairs;

proxy access, of client devices, to the medical records database according to the updated access policy;

assign the plurality of proposed role-access pairs to risk subsets,the risk subsets comprising;

underrepresented role-access pairs of the plurality of proposed role-access pairs,underutilized role-access pairs of the plurality of proposed role-access pairs,utilized role-access pairs of the plurality of proposed role-access pairs, andunutilized role-access pairs of the plurality of proposed role-access pairs;

determine, based on sizes associated with the risk subsets, a level of compliance with a privacy requirement based on assigning the plurality of proposed role-access pairs to the risk subsets; and

provide the level of compliance.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer-implemented method for compliance with a privacy requirement. The method comprises analyzing, using one or more processors, an access log related to a history of users accessing records; deriving a plurality of roles assigned to the users and a plurality of accesses reflecting actions taken by the users; and deriving from the access log a mapped log comprising a plurality of mapping records including a plurality of mapped role-access pairs. The method further comprises generating, using the one or more processors, a reduced log including a plurality of reduced records comprising a mapped role-access pair and statistics that are associated with the mapped role-access pair, the statistics being derived from a subset of the mapping records that include the mapped role-access pair; and deriving an access policy based on the reduced log, wherein the access policy includes a plurality of proposed role-access pairs.

Citations

22 Claims

1. A non-transitory computer-readable medium for storing instructions, the instructions comprising:
- one or more instructions that, when executed by one or more processors, cause the one or more processors to;
  
  receive an access log for a medical records database,the access log including information identifying occasions in which users access medical records in the medical records database;
  
  map the access log for the medical records database to generate a mapped log,the mapped log comprising information identifying roles associated with the users, information identifying accesses of the medical records by the users, and user identifications,the mapped log including a plurality of mapped role-access pairs;
  
  reduce the mapped log to generate a reduced log,the reduced log comprising role-access pair statistics associated with a mapped role-access pair of the plurality of mapped role-access pairs,the role-access pair statistics including an average access for a user associated with the mapped role-access pair, an identification of the user associated with the mapped role-access pair, and an access count associated with the user;
  
  derive an updated access policy for the medical records database based on the reduced log,the updated access policy including a plurality of proposed role-access pairs;
  
  proxy access, of client devices, to the medical records database according to the updated access policy;
  
  assign the plurality of proposed role-access pairs to risk subsets,the risk subsets comprising;
  
  underrepresented role-access pairs of the plurality of proposed role-access pairs,underutilized role-access pairs of the plurality of proposed role-access pairs,utilized role-access pairs of the plurality of proposed role-access pairs, andunutilized role-access pairs of the plurality of proposed role-access pairs;
  
  determine, based on sizes associated with the risk subsets, a level of compliance with a privacy requirement based on assigning the plurality of proposed role-access pairs to the risk subsets; and
  
  provide the level of compliance.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The non-transitory computer-readable medium of claim 1, wherein the unutilized role-access pairs are determined by comparing the reduced log to an existing access policy.
  - 3. The non-transitory computer-readable medium of claim 1, wherein:
    - the underrepresented role-access pairs are based on the role-access pair statistics, andthe underrepresented role-access pairs are utilized by less than a threshold proportion of potential representatives.
  - 4. The non-transitory computer-readable medium of claim 1, wherein:
    - the underutilized role-access pairs are based on the role-access pair statistics, andthe underutilized role-access pairs having an average access count per representative less than a threshold value.
  - 5. The non-transitory computer-readable medium of claim 1, wherein the level of compliance depends on a number of outlier representatives that include abnormal access utilization for at least one role-access pair.
  - 6. The non-transitory computer-readable medium of claim 5, wherein the abnormal access utilization for the at least one role-access pair depends on an average access count per representative for the at least one role-access pair and a standard deviation of access counts for representatives for the at least one role-access pair.

7. A method, comprising:
- receiving, by a computing device, an access log for a medical records database,the access log including information identifying occasions in which users access medical records in the medical records database;
  
  mapping, by the computing device, the access log for the medical records database to generate a mapped log,the mapped log comprising information identifying roles associated with the users, information identifying accesses of the medical records by the users, and user identifications,the mapped log including a plurality of mapped role-access pairs;
  
  reducing, by the computing device, the mapped log to generate a reduced log,the reduced log comprising role-access pair statistics associated with a mapped role-access pair of the plurality of mapped role-access pairs,the role-access pair statistics including an average access for a user associated with the mapped role-access pair, an identification of the user associated with the mapped role-access pair, and an access count associated with the user;
  
  deriving, by the computing device, an updated access policy for the medical records database based on the reduced log,the updated access policy including a plurality of proposed role-access pairs;
  
  proxying, by the computing device, access of client devices to the medical records database according to the updated access policy;
  
  assigning, by the computing device, the plurality of proposed role-access pairs to risk subsets,the risk subsets comprising;
  
  underrepresented role-access pairs of the plurality of proposed role-access pairs,underutilized role-access pairs of the plurality of proposed role-access pairs,utilized role-access pairs of the plurality of proposed role-access pairs, andunutilized role-access pairs of the plurality of proposed role-access pairs;
  
  determining, by the computing device and based on sizes associated with the risk subsets, a level of compliance with a privacy requirement based on assigning the plurality of proposed role-access pairs to the risk subsets; and
  
  providing, by the computing device, the level of compliance.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15)
- - 8. The method of claim 7, wherein the unutilized role-access pairs are determined by comparing the reduced log to an existing access policy.
  - 9. The method of claim 8, wherein deriving the updated access policy comprises:
    - removing one or more of the unutilized role-access pairs from the existing access policy.
  - 10. The method of claim 8, wherein the level of compliance depends on a particular number of the plurality of proposed role-access pairs assigned to one of the risk subsets and a total number of allowed role-access pairs in the existing access policy.
  - 11. The method of claim 7, wherein:
    - the underrepresented role-access pairs are based on the role-access pair statistics, andthe underrepresented role-access pairs are utilized by less than a threshold proportion of potential representatives.
  - 12. The method of claim 11, wherein the threshold proportion is 10%, andthe method further comprises:
    - controlling access to the medical records based on the updated access policy.
  - 13. The method of claim 7, wherein:
    - the underutilized role-access pairs are based on the role-access pair statistics, andthe underutilized role-access pairs include an average access count per representative less than a threshold value.
  - 14. The method of claim 7, wherein the level of compliance depends on a number of outlier representatives having abnormal access utilization for at least one role-access pair.
  - 15. The method of claim 14, wherein the abnormal access utilization for the at least one role-access pair depends on an average access count per representative for the at least one role-access pair and a standard deviation of access counts for representatives for the at least one role-access pair.

16. A device, comprising:
- a memory to store instructions,one or more processors, coupled to the memory, to;
  
  receive an access log for a medical records database,the access log including information identifying occasions in which users access medical records in the medical records database;
  
  map the access log for the medical records database to generate a mapped log,the mapped log comprising information identifying roles associated with the users, information identifying access of the medical records by the users, and user identifications,the mapped log including a plurality of mapped role-access pairs;
  
  reduce the mapped log to generate a reduced log,the reduced log comprising role-access pair statistics associated with a mapped role-access pair of the plurality of mapped role-access pairs,the role-access pair statistics including an average access for a user associated with the mapped role-access pair, an identification of the user associated with the mapped role-access pair, and an access count associated with the user;
  
  derive an updated access policy for the medical records database based on the reduced log,the updated access policy including a plurality of proposed role-access pairs;
  
  proxy access, of client devices, to the medical records database according to the updated access policy;
  
  assign the plurality of proposed role-access pairs to risk subsets,the risk subsets comprising;
  
  underrepresented role-access pairs of the plurality of proposed role-access pairs,underutilized role-access pairs of the plurality of proposed role-access pairs,utilized role-access pairs of the plurality of proposed role-access pairs, andunutilized role-access pairs of the plurality of proposed role-access pairs;
  
  determine, based on sizes associated with the risk subsets, a level of compliance with a privacy requirement based on assigning the plurality of proposed role-access pairs to the risk subsets; and
  
  provide the level of compliance.
- View Dependent Claims (17, 18, 19, 20, 21, 22)
- - 17. The device of claim 16, wherein the unutilized role-access pairs are determined by comparing the reduced log to an existing access policy.
  - 18. The device of claim 17, wherein, when deriving the updated access policy, the one or more processors are to:
    - remove at least one unutilized role-access pair from the existing access policy.
  - 19. The device of claim 18, wherein the one or more processors are further to:
    - receive a request to access the medical records database, the request indicating a role and an access;
      
      determine that the request to access the medical records database is permitted based on the updated access policy; and
      
      provide access to the medical records database based on determining that the request to access the medical records database is permitted.
  - 20. The device of claim 16, whereinthe underutilized role-access pairs are based on the role-access pair statistics, andthe underutilized role-access pairs having an average access count per representative less than a threshold value.
  - 21. The device of claim 16, wherein the level of compliance depends on a number of outlier representatives having abnormal access utilization for at least one role-access pair.
  - 22. The device of claim 21, wherein:
    - the abnormal access utilization for the at least one role-access pair depends on an average access count per representative for the at least one role-access pair and a standard deviation of access counts for representatives for the at least one role-access pair.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Accenture Global Services Limited (Accenture PLC)
Original Assignee
Accenture Global Services Limited (Accenture PLC)
Inventors
Bhatti, Rafae, Martin, Paul D.
Primary Examiner(s)
Simitoski, Michael

Application Number

US14/627,997
Publication Number

US 20150163252A1
Time in Patent Office

564 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/45   Structures or tools for the...

G06F 21/62   Protecting access to data v...

G06F 21/6245   Protecting personal data, e...

G06F 2221/2101   Auditing as a secondary aspect

G06Q 10/06   Resources, workflows, human...

G16H 10/60   for patient-specific data, ...

G16H 50/70   for mining of medical data,...

G16Z 99/00   Subject matter not provided...

H04L 63/20   for managing network securi...

Healthcare privacy breach prevention through integrated audit and access control

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Healthcare privacy breach prevention through integrated audit and access control

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links