Learn HIE Concepts

Access Management

Our HIE solution guards against unauthorized manipulation of data or data entry by enabling appropriate access control. We utilize a Single-Generation Additive Group Inheritance security model that is sufficiently flexible to address all privilege scenarios. This role-based management and security model is based on user assignment to "groups," where each named group is equivalent to a role within the enterprise. Users are denied all access privileges by default, and will only see applications, interface features, and data elements for which privileges have been explicitly granted. Users may be members of one or more groups, and privileges are inherited in a strictly additive manner from all groups to which they belong. When a user is a member of more than one group, the functional components, data Baseviews, and applications available to the user will be defined by the union of all privileges from all of the user’s group memberships. Users may also have special privileges assigned directly at the level of the individual user, but revocation of inherited rights is not permitted.

This security privilege model was selected because it optimizes for long-term serviceability and manageability through simplicity and transparency. One important benefit is that it eliminates the possibility of inadvertently affecting users through effects that propagate invisibly along a multi-step downstream chain. This reduces the risk of privilege errors and provides improved safety, security, and long-term serviceability in a healthcare enterprise environment that is inherently complex, changing, and has a high cost of errors. The disadvantage of this approach is that it may require greater initial investment in the early phases of deployment, since privileges must be explicitly assigned to each group rather than being inherited from other groups and modified in place as needed.

Because the cost of errors is very high in the area of healthcare, a Single-Generation Additive Group Inheritance security model was selected for our solution in order to optimize for transparency, safety, and long-term sustainability, at the expense of some convenience during initial deployment and early user privilege management.

Access Control Model

End-user and administrator authentication is handled in the following manner:

Authentication: The system uses Microsoft Active Directory natively to store usernames and passwords. No user passwords are stored within the SQL Server database.

Authorization: After the user has successfully logged into the application, the system checks which modules and individual functions have been assigned to that specific username. The application allows the user to be granted rights at a very granular level. In fact, most buttons on screen can be either granted or denied.

Controls on User Access to Patient Data

End-users gain access to information through:

Authorization: After the user has successfully logged into the application, the system checks which modules and individual functions have been assigned to that specific username. The application allows the user to be granted rights at a very granular level. In fact, most buttons on screen can be either granted or denied.