PRIVACY DRILL CONTROL
Futrix Health was designed to address the importance of security with multiple layers of access control at an organizational, group, and user-level.
Futrix Health provides Privacy Drill Control that enables restrictions on users from navigating to, or near, the detail levels of data. Thresholds can be created to prevent users from being able to deduce information that should only be available at the detail level. Futrix Health allows administrators to control the data access at a column and row detail level of granularity. Certain types of information can be made available to specific users or groups.
Some key features to understand about the Privacy Drill Control and the User Interface are:
- Column level security is designed to restricts access to certain types of information.
- Row level security can subset information to only allow specific values to be surfaced to the appropriate users.
- Privacy Drill Control is designed to prevent users from drilling into detail levels of data and from deducing sensitive information at a certain threshold level of drilling.
- Application Control allows the user experience to be tailored to their comfort and skill level for conducting web based analysis. For instance, some users prefer a more guided user session that is more simplified, while other users prefer a more robust power user experience for more advanced analysis.
Privacy Drill Control Example and Usage Tips:
When drilling and filtering into a source of information with Privacy Drill Control enabled, users will still see the results of their analysis but any data that fell below the privacy threshold will be aggregated and made anonymous before being provided to the user.
- Set drill levels based on user or role to ensure HIPAA PHI -Small Cells of Data compliance by user and row.
- Create data governance based on the user’s permissions to view PHI.
- If a user is not permitted to view PHI, then the Futrix drill permissions would not allow that user to view that cell of information. A user who may have permission to view the total population of data may be restricted from seeing a segment of employees contained within the information.
- A business analyst may be permitted to view the details of their division, but may not view details from another division. Privacy Drill Control can set the business rules to not permit the business analyst from viewing restricted data.
- Privacy Drill Control can manage permissions of those users who can view Summary Health Information (SHI) and for those indicated as Group Health Plan Designees (GHP) who are permitted to view PHI information. Futrix can govern data access based on the role of the user, thereby ensuring confidentiality and HIPPA PHI compliance of Minimum Necessary Rules.