WHITE PAPER. Balancing Access to Information While Preserving Privacy, Security and Governance in the Era of Big Data.
|
|
- Clifford Gallagher
- 8 years ago
- Views:
Transcription
1 WHITE PAPER Balancing Access to Information While Preserving Privacy, Security and Governance in the Era of Big Data. EXECUTIVE SUMMARY This white paper explores the critical role that privacy, security and governance play in ensuring appropriate access to information in the age of Big Data. Table of Contents Executive Summary 1 Big Data is a technology that has been used extensively for about 10 to 15 years by Google, Netflix and major social media applications. With the ability to economically scale to handle vast datasets, Big Data lets companies easily aggregate varied and diverse data sources quickly, providing them with the ability to innovate and rapidly respond to changing business requirements. However, until now, Big Data has suffered from weak privacy, security and governance controls, essentially preventing certain organizations - namely those in healthcare, the public sector and large corporate enterprises - from realizing the other competitive benefits that come from Big Data. There are now innovative technology providers who are addressing the very real challenges of privacy, security and governance in such a way that organizations can effectively mine and analyse their data for insight, while still protecting an individual s privacy rights. Privacy deals with who is authorized to access certain information. Security provides the technical methods to safeguard private information from unauthorized persons, while governance covers the stewardship and enforcement of roles, and the checks and balances to support the business needs. It is critical to adopt a new technology architecture that strikes the balance between privacy, security and governance while still ensuring appropriate and necessary access to information. With the new architecture in place, organizations will be able to roll out innovative services ranging from population health management to business intelligence to Open Data information sharing. Introduction The Role of Big Data 2 Unlocking Data to Drive Innovation and Competitiveness Integrating Big Data in your Privacy, Security and Governance Strategy Privacy 3 Privacy by Design Sophisticated Access Controls that Scale Identity Management De-Identification and Redaction On-Demand Security Security at Rest Security in Flight Governance Audit logs Data Immutability Version Control Rollback Data Verification Retention Policy Data Validation Data Veracity Separation of Roles About PHEMI About PHEMI Central About PHEMI Dictionary of Terms References 10 1
2 INTRODUCTION The average cost of a healthcare data breach is estimated to exceed $3.5 million, cumulating in a potential cost to the healthcare industry alone of as much as $5.6 billion dollars annually. The impact to corporate reputation, fines, lost business and senior executive careers has been felt across industries. The average cost to a company for a data breach was $3.5 million in US dollars and 15 percent more than what it cost last year. 1 It is well understood that a majority of breaches can be traced back to improper employee handling of data, highlighting the importance of proper data governance and privacy controls that go beyond traditional perimeterbased firewall and security infrastructure. Privacy, security and governance each play an integral role in ensuring appropriate access to information. Too much control can dramatically limit business competitiveness and profits as information protection stifles efficiency and adds unnecessary cost. It can also mean that patients die with their privacy intact largely because doctors can t access the right information at the right time. Too little control means that personal and other private information can be compromised, costing businesses millions of dollars in fines, damaging personal and corporate reputations, with a subsequent loss of business and trust. A new approach is required - one that embeds privacy, governance and security - into the core of the data warehouse technology. The approach must allow the data to be mined for knowledge and insight, while simultaneously ensuring the data is used only for permitted purposes - guaranteeing that an individual s privacy remains intact. THE ROLE OF BIG DATA Invented over 10 years ago by Google and Yahoo, Big Data has quickly evolved to become a cornerstone technology for internet companies. Today, Big Data is commonly used by hundreds of millions of consumers daily whenever they visit Google, Netflix, Amazon, ebay or a social media website. The business case for adopting Big Data tools is well established and compelling. 60% potential increase in retailer s operating margins possible with Big Data 2 $300 billion potential annual value to US healthcare 2 Manufacturing industries - up to a 50% decrease in product development and assembly costs 2 Big Data and successful analytics credited as a key differentiator in the US 2012 presidential election campaign 3 Unlocking Data to Drive Innovation and Competitiveness Big Data 4 is widely credited for three core attributes that distinguish it from the traditional relational database approach: 1. Big Data is proven to economically scale from Terabytes to hundreds of Petabytes at a third the cost of a relational enterprise data warehouse. 2. Big Data is able to quickly aggregate a variety of information from relational databases to unstructured documents such as Microsoft Word, 2
3 PDF, text, images, or telemetry - all without requiring complex schema changes. 3. Big Data gives organizations the agility to quickly innovate, develop new applications to mine the data, and rapidly respond to changing business requirements. However, with its roots in the internet and social media sector, Big Data has long-suffered from weak privacy, security and governance capabilities. Consequently, public sector, healhcare and large enterprises have been relegated to observers, experimenting with and piloting this promising new technology. Integrating Big Data in your Privacy, Security and Governance Strategy The evolution of computing services has been driven by an ever increasing volume of information that is now available in the digital economy. Government and the private sector are focusing on harvesting this data to provide better, quicker and more valuable services to citizens and customers. Within the datadriven economy, challenges arise with respect to potential security and privacy breaches because of the volume and variety of data types. Conversely, the value held within the data cannot be realized without access. Privacy, security and governance used to be the purview of applications to stand guard and protect the data. However, initiatives like Privacy by Design (explored in more detail later) are actively engaging Big Data and policy management in the uniform enforcement of privacy, security and governance across an organization. PRIVACY Privacy deals with the rights of an individual to control when, how and to what degree personal and private information is visible for use. Managing what constitutes appropriate use of information at a fine-grained level, across a large data warehouse, can be an enormous challenge fraught with serious consequences if not structured and administered properly from the outset. This problem is particularly evident when considering Personally Identifiable Information (PII) or other information classified as private or sensitive within documents or databases - information that may span multiple data sources, data owners or data sharing agreements. Although Privacy Impact Assessments may document policies, procedures and risks, a technical solution must play a role in managing and enforcing policy adherence. Privacy by Design To address these challenges, a Privacy by Design 5 framework has been defined and recognized as the global privacy standard in a landmark resolution by the International Conference of Data Protection and Privacy Commissioners in Jerusalem. Since then, the 7 Foundational Principles of PbD have been translated in over 30 official languages. Privacy by Design advances the view that the future of privacy cannot be assured solely by compliance with legislation and regulatory frameworks; rather, privacy assurance must become an organization s default mode of operation. 3
4 Privacy by Design at PHEMI Whereas many systems view privacy and security as an afterthought, PHEMI Central was designed from the ground up to incorporate the 7 Foundational Principles of Privacy by Design: 1. PROACTIVE NOT REACTIVE; PREVENTATIVE NOT REMEDIAL PHEMI Central contains a sophisticated Governance Policy Manager that data stewards use to define what data may be stored, how it may be manipulated, and who is allowed to read the data. Permitted personal information can only be collected in the PHEMI system if enabled by the Governance Policy Manager. The data steward creates all policies for user access to the system and datasets. A policy enforcement layer in the PHEMI architecture enforces strict policy rules. 2. PRIVACY AS THE DEFAULT SETTING Data can only be stored in PHEMI Central once the data steward establishes a privacy policy. Furthermore, the system default prevents anyone, other than the data owner, to access the data. The data steward can relax these defaults to allow specific users and roles to access virtual databases within the Big Data Warehouse. The PHEMI solution was designed on the foundation that privacy policies determine what data can be accessed through the de-identification/anonymization processes defined by the Governance Policy Manager. Policies include fine-grained write-only, read-only and read/write permissions. 3. PRIVACY EMBEDDED INTO DESIGN As PHEMI Central ingests data, it converts it into a digital asset comprised of the data itself plus metadata a wrapper that embeds privacy/governance rules, policies and semantics for the digital asset being gathered and stored. A policy enforcement engine ensures that all users have the appropriate access privileges throughout the Big Data Warehouse. Users can only view digital assets if they have been granted access in a policy established by the data steward using the Governance Policy Manager. Fine-grained policies enforce deidentification of information. 4. FULL FUNCTIONALITY POSITIVE SUM, NOT ZERO SUM PHEMI believes an individual s privacy rights can co-exist with an organization s legitimate interests and objectives based on an individual s consent. PHEMI s ground-up approach to privacy works symbiotically with clinician needs for complex data analysis. PHEMI s treatment of data as digital assets means that healthcare data can be enriched and analyzed for meaningful statistics and patterns, with privacy enforcement underpinning the process. No complicated overhead or tradeoff is needed for policy enforcement because users only interact with approved data that has passed through the Governance Policy Manager. 5. END-TO-END SECURITY FULL LIFECYCLE PROTECTION PHEMI brings lifecycle privacy to Big Data. All digital assets are immutable and only accessible through the PHEMI Governance Policy Manager. Our metadata tagging enables automatic data retention enforcement, access controls and compliance management. For example, if a digital asset has metadata indicating that the asset must be held for ten years, then the data will be automatically deleted on the tenth anniversary. Furthermore, all assets are version controlled so the data steward can review and recover any changes. Additionally, the audit and logging system in PHEMI Central uses the same digital asset approach to store and manage log files, ensuring that logs are also immutable and only accessible to specific administrative roles. 6. VISIBILITY AND TRANSPARENCY KEEP IT OPEN PHEMI s privacy policy implementation is transparent and accessible to data stewards. De-identification and anonymization process rules can also be easily provided to individuals and organizations. PHEMI produces detailed audit logs to verify privacy policy enforcement. 7. RESPECT FOR USER PRIVACY KEEP IT USER-CENTRIC PHEMI recognizes an individual s paramount right to privacy and our technology core reflects this. With default privacy settings and a sophisticated governance and policy management approach, we ensure an individual s privacy remains intact. Yet our unique implementation also enables clinicians and researchers access to a rich dataset of healthcare information for pioneer medical innovation and research based on patient consent. 4
5 Sophisticated Access Controls that Scale The traditional role-based access control model, consisting of users/roles/ privileges, has been the mainstay of access control for decades. However, as the number of users and datasets grow, the variety of privacy policies governing the appropriate use of information can quickly become overwhelming and the risk of a data breach increases. A Big Data warehouse needs to seamlessly migrate from simple role-based access to a more scalable and versatile attribute-based access control. A scalable access control system should be able to leverage metadata to describe the attributes of a user and the attributes of the content. These access control rules also need to cover data processing functions and MapReduce jobs. Modern access control capabilities can then simply enforce arbitrarily simple or elaborate access control rules, marrying user and content metadata attributes. As an example, the Affordable Care Act and Accountable Care Organizations stretch across the continuum of care and are quickly pushing the limits of rolebased access controls. For example, cardiologists who practice in the General Hospital Electrophysiology clinic are allowed to view a person s preliminary and final ECG while they are on the hospital network. Other physicians are not allowed to see the preliminary reports - only the final interpretation. Researchers, however, are only allowed to see a de-identified/redacted version of the patient s interpreted ECG. And no-one is permitted to see the ECG outside of the General Hospital network. This complexity can only be managed through attribute-based access controls. Standards such as XACML provide a flexible and dynamic access control policy framework. Identity Management Traditional identity management and security technologies create a protective wall around data sources and applications. Security zones, firewalls and identity and access management (IDAM) systems govern coarse grain-access to resources and services, including authenticating users to ensure (with a certain level of assurance) that the user is who they purport to be. These security and IDAM systems have focused on service level access management, which enforces policies at this coarse grain level to the service but not the fine-grained content itself. There is an implied trust between the access management service and the data objects and without some form of entitlements management solution, that trust becomes a key point of fragility within the system. In transactional systems, this works because it is often a push to a system consuming the transaction and that system has the ability to accept or reject the request/message based on their own policies. Although there still needs to be security and access management services, the risk factor is different than that of data/information based systems where data mining and the extraction of data has different privacy implications. In the event that a transactional system is being used for querying or updates of personal identifiable information (PII), all the same rules are true and it would mean that the system providing the data would need to provide fine grain access control as well. This would imply that user identity information is embedded within the transactional messages. Traditional IDAM service level access control creates a number of issues in an environment with sensitive data: Does not provide the full solution that is often required to meet regulatory and legal compliance. IDAM and security systems are a add-on that are outside of the core system thus they do not meet PdB requirements 5
6 Programers often embed code to enable fine-grain access control, providing less scalability IDAM provides the front gate authorization but does not provide entitlement management to the actual digital assets within the system Often a network based trust model is set up between systems with all queries going through a single user within the data source system Auditing for compliance is much more difficult without the ability to track access controls at the digital asset level. PHEMI Central is a Big Data platform that enables a PbD framework and unlocks the potential for fine-grained access control and policy management for individual digital assets. Through the governance management capability, a data steward can impose policies on digital assets that are then enforced through the PHEMI Policy Enforcement engine. Access control can be provided to the element level within the meta data or derived data extracted right from the digital assets themselves. The ability to anonymize or mask some data elements elements and expose those that the user or system is entitled to provides a very high degree of assurance that the right information is being delivered to the right person, at the right time for the right reason. With PHEMI Central, the power to manage risk is given to the data steward directly and is not being passed on to programmers or trusted system interfaces that are susceptible to privacy breaches. A much richer set of data is available, along with a much more powerful policy management system that is compliant with Privacy by Design principles. De-Identification and Redaction On-Demand An important part of any privacy strategy is the ability to de-identify personal information. This includes the ability to disallow the sharing of personally identifiable information by masking the information, or redacting an image or using more sophisticated data dependency algorithms to reduce the risk of re-identification. Based on specific policy rules, the de-identification process should be able to be enforced on-demand when the data is read, to reduce data sprawl and the risk of data consistency errors. SECURITY Whereas privacy rules describe who is allowed to see what, when and how, security describes the technical methods by which privacy and access are safeguarded. Relational database installations, like first-generation Big Data solutions, rely on a trusted relationship between the data repository and the application. As more and more personally identifiable information is aggregated, the consequences of a data breach increase, driving the need for a more robust security strategy. A Big Data Warehouse should embrace multiple layers of security. Security at Rest A Big Data warehouse should be able to encrypt data at rest within the data repository. For performance reasons, it is usually unnecessary to encrypt all data. Instead, encryption of only personally identifiable information is advised. 6
7 Security in Flight All communications between data sources, data consumers and the Big Data warehouse should be encrypted using either the Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocol with 256 bit encryption. GOVERNANCE According to the American Health Information Management Association (AHIMA), only 11% of healthcare organizations consider their information governance program as mature. 6 An effective IT governance strategy defines and enforces user roles with appropriate checks and balances to ensure appropriate behavior throughout the data lifecycle (creation, storage, use, archiving and retiring of information). An effective IT governance strategy should include the following key capabilities. Audit logs A Big Data Warehouse must maintain complete audit logs of system and user operations including account creation/modification/deletion; policy creation/ modification/deletion; dataset creation/modification/deletion, etc. These log files must be completely tamper-proof for all users. However, approved users should be able to filter log files and export the information for downstream analysis. Data Immutability Unlike typical relational database systems that only protect certain columns (keys), an effective Big Data Warehouse should store all data in a write-only data system that is never modified and data can only be deleted at a pre-specified end-of-life date. This approach provides assurance of data integrity for audit and compliance requirements. Version Control A typical enterprise data warehouse is unable to recover data that has been accidentally modified or deleted, making corrections a time consuming process of searching through system backups to find old data to restore. A Big Data Warehouse should be able to keep a simple history of old revisions and allow administrators to trace changes over time, including the ability to audit who made the change and when. This approach provides a complete record of data history for audit and compliance requirements. Rollback A system administrator should be able to trace changes to data and rollback changes as appropriate, while honoring Data Immutability, Audit Log and Version Control requirements. Data Verification All data collected and derived in the Big Data Warehouse should include a checksum held in metadata. This approach allows the system to quickly detect if data has been corrupted or tampered with. Retention Policy A Big Data Warehouse should be able to prevent users from deleting data during a configured retention period and should also automatically de-identify, delete or otherwise process information when the retention period expires. 7
8 Data Validation Unlike typical relational database systems where external Extract, Transform, Load (ETL) tools cleanse and validate data, an effective Big Data governance strategy should perform the cleansing and validation process within the system and log all transformation operations to properly track data provenance. Where information is incomplete or out of valid range, an alert should notify the data steward. Data Veracity Data Verification is an anti-corruption feature of PHEMI Central that checks for changes in your data as it gets imported. Our alert system flags you when your data gets corrupted, assuring the integrity of your entire dataset. A traditional data warehouse has no alert system to protect you from your data getting corrupted. As it gets imported, your data can get altered during the transmission process. A traditional data warehouse does not identify errors in your dataset as they arise. Separation of Roles An effective governance strategy must maintain a clear separation of roles such that a single user cannot create accounts, read/write data and modify log files. ABOUT PHEMI About PHEMI Central PHEMI Central is a Big Data Warehouse with capabilities far beyond traditional approaches. The system uses proven Big Data technology to unlock information trapped in non-relational and unstructured data, scaling to petabytes at a fraction of the cost of traditional solutions. Moreover, PHEMI Central incorporates innovative new privacy, security, and governance capabilities to handle the increasing complexity of modern data warehouse implementations. PHEMI Central supports the collection, curation and analysis of rich datasets, enabling organizations to roll out innovative services ranging from population health management to business intelligence to Open Data information sharing. PHEMI Central lets organizations turn their focus from the task of collecting and storing data to the more strategic role of curating data, deriving insights and offering services. PHEMI Central is available as software or as an appliance for deployment in the enterprise data center. Specifically designed to provide the agility necessary to meet the increasing volume, variety and velocity of today s enterprise, PHEMI Central incorporates an innovative Privacy by Design architecture to bring the power of Big Data to healthcare, the public sector and large enterprises with complex data requirements. Break down the information silos and automatically collect and report high quality, real time and comprehensive data. Mine the Big Data warehouse by rapidly adopting new and innovative applications from best-of-breed vendors or developing custom solutions inhouse. Offer applications like Population Health, Business Intelligence, Open Data Information Sharing, Readmission Risk Analysis, Personalized Medicine, Post-Market Surveillance and Research Registries. Improve productivity and data quality by reducing data entry tasks - automatically converting unstructured documents to structured data, and auto-populating known information where possible. Protect information privacy, security and governance without compromising legitimate right to use. Scale to petabytes and beyond at a fraction of the cost of traditional enterprise data warehouse alternatives. 8
9 About PHEMI PHEMI is a process automation and Big Data platform company that unlocks patient data to improve clinic productivity, patient outcomes, and medical research. The PHEMI team architected PHEMI Clinical and PHEMI Central from the ground up specifically for healthcare, life sciences and the public sector, fully incorporating the 7 foundational principles of Privacy by Design as applied to Big Data. PHEMI is based in Vancouver, BC, Canada. For more information, please visit DICTIONARY OF TERMS Privacy Security Governance Controls who is authorized to access certain information. Provides the technical methods to safeguard private information from unauthorized persons. Covers the stewardship and enforcement of roles, checks and balances to support the business needs. Digital Asset A digital asset is comprised of two key components: The data itself whether structured, semi-structured or unstructured Metadata a wrapper that embeds meaningful context around the information being gathered, stored and ultimately mined. Metadata embeds rules, policies and context around that data. Big Data High volume, high velocity, and/or high variety information assets that require new forms of processing to enable enhanced decision making, insight discovery and process optimization. (Gartner, 2012) Privacy by Design Personally Identifiable Information (PII) The global privacy standard, as defined in a landmark resolution by the International Conference of Data Protection and Privacy Commissioners in Jerusalem. It advances the view that the future of privacy cannot be assured solely by compliance with legislation and regulatory frameworks; rather, privacy assurance must become an organization s default mode of operation. Information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Hadoop Open-source software framework that supports data-intensive distributed applications licensed under the Apache v2 license. It supports running applications on large clusters of commodity hardware. Role-based Access Control Attribute-based Access Control A framework for managing access to resources (e.g. data, services, etc.) by defining roles which possess certain access privileges. Subjects (i.e. users) are then assigned certain roles to limit and grant access to resources. This approach is efficient to manage when the number of roles are not too large and remains relatively static. A framework for managing access to resources (e.g. data, services, etc.) for subjects (i.e. users) by specifying logical rules based on attributes of resources, subjects, and environmental context (e.g. network address, time of day, etc.). This approach is advantageous when access scenarios evolve and change as new types of resources and subjects are created. Data lifecycle The backup, custody, access, and management characteristics for a datum from creation to deletion. 9
10 REFERENCES 1. Cost of Data Breach Study: Global Analysis, Ponemon, Big Data: The Next Frontier for Innovation Competition and Productivity, McKinsey Global Institute, The real story of how big data analytics helped Obama win, InfoWorld, Andrew Lampett, This whitepaper focuses on Hadoop-based implementations American Health Information Management Association ehealth Summit, May Great Northern Way Vancouver BC, V5T 4T
Balancing Access to Information While Preserving Privacy, Security and Governance in the Era of Big Data
PHEMI Health Systems Process Automation and Big Data Warehouse http://www.phemi.com Balancing Access to Information While Preserving Privacy, Security and Governance in the Era of Big Data Executive Summary
More informationSOLUTION BRIEF. SAP/PHEMI Big Data Warehouse and the Transformation to Value-Based Health Care
SOLUTION BRIEF SAP/PHEMI Big Data Warehouse and the Transformation to Value-Based Health Care Bringing Privacy and Performance to Big Data with SAP HANA and PHEMI Central Objectives Every healthcare organization
More informationSAP/PHEMI Big Data Warehouse and the Transformation to Value-Based Health Care
PHEMI Health Systems Process Automation and Big Data Warehouse http://www.phemi.com SAP/PHEMI Big Data Warehouse and the Transformation to Value-Based Health Care Bringing Privacy and Performance to Big
More informationBeyond the Data Lake
WHITE PAPER Beyond the Data Lake Managing Big Data for Value Creation In this white paper 1 The Data Lake Fallacy 2 Moving Beyond Data Lakes 3 A Big Data Warehouse Supports Strategy, Value Creation Beyond
More informationCORPORATE OVERVIEW. Big Data. Shared. Simply. Securely.
CORPORATE OVERVIEW Big Data. Shared. Simply. Securely. INTRODUCING PHEMI SYSTEMS PHEMI unlocks the power of your data with out-of-the-box privacy, sharing, and governance PHEMI Systems brings advanced
More informationA Database Security Management White Paper: Securing the Information Business Relies On. November 2004
A Database Security Management White Paper: Securing the Information Business Relies On November 2004 IPLocks, Inc. 441-A W. Trimble Road, San Jose, CA 95131 USA A Database Security Management White Paper:
More informationPaxata Security Overview
Paxata Security Overview Ensuring your most trusted data remains secure Nenshad Bardoliwalla Co-Founder and Vice President of Products nenshad@paxata.com Table of Contents: Introduction...3 Secure Data
More informationSymantec Enterprise Vault.cloud Overview
Fact Sheet: Archiving and ediscovery Introduction The data explosion that has burdened corporations and governments across the globe for the past decade has become increasingly expensive and difficult
More informationENVIRONMENTAL PRESSURES DRIVING AN EVOLUTION IN FILE STORAGE
ENVIRONMENTAL PRESSURES DRIVING AN EVOLUTION IN FILE STORAGE JEFF LUNDBERG MAY 23, 2012 WEBTECH EDUCATIONAL SERIES ENVIRONMENTAL PRESSURES DRIVING AN EVOLUTION IN FILE STORAGE IT organizations are under
More informationBig Data-Challenges and Opportunities
Big Data-Challenges and Opportunities White paper - August 2014 User Acceptance Tests Test Case Execution Quality Definition Test Design Test Plan Test Case Development Table of Contents Introduction 1
More informationBANKING ON CUSTOMER BEHAVIOR
BANKING ON CUSTOMER BEHAVIOR How customer data analytics are helping banks grow revenue, improve products, and reduce risk In the face of changing economies and regulatory pressures, retail banks are looking
More informationData Refinery with Big Data Aspects
International Journal of Information and Computation Technology. ISSN 0974-2239 Volume 3, Number 7 (2013), pp. 655-662 International Research Publications House http://www. irphouse.com /ijict.htm Data
More informationHow Does Big Data Change Your Way of Managing Information?
How Does Big Data Change Your Way of Managing Information? A Best-Practices Guide for Data Managers By Erian Laperi, Director Enterprise Data Management and Business Enablement at AT&T How Does Big Data
More informationIntegrated email archiving: streamlining compliance and discovery through content and business process management
Make better decisions, faster March 2008 Integrated email archiving: streamlining compliance and discovery through content and business process management 2 Table of Contents Executive summary.........
More informationIBM Data Security Services for endpoint data protection endpoint data loss prevention solution
Automating policy enforcement to prevent endpoint data loss IBM Data Security Services for endpoint data protection endpoint data loss prevention solution Highlights Facilitate policy-based expertise and
More informationMANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE
WHITE PAPER MANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE 1. OVERVIEW Do you want to design a file transfer process that is secure? Or one that is compliant? Of course, the answer is both.
More informationWrangling Actionable Insights from Organizational Data
Wrangling Actionable Insights from Organizational Data Koverse Eases Big Data Analytics for Those with Strong Security Requirements The amount of data created and stored by organizations around the world
More informationOptimized for the Industrial Internet: GE s Industrial Data Lake Platform
Optimized for the Industrial Internet: GE s Industrial Lake Platform Agenda The Opportunity The Solution The Challenges The Results Solutions for Industrial Internet, deep domain expertise 2 GESoftware.com
More informationIBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems
IBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems Proactively address regulatory compliance requirements and protect sensitive data in real time Highlights Monitor and audit data activity
More informationKlarna Tech Talk: Mind the Data! Jeff Pollock InfoSphere Information Integration & Governance
Klarna Tech Talk: Mind the Data! Jeff Pollock InfoSphere Information Integration & Governance IBM s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice
More informationPart A OVERVIEW...1. 1. Introduction...1. 2. Applicability...2. 3. Legal Provision...2. Part B SOUND DATA MANAGEMENT AND MIS PRACTICES...
Part A OVERVIEW...1 1. Introduction...1 2. Applicability...2 3. Legal Provision...2 Part B SOUND DATA MANAGEMENT AND MIS PRACTICES...3 4. Guiding Principles...3 Part C IMPLEMENTATION...13 5. Implementation
More informationSecure Data Transmission Solutions for the Management and Control of Big Data
Secure Data Transmission Solutions for the Management and Control of Big Data Get the security and governance capabilities you need to solve Big Data challenges with Axway and CA Technologies. EXECUTIVE
More informationWHITEPAPER. A Technical Perspective on the Talena Data Availability Management Solution
WHITEPAPER A Technical Perspective on the Talena Data Availability Management Solution BIG DATA TECHNOLOGY LANDSCAPE Over the past decade, the emergence of social media, mobile, and cloud technologies
More informationSynapse Privacy Policy
Synapse Privacy Policy Last updated: April 10, 2014 Introduction Sage Bionetworks is driving a systems change in data-intensive healthcare research by enabling a collective approach to information sharing
More informationCrossPoint for Managed Collaboration and Data Quality Analytics
CrossPoint for Managed Collaboration and Data Quality Analytics Share and collaborate on healthcare files. Improve transparency with data quality and archival analytics. Ajilitee 2012 Smarter collaboration
More informationINDUSTRY BRIEF DATA CONSOLIDATION AND MULTI-TENANCY IN FINANCIAL SERVICES
INDUSTRY BRIEF DATA CONSOLIDATION AND MULTI-TENANCY IN FINANCIAL SERVICES Data Consolidation and Multi-Tenancy in Financial Services CLOUDERA INDUSTRY BRIEF 2 Table of Contents Introduction 3 Security
More informationApache Hadoop: The Big Data Refinery
Architecting the Future of Big Data Whitepaper Apache Hadoop: The Big Data Refinery Introduction Big data has become an extremely popular term, due to the well-documented explosion in the amount of data
More informationHow to Enhance Traditional BI Architecture to Leverage Big Data
B I G D ATA How to Enhance Traditional BI Architecture to Leverage Big Data Contents Executive Summary... 1 Traditional BI - DataStack 2.0 Architecture... 2 Benefits of Traditional BI - DataStack 2.0...
More informationWhat's New in SAS Data Management
Paper SAS034-2014 What's New in SAS Data Management Nancy Rausch, SAS Institute Inc., Cary, NC; Mike Frost, SAS Institute Inc., Cary, NC, Mike Ames, SAS Institute Inc., Cary ABSTRACT The latest releases
More informationKey Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking
Key Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking SUMMARY The Payment Card Industry Data Security Standard (PCI DSS) defines 12 high-level security requirements directed
More informationMarkLogic Enterprise Data Layer
MarkLogic Enterprise Data Layer MarkLogic Enterprise Data Layer MarkLogic Enterprise Data Layer September 2011 September 2011 September 2011 Table of Contents Executive Summary... 3 An Enterprise Data
More informationIncrease Agility and Reduce Costs with a Logical Data Warehouse. February 2014
Increase Agility and Reduce Costs with a Logical Data Warehouse February 2014 Table of Contents Summary... 3 Data Virtualization & the Logical Data Warehouse... 4 What is a Logical Data Warehouse?... 4
More informationWhite Paper Big Data Without Big Headaches
Vormetric, Inc. 2545 N. 1st Street, San Jose, CA 95131 United States: 888.267.3732 United Kingdom: +44.118.949.7711 Singapore: +65.6829.2266 info@vormetric.com www.vormetric.com THE NEW WORLD OF DATA IS
More informationHow to avoid building a data swamp
How to avoid building a data swamp Case studies in Hadoop data management and governance Mark Donsky, Product Management, Cloudera Naren Korenu, Engineering, Cloudera 1 Abstract DELETE How can you make
More informationPALANTIR CYBER An End-to-End Cyber Intelligence Platform for Analysis & Knowledge Management
PALANTIR CYBER An End-to-End Cyber Intelligence Platform for Analysis & Knowledge Management INTRODUCTION Traditional perimeter defense solutions fail against sophisticated adversaries who target their
More informationHarnessing the Power of Big Data for Real-Time IT: Sumo Logic Log Management and Analytics Service
Harnessing the Power of Big Data for Real-Time IT: Sumo Logic Log Management and Analytics Service A Sumo Logic White Paper Introduction Managing and analyzing today s huge volume of machine data has never
More informationWe are Big Data A Sonian Whitepaper
EXECUTIVE SUMMARY Big Data is not an uncommon term in the technology industry anymore. It s of big interest to many leading IT providers and archiving companies. But what is Big Data? While many have formed
More informationUsing AWS in the context of Australian Privacy Considerations October 2015
Using AWS in the context of Australian Privacy Considerations October 2015 (Please consult https://aws.amazon.com/compliance/aws-whitepapers/for the latest version of this paper) Page 1 of 13 Overview
More informationBeyond the Single View with IBM InfoSphere
Ian Bowring MDM & Information Integration Sales Leader, NE Europe Beyond the Single View with IBM InfoSphere We are at a pivotal point with our information intensive projects 10-40% of each initiative
More informationReal World Strategies for Migrating and Decommissioning Legacy Applications
Real World Strategies for Migrating and Decommissioning Legacy Applications Final Draft 2014 Sponsored by: Copyright 2014 Contoural, Inc. Introduction Historically, companies have invested millions of
More informationAddressing Legal Discovery & Compliance Requirements
Addressing Legal Discovery & Compliance Requirements A Comparison of and Archiving In today s digital landscape, the legal, regulatory and business requirements for email archiving continue to grow in
More informationOptimized for the Industrial Internet: GE s Industrial Data Lake Platform
Optimized for the Industrial Internet: GE s Industrial Lake Platform Agenda Opportunity Solution Challenges Result GE Lake 2 GESoftware.com @GESoftware #IndustrialInternet Big opportunities with Industrial
More informationW H I T E P A P E R E X E C U T I V E S U M M AR Y S I T U AT I O N O V E R V I E W. Sponsored by: EMC Corporation. Laura DuBois May 2010
W H I T E P A P E R E n a b l i n g S h a r e P o i n t O p e r a t i o n a l E f f i c i e n c y a n d I n f o r m a t i o n G o v e r n a n c e w i t h E M C S o u r c e O n e Sponsored by: EMC Corporation
More informationDionseq Uatummy Odolorem Vel
W H I T E P A P E R Aciduisismodo Hitachi Clinical Dolore Repository Eolore Dionseq Uatummy Odolorem Vel Address the Multidepartmental Digital Imaging Conundrum with Enterprise-level Data Management By
More informationPALANTIR HEALTH. Maximizing data assets to improve quality, risk, and compliance. 100 Hamilton Ave, Suite 300 Palo Alto, California 94301
100 Hamilton Ave, Suite 300 Palo Alto, California 94301 helix@palantir.com www.palantir.com/health PALANTIR HEALTH Maximizing data assets to improve quality, risk, and compliance Palantir Health: Maximizing
More informationQlik Sense Enabling the New Enterprise
Technical Brief Qlik Sense Enabling the New Enterprise Generations of Business Intelligence The evolution of the BI market can be described as a series of disruptions. Each change occurred when a technology
More informationRealizing business flexibility through integrated SOA policy management.
SOA policy management White paper April 2009 Realizing business flexibility through integrated How integrated management supports business flexibility, consistency and accountability John Falkl, distinguished
More informationMANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE
WHITE PAPER MANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE 1. OVERVIEW Do you want to design a file transfer process that is secure? Or one that is compliant? Of course, the answer is both. But it s
More informationData Quality Assessment. Approach
Approach Prepared By: Sanjay Seth Data Quality Assessment Approach-Review.doc Page 1 of 15 Introduction Data quality is crucial to the success of Business Intelligence initiatives. Unless data in source
More informationTest Data Management for Security and Compliance
White Paper Test Data Management for Security and Compliance Reducing Risk in the Era of Big Data WHITE PAPER This document contains Confidential, Proprietary and Trade Secret Information ( Confidential
More informationWhite paper. The Big Data Security Gap: Protecting the Hadoop Cluster
The Big Data Security Gap: Protecting the Hadoop Cluster Introduction While the open source framework has enabled the footprint of Hadoop to logically expand, enterprise organizations face deployment and
More informationI n t e r S y S t e m S W h I t e P a P e r F O R H E A L T H C A R E IT E X E C U T I V E S. In accountable care
I n t e r S y S t e m S W h I t e P a P e r F O R H E A L T H C A R E IT E X E C U T I V E S The Role of healthcare InfoRmaTIcs In accountable care I n t e r S y S t e m S W h I t e P a P e r F OR H E
More informationCloud Benefits Elusive for CMOs Charged with Harnessing Big Data
Cloud Benefits Elusive for CMOs Charged with Harnessing Big Data Until Now A publication by: Introduction The analysts at Gartner made waves when they predicted that, by 2017, chief marketing officers
More informationTOP 5 REASONS WHY FINANCIAL SERVICES FIRMS SHOULD CONSIDER SDN NOW
TOP 5 REASONS WHY FINANCIAL SERVICES FIRMS SHOULD CONSIDER SDN NOW Abstract Software-defined networking, or SDN, is a relatively new technology that is already having a major impact on companies in the
More informationThe Future of Data Management
The Future of Data Management with Hadoop and the Enterprise Data Hub Amr Awadallah (@awadallah) Cofounder and CTO Cloudera Snapshot Founded 2008, by former employees of Employees Today ~ 800 World Class
More informationIBM Unstructured Data Identification and Management
IBM Unstructured Data Identification and Management Discover, recognize, and act on unstructured data in-place Highlights Identify data in place that is relevant for legal collections or regulatory retention.
More informationCyberprivacy and Cybersecurity for Health Data
Experience the commitment Cyberprivacy and Cybersecurity for Health Data Building confidence in health systems Providing better health care quality at lower cost will be the key aim of all health economies
More informationThe Modern Online Application for the Internet Economy: 5 Key Requirements that Ensure Success
The Modern Online Application for the Internet Economy: 5 Key Requirements that Ensure Success 1 Table of Contents Abstract... 3 Introduction... 3 Requirement #1 Smarter Customer Interactions... 4 Requirement
More informationSIX STEPS TO SSL CERTIFICATE LIFECYCLE MANAGEMENT
SIX STEPS TO SSL CERTIFICATE LIFECYCLE MANAGEMENT Why you need an SSL certificate management solution and how to get started +1-888-690-2424 entrust.com Table of contents Introduction Page 3 Consequences
More informationPrivacy & data protection in big data: Fact or Fiction?
Privacy & data protection in big data: Fact or Fiction? Athena Bourka ENISA ISACA Athens Conference 24.11.2015 European Union Agency for Network and Information Security Agenda 1 Privacy challenges in
More informationIBM Data Security Services for endpoint data protection endpoint data loss prevention solution
Automating policy enforcement to prevent endpoint data loss IBM Data Security Services for endpoint data protection endpoint data loss prevention solution Highlights Protecting your business value from
More informationData Masking: A baseline data security measure
Imperva Camouflage Data Masking Reduce the risk of non-compliance and sensitive data theft Sensitive data is embedded deep within many business processes; it is the foundational element in Human Relations,
More informationCONNECTING DATA WITH BUSINESS
CONNECTING DATA WITH BUSINESS Big Data and Data Science consulting Business Value through Data Knowledge Synergic Partners is a specialized Big Data, Data Science and Data Engineering consultancy firm
More informationBig Data and Healthcare Payers WHITE PAPER
Knowledgent White Paper Series Big Data and Healthcare Payers WHITE PAPER Summary With the implementation of the Affordable Care Act, the transition to a more member-centric relationship model, and other
More informationContact Center Security: Moving to the True Cloud
White Paper Contact Center Security: Moving to the True Cloud Today, Cloud is one of the most talked about trends in the IT industry. It s a paradigm many believe will have a widespread business impact.
More informationSix Steps to SSL Certificate Lifecycle Management
Six Steps to SSL Certificate Lifecycle Management Why you need an SSL certificate management solution and how to get started +1-888-690-2424 entrust.com Table of contents Introduction Page 3 Consequences
More informationMicrosoft SQL Server for Oracle DBAs Course 40045; 4 Days, Instructor-led
Microsoft SQL Server for Oracle DBAs Course 40045; 4 Days, Instructor-led Course Description This four-day instructor-led course provides students with the knowledge and skills to capitalize on their skills
More informationBUSINESS INTELLIGENCE. Keywords: business intelligence, architecture, concepts, dashboards, ETL, data mining
BUSINESS INTELLIGENCE Bogdan Mohor Dumitrita 1 Abstract A Business Intelligence (BI)-driven approach can be very effective in implementing business transformation programs within an enterprise framework.
More informationTeradata and Protegrity High-Value Protection for High-Value Data
Teradata and Protegrity High-Value Protection for High-Value Data 03.16 EB7178 DATA SECURITY Table of Contents 2 Data-Centric Security: Providing High-Value Protection for High-Value Data 3 Visibility:
More informationInformation Architecture
The Bloor Group Actian and The Big Data Information Architecture WHITE PAPER The Actian Big Data Information Architecture Actian and The Big Data Information Architecture Originally founded in 2005 to
More informationInformatica Application Information Lifecycle Management
Informatica Application Information Lifecycle Management Cost-Effectively Manage Every Phase of the Information Lifecycle brochure Controlling Explosive Data Growth The era of big data presents today s
More informationContact Center Security: Moving to the Cloud
white paper Contact Center Security: Moving to the Cloud Table of Contents Executive Overview 2 A Critical Attribute of a Cloud Provider: Proven Security 2 How Do Well-established Companies Chose a Cloud
More informationEnsure PCI DSS compliance for your Hadoop environment. A Hortonworks White Paper October 2015
Ensure PCI DSS compliance for your Hadoop environment A Hortonworks White Paper October 2015 2 Contents Overview Why PCI matters to your business Building support for PCI compliance into your Hadoop environment
More informationSQL Server 2012 Gives You More Advanced Features (Out-Of-The-Box)
SQL Server 2012 Gives You More Advanced Features (Out-Of-The-Box) SQL Server White Paper Published: January 2012 Applies to: SQL Server 2012 Summary: This paper explains the different ways in which databases
More informationHow To Turn Big Data Into An Insight
mwd a d v i s o r s Turning Big Data into Big Insights Helena Schwenk A special report prepared for Actuate May 2013 This report is the fourth in a series and focuses principally on explaining what s needed
More informationFIVE KEY CONSIDERATIONS FOR ENABLING PRIVACY IN HEALTH INFORMATION EXCHANGES
FIVE KEY CONSIDERATIONS FOR ENABLING PRIVACY IN HEALTH INFORMATION EXCHANGES The implications for privacy and security in the emergence of HIEs The emergence of health information exchanges (HIE) is widely
More informationNIST Big Data Public Working Group
NIST Big Data Public Working Group Requirements May 13, 2014 Arnab Roy, Fujitsu On behalf of the NIST BDWG S&P Subgroup S&P Requirements Emerging due to Big Data Characteristics Variety: Traditional encryption
More informationPreemptive security solutions for healthcare
Helping to secure critical healthcare infrastructure from internal and external IT threats, ensuring business continuity and supporting compliance requirements. Preemptive security solutions for healthcare
More informationTop Ten Security and Privacy Challenges for Big Data and Smartgrids. Arnab Roy Fujitsu Laboratories of America
1 Top Ten Security and Privacy Challenges for Big Data and Smartgrids Arnab Roy Fujitsu Laboratories of America 2 User Roles and Security Concerns [SKCP11] Users and Security Concerns [SKCP10] Utilities:
More informationPrivacy & Big Data: Enable Big Data Analytics with Privacy by Design. Datenschutz-Vereinigung von Luxemburg Ronald Koorn DRAFT VERSION 8 March 2014
Privacy & Big Data: Enable Big Data Analytics with Privacy by Design Datenschutz-Vereinigung von Luxemburg Ronald Koorn DRAFT VERSION 8 March 2014 Agenda? What is 'Big Data'? Privacy Implications Privacy
More informationProtectV. Securing Sensitive Data in Virtual and Cloud Environments. Executive Summary
VISIBILITY DATA GOVERNANCE SYSTEM OS PARTITION UNIFIED MANAGEMENT CENTRAL AUDIT POINT ACCESS MONITORING ENCRYPTION STORAGE VOLUME POLICY ENFORCEMENT ProtectV SECURITY SNAPSHOT (backup) DATA PROTECTION
More informationEnterprise Data Protection
PGP White Paper June 2007 Enterprise Data Protection Version 1.0 PGP White Paper Enterprise Data Protection 2 Table of Contents EXECUTIVE SUMMARY...3 PROTECTING DATA EVERYWHERE IT GOES...4 THE EVOLUTION
More informationwww.sryas.com Analance Data Integration Technical Whitepaper
Analance Data Integration Technical Whitepaper Executive Summary Business Intelligence is a thriving discipline in the marvelous era of computing in which we live. It s the process of analyzing and exploring
More informationHadoop in the Hybrid Cloud
Presented by Hortonworks and Microsoft Introduction An increasing number of enterprises are either currently using or are planning to use cloud deployment models to expand their IT infrastructure. Big
More informationInformation Governance in the Cloud
Information Governance in the Cloud TABLE OF CONTENTS Executive Summary...3 Information Governance: Building a Trusted Foundation for Business Content...5 The Challenge...5 The Solution....5 Content and
More informationData-Centric Security vs. Database-Level Security
TECHNICAL BRIEF Data-Centric Security vs. Database-Level Security Contrasting Voltage SecureData to solutions such as Oracle Advanced Security Transparent Data Encryption Introduction This document provides
More informationWHITEPAPER. Why Dependency Mapping is Critical for the Modern Data Center
WHITEPAPER Why Dependency Mapping is Critical for the Modern Data Center OVERVIEW The last decade has seen a profound shift in the way IT is delivered and consumed by organizations, triggered by new technologies
More informationWhite. Paper. EMC Isilon: A Scalable Storage Platform for Big Data. April 2014
White Paper EMC Isilon: A Scalable Storage Platform for Big Data By Nik Rouda, Senior Analyst and Terri McClure, Senior Analyst April 2014 This ESG White Paper was commissioned by EMC Isilon and is distributed
More informationHow Big Is Big Data Adoption? Survey Results. Survey Results... 4. Big Data Company Strategy... 6
Survey Results Table of Contents Survey Results... 4 Big Data Company Strategy... 6 Big Data Business Drivers and Benefits Received... 8 Big Data Integration... 10 Big Data Implementation Challenges...
More informationWashington State s Use of the IBM Data Governance Unified Process Best Practices
STATS-DC 2012 Data Conference July 12, 2012 Washington State s Use of the IBM Data Governance Unified Process Best Practices Bill Huennekens Washington State Office of Superintendent of Public Instruction,
More informationData Governance in the Hadoop Data Lake. Kiran Kamreddy May 2015
Data Governance in the Hadoop Data Lake Kiran Kamreddy May 2015 One Data Lake: Many Definitions A centralized repository of raw data into which many data-producing streams flow and from which downstream
More informationDelivering Real-World Total Cost of Ownership and Operational Benefits
Delivering Real-World Total Cost of Ownership and Operational Benefits Treasure Data - Delivering Real-World Total Cost of Ownership and Operational Benefits 1 Background Big Data is traditionally thought
More informationInformation Governance
Information Governance & Extended Content Solutions 2013 SOUND FAMILIAR? How do we connect our information together? How do we manage multiple un-integrated repositories of documents? Our users don t know
More informationData Security and Governance with Enterprise Enabler
Copyright 2014 Stone Bond Technologies, L.P. All rights reserved. The information contained in this document represents the current view of Stone Bond Technologies on the issue discussed as of the date
More informationThe Comprehensive Guide to PCI Security Standards Compliance
The Comprehensive Guide to PCI Security Standards Compliance Achieving PCI DSS compliance is a process. There are many systems and countless moving parts that all need to come together to keep user payment
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V2.0, JULY 2015 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More informationPrivacy by Design The 7 Foundational Principles Implementation and Mapping of Fair Information Practices
Privacy by Design The 7 Foundational Principles Implementation and Mapping of Fair Information Practices Ann Cavoukian, Ph.D. Information & Privacy Commissioner, Ontario, Canada Purpose: This document
More informationTop 5 reasons to choose HP Information Archiving
Technical white paper Top 5 reasons to choose HP Information Archiving Intelligent, scalable, and proven archiving solutions Table of Contents The value of intelligent archiving... 2 Top 5 reasons to choose
More informationBIG DATA: FIVE TACTICS TO MODERNIZE YOUR DATA WAREHOUSE
BIG DATA: FIVE TACTICS TO MODERNIZE YOUR DATA WAREHOUSE Current technology for Big Data allows organizations to dramatically improve return on investment (ROI) from their existing data warehouse environment.
More information