Solution ideas
This article is a solution idea. If you'd like us to expand the content with more information, such as potential use cases, alternative services, implementation considerations, or pricing guidance, let us know by providing GitHub feedback.
This article describes how you can store, manage, and analyze HIPAA-compliant and HITRUST-compliant health data and medical records with a high level of built-in security.
Architecture
Download an SVG of this architecture.
Dataflow
- Securely ingest bulk patient data into Azure Blob storage.
- Event Grid publishes patient data to Azure Functions for processing, and securely stores patient data in SQL Database.
- Analyze patient data using Machine Learning, and create a Machine Learning-trained model.
- Ingest new patient data in HL7/FHIR format and publish to Azure Functions for processing. Store in SQL Database.
- Analyze newly ingested data using the trained Machine Learning model.
- Interact with patient data using Power BI while preserving Azure role-based access control (Azure RBAC).
Components
- Azure Functions: Process events with serverless code
- Event Grid: Get reliable event delivery at massive scale
- Storage Accounts: Durable, highly available, and massively scalable cloud storage
- Azure SQL Database: Managed, intelligent SQL in the cloud
- Azure Machine Learning: Bring AI to everyone with an end-to-end, scalable, trusted platform with experimentation and model management
- Power BI Embedded: Embed fully interactive, stunning data visualizations in your applications
- Defender for Cloud: Unify security management and enable advanced threat protection across hybrid cloud workloads
- Microsoft Entra ID: Synchronize on-premises directories and enable single sign-on
- Key Vault: Safeguard and maintain control of keys and other secrets
- Application Insights: Detect, triage, and diagnose issues in your web apps and services
- Azure Monitor: Full observability into your applications, infrastructure, and network
- Operation Management Suite: A collection of management services that were designed in the cloud from the start
- Azure RBAC and built-in roles: Azure role-based access control (Azure RBAC) has several built-in role definitions that you can assign to users, groups, and service principals.
Scenario details
This solution demonstrates how you can store, manage, and analyze HIPAA-compliant and HITRUST-compliant health data and medical records with a high level of built-in security.
Potential use cases
This solution is ideal for the medical and healthcare industry.
Next steps
- Azure Functions Documentation
- Azure Event Grid Documentation
- Azure Storage Documentation
- Azure SQL Database Documentation
- Azure Machine Learning Documentation
- Power BI Embedded Documentation
- Microsoft Defender for Cloud Documentation
- Get started with Microsoft Entra ID
- What is Azure Key Vault?
- What is Application Insights?
- Monitoring Azure applications and resources
- What is Operations Management Suite (OMS)?
- Built-in roles for Azure role-based access control