This post has been republished via RSS; it originally appeared at: Healthcare and Life Sciences Blog articles.
Business Intelligence and Analytics are often restricted in Healthcare organizations due to regulatory concerns about sensitive data such as Personally Identifiable Information (PII). Report viewers often want to export data from reports, but until now there has been no way to effectively track and protect exported files of data. Also, allowing access to reports from un-managed devices has often been an all-or-nothing approach. Microsoft Information Protection and Cloud App Security tools are now in Preview for Power BI as part of your enterprise Data Loss Prevention strategy. Here’s a demo of how Microsoft Information Protection works as a part of Power BI Data Protection:
This article is the third in a series exploring how Power BI paired with Azure data tools creates a flexible, scale-able, and achievable healthcare analytics architecture:
- #1 - Unleash Massive Healthcare Data Volumes to Analytics using Power BI Aggregations - Click Here!
- #2 - Control PII and Sensitive Data Risk for Self-Service BI using Power BI DataFlows and Azure Data Lake - Click Here!
- #3 - Microsoft Azure Information Protection Secures Power BI Data Exports for a Seamless DLP Strategy (this article)
- #4 - Power BI with Azure Synapse enables Advanced Row Level Security with Variable Access at both the Summary and Detail Levels (Coming Soon)
A previous article at this link reviews many of the challenges that Healthcare organizations face due to Privacy and Regulatory concerns for PHI and other types of Sensitive Data. The diagram below is from that article, and shows three common ways that Sensitive Data can be shared inappropriately:
- User Exports Data and Shares with Unapproved Users – Power BI Data Protection (using MIP/AIP) is now in Preview to prevent inappropriate sharing.
- User Shares a Report with an Unapproved User – Power BI Workspace Level Security, Row Level Security, and Data Protection can all be used to mitigate this scenario.
- Re-Identification due to Small Data Aggregation sizes, Using Deep Learning or Referencing Other Databases – Cloud App Security Tools and other Power BI capabilities can reduce this risk, but thoughtful Data Model design by solution architects is also needed and sometimes requires expertise outside of what can be provided by a digital toolset.
- An official announcement about Power BI Data Protection Capabilities can be found at This Link - https://powerbi.microsoft.com/en-us/blog/announcing-new-data-protection-capabilities-in-power-bi/
- Read an overview of Power BI Data Protection at This Link - https://docs.microsoft.com/en-us/power-bi/admin/service-security-data-protection-overview
- Details about Data Sensitivity Labels for Power BI are at This Link - https://docs.microsoft.com/en-us/power-bi/admin/service-security-enable-data-sensitivity-labels
- Microsoft Cloud App Security tools for Power BI can be reviewed at This Link - https://docs.microsoft.com/en-us/power-bi/admin/service-security-using-microsoft-cloud-app-security-controls
- Power BI Administrative tracking of Data Protection Metrics is detailed at This Link - https://docs.microsoft.com/en-us/power-bi/admin/service-security-data-protection-metrics-report
Finally, here is a video that reviews Power BI Data Protection that was recently recorded at Microsoft Ignite: