Skip to Content
Graphs and charts depicting data analytics information and insights.
Case Study

Analytics framework improves efficiencies and provides valuable insights

July 6, 2022 / 3 min read

A new analytics framework helps a medical research university improve their ePHI user access security and analysis and create operational efficiencies to focus on value-add risk mitigation activities.

The challenge

A private medical research university sought assistance in reviewing multiple healthcare applications to identify account access exceptions, or users not trained to handle health data. The analysis led to the identification and confirmation of user access for select data systems with access to electronic protected health information records (ePHI) covered by HIPAA.

The evaluation required extensive data management and analysis efforts across a number of disparate applications and systems. This process includes the collection, standardization, integration, and analysis of user application files and match-based queries to an approved list of users with permission to access ePHI within university-owned applications.

While the standard approach was effective, it was operationally inefficient, unresponsive to changing requirements, and didn’t provide visualized insights:

The solution

Our cross-functional team of cybersecurity and data analytics experts designed an improved analytics framework to automate the process of data collection, management, and analysis. Leveraging advanced analytical tools including Alteryx, SQL, and Tableau, we greatly improved their efficiency, responsiveness, and ability to produce insightful analysis. The new analytics framework was divided into three phases:

1. Data importing, cleaning, and standardization

2. Query-based matching method within secure SQL server database

3. Generation of department-level reports and dynamic analysis

Additionally, throughout the process, department leader feedback was integrated to improve the accuracy and timeliness of the analysis.

The benefit

This improved approach allows the university to spend time on value add, risk remediation activities versus manual data processing. This shift from tactical tasks to strategic advising results in a sustainable, data-driven solution. The university can now better understand the root causes that lead to user access errors, and increase the speed risks are remediated.

Related Thinking

Business professional checking the multifactor authentication code on their cell phone.
November 1, 2024

Preparing for the inevitable: Navigating third-party tech failures

Article 7 min read
Parent sitting on the floor with their child and learning about how school districts can proactively manage cyber risk to protect student data.
October 30, 2024

Cybersecurity essentials for K-12 schools: Protecting students and data

Article 6 min read
Aerial view of shipping port.
October 22, 2024

Supply chain resilience: Lessons from the latest port strikes

Article 3 min read