This site uses different types of cookies, including analytics and functional cookies (its own and from other sites). To change your cookie settings or find out more, click here. If you continue browsing our website, you accept these cookies.
Welcome to the industry discussions forum — a dedicated space to share resources, connect with like minded data workers, and discuss industry specific analytic challenges + solutions. Please read the Welcome post pinned below to familiarize yourself with how to engage in this new forum.
Right now, the power to solve new global challenges across industries, is at your fingertips, no matter where you're working from. Create a new topic or reply to an existing thread to share your perspective.
One of the hot topics at our lunch table when many of us met at Inspire 2017 was HIPAA. I wanted to create a thread where we could all discuss our challenges and triumphs related to HIPAA. Please share your story so we can learn from each other!
My HIPAA story
I work at Blue Cross of NC as a data engineer in our Operational Analytics area. A large component of my job recently has been building analytic apps that run from our internal Alteryx gallery that allow our internal stakeholders to pull their own operational data on an ad hoc basis. Since not everyone in our company should have access to our member's Protected Health Information (PHI) I chose to leverage the collections feature within the gallery. Since our Alteryx gallery is tied to active directory for automatic credentialing, this feature has made controlling access a breeze. I put the tools in collections and can just start typing someone’s name and Alteryx pulls possible matching names from active directory as I type. With some of the other BI tools that we have in house it can take a ticket and an act of congress to get access controlled by IT.
Once a workflow runs and a user has that spreadsheet of data, it is out of my hands as to what they do with it but I don't just assume they knew what is considered PHI or protected under HIPAA. One of the functions within the Interface Designer-Layout view is to add a link. I leveraged that functionality to add a link to our Privacy Office on the interface for my analytic apps.
Now when users go to run one of my self-service data apps from the gallery, after a description of the workflow that I put first, they see a blurb about HIPAA and a link to our guidelines.