Solution ideas
This article describes a solution idea. Your cloud architect can use this guidance to help visualize the major components for a typical implementation of this architecture. Use this article as a starting point to design a well-architected solution that aligns with your workload's specific requirements.
This article describes how you can store, manage, and analyze HIPAA-compliant and HITRUST-compliant health data and medical records with a high level of built-in security.
Architecture
Download an SVG of this architecture.
Dataflow
- Securely ingest bulk patient data into Azure Blob storage.
- Event Grid publishes patient data to Azure Functions for processing, and securely stores patient data in SQL Database.
- Analyze patient data using Machine Learning, and create a Machine Learning-trained model.
- Ingest new patient data in HL7/FHIR format and publish to Azure Functions for processing. Store in SQL Database.
- Analyze newly ingested data using the trained Machine Learning model.
- Interact with patient data using Power BI while preserving Azure role-based access control (Azure RBAC).
Components
- Azure Functions: Process events with serverless code
- Event Grid: Get reliable event delivery at massive scale
- Storage Accounts: Durable, highly available, and massively scalable cloud storage
- Azure SQL Database: Managed, intelligent SQL in the cloud
- Azure Machine Learning: Bring AI to everyone with an end-to-end, scalable, trusted platform with experimentation and model management
- Power BI Embedded: Embed fully interactive, stunning data visualizations in your applications
- Defender for Cloud: Unify security management and enable advanced threat protection across hybrid cloud workloads
- Microsoft Entra ID: Synchronize on-premises directories and enable single sign-on
- Key Vault: Safeguard and maintain control of keys and other secrets
- Application Insights: Detect, triage, and diagnose issues in your web apps and services
- Azure Monitor: Full observability into your applications, infrastructure, and network
- Operation Management Suite: A collection of management services that were designed in the cloud from the start
- Azure RBAC and built-in roles: Azure role-based access control (Azure RBAC) has several built-in role definitions that you can assign to users, groups, and service principals.
Scenario details
This solution demonstrates how you can store, manage, and analyze HIPAA-compliant and HITRUST-compliant health data and medical records with a high level of built-in security.
Potential use cases
This solution is ideal for the medical and healthcare industry.
Next steps
- Azure Functions Documentation
- Azure Event Grid Documentation
- Azure Storage Documentation
- Azure SQL Database Documentation
- Azure Machine Learning Documentation
- Power BI Embedded Documentation
- Microsoft Defender for Cloud Documentation
- Get started with Microsoft Entra ID
- What is Azure Key Vault?
- What is Application Insights?
- Monitoring Azure applications and resources
- What is Operations Management Suite (OMS)?
- Built-in roles for Azure role-based access control