How machine learning is changing access control

access control

Artificial Intelligence and Machine Learning

Next Generation Technologies and Secure Development

More adaptive technology is changing the way organizations monitor, assess and control access


July 5, 2022

How machine learning is changing access control

To protect private patient data is critical to any healthcare organization. It’s important for HIPAA Compliant, and for the safety and security of those patients. From protecting systems from outside hackers to monitoring and internal access control, there are many steps any organization can take to better protect PHI and EHR data.

Also see: Chat by the fire | Zero Tolerance: Control the landscape where you will meet your opponents


One of the recent developments in this area is machine learning-driven access monitoring. Unlike traditional rules-based access control, this new, more adaptive technology is changing the way organizations monitor, assess and manage access.


What is access control?


This technology currently determines appropriate or inappropriate access, allowing that access to be denied if deemed inappropriate, unlike access control which is usually reviewed and analyzed retrospectively.

access control is exactly what it sounds like: monitoring user access to high-risk network resources, critical data, and access points. Access control, which can include real-time monitoring or retroactive monitoring or analysis, is especially important in healthcare, where the sheer volume of daily access to EHR systems and healthcare networks makes it difficult to use traditional access controls. On average, there are millions of access attempts per healthcare organization per day. Many of those come during a time-sensitive, literally life-saving moment, so creating controls that can delay that access becomes impossible. That’s why good monitoring is so important, it’s one of the few ways an organization can EMR data live.


How is machine learning used in access monitoring?


Before looking at the development of machine learning, it’s important to look at traditional access control methods and why they fall short.


The more common form of access control is called a “rules-based” system. It is an algorithm where the organization sets parameters for access and any access attempt outside those parameters is flagged. The most common is a function. If a nurse works in the ED, that nurse only has access to EHR data from patients who are in the ED. If they tried to access other data, it would be flagged as suspicious.


That makes sense, and for smaller organizations it also makes sense to implement access control in this way. However, such a system can lead to many false positives† In fact, false positives are a big deal across the industry, and it makes sense. Healthcare is both practical and organizationally complex. What if the emergency room nurse from the example above spends her day in the ICU or pediatric clinic instead? What if an oncologist comes to the emergency room for a consultation? Those are the problems that machine learning is trying to solve.


How is machine learning used in access monitoring?


Machine learning, also known as artificial intelligence, is able to authenticate access through context and learning, rather than a solid “yes, no” rule. This kind of technology better understands why an asset has been used and can identify and remember patterns in access points to reduce false positives and make access more efficient and secure.


Let’s look at the oncology example from above. If a patient in the emergency room has a scan that could be cancer, the emergency room would call for an oncology consultation. Later, at his office, the oncologist gains access to that patient’s information to look into it further. If the patient is still classified as an ED patient, that access can be flagged in a rules-based system. But with machine learning, the system could detect that the patient has cancer and that oncologists are treating cancer, so this access is appropriate.


Why machine learning is useful


As mentioned, machine learning: reduces false positives, applies context to access monitoring, and is able to learn as it goes, flagging potentially suspicious activity that had bypassed the rules-based system.


In addition, it is capable of a layer of access control to these systems, access points and assets, rather than traditional fine-grained controls. This technology currently determines appropriate or inappropriate access, allowing that access to be denied if deemed inappropriate, unlike access control which is usually reviewed and analyzed retrospectively. Because this technology is automated, it can also scan more accesses because there is no need to create a new rule for each access. You can jump from a 1% audit rate to a 99% audit rate.

Leave a Comment

Your email address will not be published.