Governing Data Mesh in HIPAA-Compliant Multi-Tenant Architectures
DOI:
https://doi.org/10.63282/3050-922X.IJERET-V3I1P105Keywords:
Data Mesh, HIPAA Compliance, Multi-Tenant Architecture, Data Governance, APIs, CHIP, LTC, Managed Care, Federated Governance, Domain-Oriented ArchitectureAbstract
Especially in HIPAA-compliant, multi-tenant environments, the adoption of data mesh architecture is more rapidly changing the ways by which healthcare firms manage & utilize their data. Especially in initiatives like CHIP (Children's Health Insurance Program), LTC (Long-Term Care), and Managed Care, where patient data is more sensitive and rules are strict, the need of controlling this complex landscape becomes more pressing as health systems advance to enable more decentralized data ownership & domain-driven design. The confluence of data mesh concepts with the particular needs of healthcare data governance is investigated in this article. It emphasizes how inadequate traditional centralized governance models are in multi-tenant environments where data consumers & also producers are scattered throughout many companies and systems. The focus is on how Governance APIs might be scalable systems to enforce rules, preserve data & provide access limitations while thus enabling autonomy across many sectors. This article examines more operational procedures, legal obligations, and actual world constraints in CHIP, LTC, and Managed Care, thereby exposing the flaws in dispersed governance and suggesting a framework to fit mesh principles with HIPAA's severe security & also privacy requirements. Key ideas include the implementation of policy-as-code for dynamic enforcement, the integration of governance from the beginning of data product development & the establishment of federated governance councils to monitor their compliance. The results underline the requirement of flexible, transparent, interoperable governance systems free from hindrance of innovation or domain ownership. This article aims to help public health campaigns and healthcare facilities use data mesh under regulatory compliance, trust, and responsibility
References
[1] Imran, Ashiq. Ontology Based Access Control for Addressing Multi-tenancy in Health Cloud. MS thesis. North Carolina Agricultural and Technical State University, 2015.
[2] Anwar, Mohd, and Ashiq Imran. "Access control for multi-tenancy in cloud-based health information systems." 2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing. IEEE, 2015.
[3] Dean, Daniel J., et al. "Engineering scalable, secure, multi-tenant cloud for healthcare data." 2017 IEEE world congress on SERVICES (SERVICES). IEEE, 2017.
[4] Luna, Raymond Brett. A Framework for Evaluation of Risk Management Models for HIPAA Compliance for Electronic Personal Health Information used by Small and Medium Businesses using Cloud Technologies. MS thesis. East Carolina University, 2018.
[5] Bertram, Stuart, et al. "On-demand dynamic security for risk-based secure collaboration in clouds." 2010 IEEE 3rd International Conference on Cloud Computing. IEEE, 2010.
[6] Yasodhara Varma Rangineeni, and Manivannan Kothandaraman. “Automating and Scaling ML Workflows for Large Scale Machine Learning Models”. JOURNAL OF RECENT TRENDS IN COMPUTER SCIENCE AND ENGINEERING ( JRTCSE), vol. 6, no. 1, May 2018, pp. 28-41
[7] Boniface, Mike, et al. "On-demand dynamic security for risk-based secure collaboration in clouds." (2010).
[8] Srinivasan, S. "Is security realistic in cloud computing?." Journal of International Technology and Information Management 22.4 (2013): 3.
[9] Ali Asghar Mehdi Syed, and Shujat Ali. “Evolution of Backup and Disaster Recovery Solutions in Cloud Computing: Trends, Challenges, and Future Directions”. JOURNAL OF RECENT TRENDS IN COMPUTER SCIENCE AND ENGINEERING ( JRTCSE), vol. 9, no. 2, Sept. 2021, pp. 56-71
[10] Ranabahu, Ajith Harshana. "Abstraction driven application and data portability in cloud computing." (2012).
[11] Srinivasan, S. "Journal of International Technology and Information Managemen t." Information Management 22.4 (2013): 3.
[12] Atluri, Anusha, and Teja Puttamsetti. “Mastering Oracle HCM Post-Deployment: Strategies for Scalable and Adaptive HR Systems”. American Journal of Autonomous Systems and Robotics Engineering, vol. 1, Apr. 2021, pp. 380-01
[13] Delphin, Yves. Establishing Standard of Security for the Software-as-a-service (SaaS) For the Public Cloud Computing. Diss. Mercy College, 1977.
[14] Delphin, Yves. Establishing standard of security in software as a service (SAAS) public computing. Diss. Colorado Technical University, 2012.
[15] Ali Asghar Mehdi Syed. “High Availability Storage Systems in Virtualized Environments: Performance Benchmarking of Modern Storage Solutions”. JOURNAL OF RECENT TRENDS IN COMPUTER SCIENCE AND ENGINEERING ( JRTCSE), vol. 9, no. 1, Apr. 2021, pp. 39-55
[16] 16.. Kemp, Chris, and Brad Gyger. Professional Heroku Programming. John Wiley & Sons, 2013.
[17] Sangeeta Anand, and Sumeet Sharma. “Big Data Security Challenges in Government-Sponsored Health Programs: A Case Study of CHIP”. American Journal of Data Science and Artificial Intelligence Innovations, vol. 1, Apr. 2021, pp. 327-49
[18] Gade, Kishore Reddy. "Data Mesh: A New Paradigm for Data Management and Governance." Journal of Innovative Technologies 3.1 (2020).
[19] Atluri, Anusha. “Extending Oracle HCM Cloud With Visual Builder Studio: A Guide for Technical Consultants ”. Newark Journal of Human-Centric AI and Robotics Interaction, vol. 2, Feb. 2022, pp. 263-81
[20] Boppana, Venkat Raviteja. "Ethical Considerations in Managing PHI Data Governance during Cloud Migration." Educational Research (IJMCER) 3.1 (2021): 191-203.
[21] R. Daruvuri, “An improved AI framework for automating data analysis,” World Journal of Advanced Research and Reviews, vol. 13, no. 1, pp. 863–866, Jan. 2022, doi: 10.30574/wjarr.2022.13.1.0749.
[22] Gade, Kishore Reddy. "Data Analytics: Data mesh architecture and its implications for data management." Journal of Innovative Technologies 2.1 (2019).
