Federated Security and Fine-Grained Access Control

Edmond Scientific continues to lead in developing new technologies, ones that make access control interoperable, while authorizing real-time decision making in the enforcement of an organizations policies.  The Hybrid Access Control System (HACS)  is the latest in a series of technological developments that facilitate integrating federated access control policies and enforcement across different security protocols for an organization, working  to ensure private information remains private and protected from a breach.  Edmond’s HACS also easily supports integrated, centralized policy management and enforcement of distributed microservices throughout an enterprise.

Fine-Grained Access at the Data Element Level

Dissemination of sensitive data, including electronic medical records and classified documents (e.g. DOD top secret), require controlled, conditional access according to different levels or types of authorization. Access of such records may need to be limited according to both the sensitive nature of particular records, as well as the purpose for requesting the records and finally, the authority of the requestor.  Edmond Scientific’s Security Labeling Service (SLS) provides the capability to enforce obligations and restrictions for security and privacy at the document, field, and data element level based upon content and user roles and privileges.

Enforcement of Security and Privacy Obligations After Exchange to Third Parties

Enforcement of data handling requirements can become a problem when electronic records and other sensitive data are transferred from the original custodian source. Further still, once records are transferred, proper enforcement of data handling agreements or obligations may or may not occur. When electronic medical records are exchanged between service provider organizations, policing the handling of this data is crucial and often, unenforceable.  Edmond Scientific’s Data Obligations Management (DOM) provides the capability to enforce and verify obligations and handling instructions after the transfer or exchange of data.