US Patent No. 10,558,684

AUDITING DATABASE ACCESS IN A DISTRIBUTED MEDICAL COMPUTING ENVIRONMENT


Patent No. 10,558,684
Issue Date February 11, 2020
Title Auditing Database Access In A Distributed Medical Computing Environment
Inventorship Joel C. Dubbels, Rochester, MN (US)
Janice R. Glowacki, Rochester, MN (US)
Richard J. Stevens, Monkton, VT (US)
Assignee International Business Machines Corporation, Armonk, NY (US)

Claim of US Patent No. 10,558,684

1. A method of auditing database access in a distributed medical computing environment, the method comprising:receiving, by an audit manager responsive to a user query of one or more databases within the distributed medical computing environment, results of the query;
determining by the audit manager, in dependence upon audit policies for the medical computing environment, whether any portion of the results of the query smaller than the entire results of the query require auditing access before presenting to the user, any portions of the results of the query to the user, the audit policies specifying one of several actions to take in response to one or more conditions, the one or more conditions including presence of one or more specific fields and absence of one or more specific fields in the results of the query; and
in response to a determination that any portion of the results of the query require auditing access:
storing an audit record in an audit database, wherein the audit record comprises data identifying the query, the user from which the query is received, and the portions of the query results that caused the results to require auditing access, wherein the audit database only includes audit records,
transmitting the audit record to a predetermined auditing facility to be stored, and
withholding, from the user, the portions of the results of the query requiring auditing access by redacting the portions of the results of the query requiring auditing access and presenting certain portions of the results of the query anonymously to the user; and
providing a notification of the query if any portion of the results of the query require auditing access, wherein the notification is a message sent to a predetermined location designated for auditing database queries.