How do you handle Jurisdiction requirements where each global jurisdiction can have different granular security models (GDPR, US HIPAA, Brazil, China, India, California, Colorado, etc) within a single graph? I found the ability to handle user granular consent based on content. Not able to fine a jurisdictioin model with individual granular consent for each model. any help would be appreciated.
What is the mapping between users and jurisdictions? Can the same user fall under multiple jurisdictions or would they have separate user accounts, one for each, in that case? If it's one-to-many, how would that work? Would it depend on the physical location of where the user logged in, or would a user always have the privileges (and restrictions) of all the jurisdictions they fall under?
-Paul
A single user(patient) is linked to a single jurisdiction at a time. A patient can assign consent to multiple individuals, multiple providers (physicians) or multiple organizations. The jurisdiction defines the elements that can me possibly masked. The patient can turn elements off/on based on a unique jurisdiction for an individual, can turn elements off/on based on a unique jurisdiction for a physicians, can turn element off/on based on a unique jurisdiction for an organizations.
Terry
Hi Terry. Thanks for the clarification. I think the answer depends on whether patients will have Stardog accounts or whether they'll be using an app that accesses data through Stardog using a service account. I'm guessing it is the latter, in which case you would configure the app account such that it could see all data for all patients, and limit access through queries - have the app use queries that only return restricted information if the database shows that the user is in the correct jurisdiction and/or hasn't masked the requested data. While it's optional, you can use User-defined Rule Reasoning to define and encapsulate those rules.
-Paul