Build a Secured Multi-Tenant Healthcare Application

Today, SaaS businesses are mostly multi-tenant applications, providing a single centrally administered architecture to serve multiple customers (tenants). These tenants can be within an organization or different businesses, with all its data stored in the SaaS system. Data privacy and securing the data from other tenants are both critical in these deployment scenarios.

For this purpose, the tenant's data can be partitioned logically within a single database using shared/multiple schemas, or the data can be partitioned physically where each tenant has a separate database.

In this article, we'll show you how to logically and/or physically separate the tenant's data with Wyn Enterprise, using User Context attributes.

These attributes can be used to define the rules for dynamically restricting the data available to each tenant logged in to the same portal. User contexts can either be used to provide row-level data security in a document or database-level security for a data source. It acts as an additional layer of data security extending the role-based security that is built-into the Wyn Enterprise.

Multi-tenant Applications for the Healthcare Industry

Personal Identifiable Information (PII) is especially important to the healthcare industry. Suppose the Health Information and Management System (HIMS) of a hospital chooses to store its data in different databases, providing authorized access to certain user groups.

There may be databases:

  • With different healthcare departments in the hospital (Neurology, Cardiology, Oncology, etc.). All of these departments have authorized access to doctors to see the history of the patients they treated.

  • With patient treatment histories.

For this blog, let's name the former set of databases based on the department names: "Neurology," "Cardiology," and the latter one as "Patients."

The individual tenants accessing their specific data in the Wyn Security Layer are as follows:

  • Tenant John and Fred are patients and want to view their treatment history from a "Patient" Database
  • Tenant Smith, is a doctor and wants to see the data of the patients he has treated from "Neurology" Database
  • Tenant Marcus is another doctor and wants to see the data of the patients he has treated from "Cardiology" Database

The patients, John and Fred, are trying to access the same database. We need a User Context that can be used to filter the respective rows for them. The doctors, Smith and Marcus, are trying to access the isolated databases for their departments. We need a User Context here that can identify the department as well as the patients they have treated.

The User Contexts for the defined scenario can be as follows:

  • Department: Patient, Neurology, Cardiology
  • PatientID
  • DoctorID

Let's see how we can define these User Contexts in Wyn Enterprise.

User contexts are related to a user. First, we need a Custom Property to store information about users. It can be added to user profiles from the Custom Property page in the Admin Portal. Once we have the user properties defined, we can map them to user contexts that we will be used by making sure they are present in the Claims list of the User Contexts page.

You can follow the documentation to see in detail how you can create a custom property and add a claim for the user context in Wyn Enterprise.

For this blog, we created the custom properties based on the user contexts identified above — Department, PatientID, DoctorID as shown below:

Build a Secured Multi-Tenant Healthcare Application

While the department has predefined available values for the different departments in the hospital, PatientID and DoctorID have no available value because it will be unique for the users — the patients and doctors.

When you create Custom Property, the claim is automatically created on the "User Context" page as shown below. This claim name is used to map the user context with custom property for dynamic filtering in a document.

Build a Secured Multi-Tenant Healthcare Application

Note: On the "User Context" page, you also see some default user contexts like First Name, Last Name, Email, etc.

Now, the User Contexts that we mapped to the user's custom properties are available while creating users as shown below:

Build a Secured Multi-Tenant Healthcare Application

The next step is to add the users. Refer to our user documentation to add a new user to Wyn Enterprise.

We created the users for the scenario in this blog with the defined user contexts as shown below:

Build a Secured Multi-Tenant Healthcare Application

When you are ready with the User Context and users for your system, let's see where and how you can use them.

User contexts can be used on Document or Resource Portal in/as a Parameter value in Schedules, Parametric Filters in Shared DataSets, in DataSource Connection String, Security Filter in Semantic model, in SQL Query of Embedded Datasets in WynReports, Parameter/Filter in WynReports, etc. The syntax for using the user context attribute differs for the different Wyn Enterprise plugins.

It can be used:

  • As expression: "UserContext.GetValue("<claimName>")" in WynReports. You can define filter on a Table control in WynReports using user context expression, as shown below:

Build a Secured Multi-Tenant Healthcare Application

  • As Parameter Type: User Context with claimName as Value for Filters in Shared Dataset for WynReports and/or WynDashboard.

Build a Secured Multi-Tenant Healthcare Application Build a Secured Multi-Tenant Healthcare Application

  • As filter value for Security Filter in Semantic Report. Simply choose the claimName from the dropdown in Security Filter.

Build a Secured Multi-Tenant Healthcare Application

  • As placeholder @{claimName} in DataSource connection String. With user context, the connection in general looks like - data source=@{claimmydatabase};initial catalog=@{claimmycatalog}; user id=@{claimmyusername};password=@{claimmypassword};

To fetch the tenant-specific database, the connection string is as shown below:

Build a Secured Multi-Tenant Healthcare Application

Now that we have defined how and where the User Context is used in Wyn Enterprise, let's see how it can be used to meet the use-case we have defined above.

For this purpose, we have created a WynReport "Patient Medical Report" for patients and doctors as shown below:

Build a Secured Multi-Tenant Healthcare Application

In the report, data is to be fetched from different databases, Patient, Neurology, and Cardiology, accessible to the logged-in user. So, we used the user context "Department" as a placeholder in the Database connection string.

Build a Secured Multi-Tenant Healthcare Application

And then, as an expression in the SQL query of the Embedded Dataset in the WynReport to fetch data corresponding to the patients and doctors.

Build a Secured Multi-Tenant Healthcare Application

So, when John login to the system, he sees only his medical history while Fred's see only his history as shown below:

Build a Secured Multi-Tenant Healthcare Application Image showing report with only John’s medical history

Build a Secured Multi-Tenant Healthcare Application Image shows report with only Fred’s medical history

And the same report shows the medical history of all the patients Dr. Smith has treated for neurological problems and Dr. Marcus has treated for cardio problems as shown below:

Build a Secured Multi-Tenant Healthcare Application Image shows report accessed by Dr. Smith

Build a Secured Multi-Tenant Healthcare Application Image shows report accessed by Dr. Marcus

As you see, User Context can be applied to any document in Wyn Enterprise to achieve multi-tenancy in your system. You can also use it with the users in your ActiveDirectory (using Security Providers).

Are you interested in implementing an advanced BI system into your business?

Try us out or request a demo to learn more about Wyn Enterprise.