HIPAA to Grafana

This page provides you with instructions on how to extract data from HIPAA and analyze it in Grafana. (If the mechanics of extracting data from HIPAA seem too complex or difficult to maintain, check out Stitch, which can do all the heavy lifting for you in just a few clicks.)

What is HIPAA?

The Health Insurance Portability and Accountability Act (HIPAA) defines rules that American organizations must follow to securely handle and maintain Protected Health Information (PHI). To remain in compliance, organizations are required to have a signed Business Associate Agreement (BAA) from any partner organization that creates, receives, maintains, or transmits PHI. The partner must ensure that it will safeguard the PHI that passes through its systems. Businesses also have to meet a long checklist of compliance rules and practices.

What is Grafana?

Grafana is an open source platform for time series analytics. It can run on-premises on all major operating systems or be hosted by Grafana Labs via GrafanaCloud. Grafana allows users to create, explore, and share dashboards to query, visualize, and alert on data.

Getting HIPAA data

You migrate PHI just as you would any other data, but you must stay cognizant of HIPAA regulations. No one but you and the data source can handle the data unless you have a BAA in place with them.

You can use any methods your data provider offers to extract data from their service. Many cloud-based data sources provide APIs that expose data to programmatic retrieval. Others allow you to set up webhooks to push event data to requesters. For data that lives in a database, you can use SELECT statements or a utility that does a mass dump of the data you specify.

Loading data into Grafana

Analyzing data in Grafana requires putting it into a format that Grafana can read. Grafana natively supports nine data sources, and offers plugins that provide access to more than 50 more. Generally, it's a good idea to move all your data into a data warehouse for analysis. MySQL, Microsoft SQL Server, and PostgreSQL are among the supported data sources, and because Amazon Redshift is built on PostgreSQL and Panoply is built on Redshift, those popular data warehouses are also supported. However, Snowflake and Google BigQuery are not currently supported.

Analyzing data in Grafana

Grafana provides a getting started guide that walks new users through the process of creating panels and dashboards. Panel data is powered by queries you build in Grafana's Query Editor. You can create graphs with as many metrics and series as you want. You can use variable strings within panel configuration to create template dashboards. Time ranges generally apply to an entire dashboard, but you can override them for individual panels.

Keeping HIPAA data up to date

Once you've set up your data pipeline to your HIPAA data source, you can relax – as long as nothing changes. You have to keep an eye on any modifications that your sources make to the data they deliver. You should also watch out for cases where your script doesn't recognize a new data type. And since you'll be responsible for maintaining your script, every time your users want slightly different information, you'll have to modify the script. Keep in mind that HIPAA is all about rules and compliance, so you'll also have to know what HIPAA permits and proscribes, as will anyone else who works on the script.

From HIPAA to your data warehouse: An easier solution

As mentioned earlier, the best practice for analyzing HIPAA data in Grafana is to store that data inside a data warehousing platform alongside data from your other databases and third-party sources. You can find instructions for doing these extractions for leading warehouses on our sister sites HIPAA to Redshift, HIPAA to BigQuery, HIPAA to Azure SQL Data Warehouse, HIPAA to PostgreSQL, HIPAA to Panoply, and HIPAA to Snowflake.

Easier yet, however, is using a solution that does all that work for you. Products like Stitch were built to move data from HIPAA to Grafana automatically. With just a few clicks, Stitch starts extracting your HIPAA data via the API, structuring it in a way that's optimized for analysis, and inserting that data into a data warehouse that can be easily accessed and analyzed by Grafana.