| CPC G06F 21/6218 (2013.01) [G06F 21/31 (2013.01); G06F 21/604 (2013.01)] | 14 Claims |
|
1. A computer-implemented method for granting purpose-based access to electronic datasets, the computer-implemented method comprising, by one or more hardware processors executing program instructions:
receiving, from a user via a data discovery user interface, a request to access data items associated with a plurality of datasets, wherein the data discovery user interface displays summarized data associated with the plurality of datasets and prevents access to the individual data items comprising the datasets;
wherein each of the datasets is associated with a permission level, wherein at least a first permission level requires authorization from a first owner of a first dataset associated with the first permission level before data items of the first dataset are accessible to the user;
iteratively receiving, from the user, filter criteria usable to determine a cohort of datasets matching the filter criteria, wherein after each change to the filter criteria the data discovery user interface is updated to indicate cohort data regarding datasets matching the updated filter criteria while preventing access to the individual data items of the matching datasets;
receiving, from the user via the data discovery user interface, an investigation purpose for which access to data items of the cohort of matching datasets is requested;
for each dataset of the cohort of matching datasets:
determining a permission level;
determining a data owner of the dataset that is authorized to grant the user access to the dataset;
transmitting an access request to the determined data owner of the dataset requesting authorization for the user to access the dataset for the investigation purpose;
generating an investigation dataset comprising at least a portion of data items of datasets for which the respective data owner authorized access; and
providing the user access to the investigation dataset.
|