A global insurance provider had begun migrating their legacy on-premise applications to a new data lake. With a strategic reporting solution used, it was clear that report users had access to data that they did not need to have access to.

Previous studies had identified the gaps and it was time to push forward and deliver a solution. We were engaged to define the roles and data access control business rules to support Germany, as they had specific requirements around employee name visibility. A temporary solution had been implemented but a strategic solution that unmasked employee names to those who needed to see them, was required.

We developed the rules with support from the Claims business, the Data Protection Officer, and German Works Council. We designed and built a Power BI prototype to demonstrate the rules working using attribute-based access controls (ABAC).

This prototype and the business rules have led to a further engagement to implement the solution in a real report connected to the data lake.