HIPAA and HITRUST compliant health data AI

Blob Storage
Event Grid
Machine Learning
Power BI

Solution Idea

If you'd like to see us expand this article with more information, implementation details, pricing guidance, or code examples, let us know with GitHub Feedback!


Architecture Diagram Download an SVG of this architecture.

Data Flow

  1. Securely ingest bulk patient data into Azure Blob storage.
  2. Event Grid publishes patient data to Azure Functions for processing, and securely stores patient data in SQL Database.
  3. Analyze patient data using Machine Learning, and create a Machine Learning-trained model.
  4. Ingest new patient data in HL7/FHIR format and publish to Azure Functions for processing. Store in SQL Database.
  5. Analyze newly ingested data using the trained Machine Learning model.
  6. Interact with patient data using Power BI while preserving Azure role-based access control (Azure RBAC).


  • Azure Functions: Process events with serverless code
  • Event Grid: Get reliable event delivery at massive scale
  • Storage Accounts: Durable, highly available, and massively scalable cloud storage
  • Azure SQL Database: Managed, intelligent SQL in the cloud
  • Azure Machine Learning: Bring AI to everyone with an end-to-end, scalable, trusted platform with experimentation and model management
  • Power BI Embedded: Embed fully interactive, stunning data visualizations in your applications
  • Security Center: Unify security management and enable advanced threat protection across hybrid cloud workloads
  • Azure Active Directory: Synchronize on-premises directories and enable single sign-on
  • Key Vault: Safeguard and maintain control of keys and other secrets
  • Application Insights: Detect, triage, and diagnose issues in your web apps and services
  • Azure Monitor: Full observability into your applications, infrastructure, and network
  • Operation Management Suite: A collection of management services that were designed in the cloud from the start
  • Azure RBAC and built-in roles: Azure role-based access control (Azure RBAC) has several built-in role definitions that you can assign to users, groups, and service principals.

Next steps