AI-Powered Permissioning: From One Week to One Hour for Healthcare Data Access

Mapping the Access Landscape

The engagement began by documenting the full lifecycle of a data access request — from initial Slack message through legal review to infrastructure-as-code provisioning.

Key Findings

• Average credentialing time for a new user or service account was approximately one week end-to-end
• No single system of record existed for who had access to what — permissions were spread across Snowflake roles, IaC definitions, and Linear ticket history
• HIPAA-sensitive data lacked consistent classification; the team relied on institutional knowledge to determine what was PHI
• Service accounts from completed projects retained full access indefinitely — no deprovisioning process existed
• The data platform team was spending disproportionate time on access requests rather than building AI-powered applications

Design Decisions

The system needed to be fully automated and AI-powered — not a better manual process, but a replacement for manual process entirely. Legal policy definitions would live in code, classification would be continuous, and provisioning would be instant for standard cases.

PHI Classification & Automated Credentialing

Two foundational workstreams ran in parallel: building the AI-powered classification engine and wiring up the automated credentialing pipeline.

Agentic PHI Scanner

A BAA/HIPAA-compliant agentic system was deployed to continuously scan and classify data sensitivity across the entire estate:

• Thousands of data assets and hundreds of thousands of columns scanned
• Coverage extended to data warehouses, data products, dashboards, external reports, communications, and metadata
• PHI and potential PHI labeled automatically based on strict, code-defined policies
• The system ran continuously — classification stayed in sync as new assets appeared

Why agents: The volume and velocity of new data assets made batch classification impractical. Agents could operate continuously, handle ambiguous cases with reasoning, and escalate only true edge cases.

Automated Credentialing Pipeline

Simultaneously, the request-to-access pipeline was rebuilt:

• Identity governance integrated with Microsoft Entra ID to map requesters to organizational context via lifecycle automation (joiner-mover-leaver events)
• Role-based access policies encoded which roles qualified for which data sensitivity tiers, aligning with NIST SP 800-53 least-privilege controls
• Slack and Linear automation replaced manual routing — standard requests resolved without human intervention
• Legal policy definitions migrated from documents and tribal knowledge into version-controlled, auditable code

System Live: Continuous Least-Privilege Enforcement

The full permissioning system went live with continuous monitoring and automated deprovisioning, completing the shift from reactive access management to proactive, zero-trust-aligned least-privilege enforcement.

What Made It Work

Three factors combined:

1. AI agents over automation scripts — Agents could reason about ambiguous PHI classification, monitor usage patterns, and adapt as the data estate grew. Traditional rule-based automation would have required constant manual updates.
2. Policy as code — Legal definitions lived in version-controlled code, creating the auditable control evidence that HIPAA and SOC 2 auditors expect. No more relying on institutional knowledge.
3. Continuous over periodic — Rather than quarterly access reviews that discovered months of drift, the system enforced least-privilege continuously by monitoring actual query patterns and revoking dormant access automatically — operationalizing the "never trust, always verify" principle of zero-trust architecture (NIST SP 800-207).

The data platform team shifted from spending significant time on access administration to focusing on the AI-powered applications that were driving business value.