Building a data pipeline is difficult. Building one that satisfies the US Federal Government's strictest security controls (FedRAMP High) while handling Protected Health Information (PHI) is typically a nightmare of encryption management and rigid access controls.
This talk dissects the architecture of a production serverless pipeline designed for federal life sciences that flips the traditional security model on its head. We move beyond pip install cryptography to explore how Python acts as the dynamic glue between rigorous compliance verification and massive data throughput.
Attendees will learn:
-
The Identity-Per-Transaction Pattern: Why "rotating keys" is obsolete. We walk through a Python-based identity broker that instantiates a unique, cryptographically scoped IAM credential for every single file transaction—and destroys it milliseconds later.
-
Streaming De-identification: How to implement a clean room scrubbing layer using Python generators and NLP (Microsoft Presidio) to tokenize PII in-memory before it ever touches your data lake.
-
Audit-Ready Logging: Techniques for structuring Python's
loggingmodule to produce immutable, auditor-friendly JSON trails that prove compliance without leaking sensitive data.
Join us to see how we replaced static service accounts with ephemeral Python logic to solve the "Non-Human Identity" crisis in high-stakes environments.