SlideShare a Scribd company logo

Is Your EHR Safe? New Technologies for Auditing

Compliancy Group
Compliancy Group

U.S. legislation such as the Affordable Care Act, HIPAA and HITECH outline rules governing the appropriate use of personal health information (PHI). Unfortunately, current technologies do not adequately monitor PHI use. In particular, while electronic medical records (EMR) systems maintain detailed audit logs that record each access to PHI, the logs contain too many accesses for compliance officers to practically monitor, putting PHI at risk. In this talk I will present the explanation-based auditing system, which aims to filter appropriate accesses from the audit log so compliance officers can focus their efforts on suspicious behavior. The underlying premise of the system is that most appropriate accesses to medical records occur for valid clinical or operational reasons in the process of treating a patient, while inappropriate accesses do not. I will discuss how explanations for accesses (1) capture these clinical and operational reasons, (2) can be mined directly from the EMR database, (3) can be enhanced by filling-in frequently missing types of data, and (4) can drastically reduce the auditing burden.

Health & MedicineBusiness
1 of 28
Download to read offline
855.85HIPAA   www.compliancygroup.com   Industry leading Education Certified Partner Program •  Please ask questions •  For todays Slides http://compliancy-group.com/ slides023/ •  Todays & Past webinars go to: http://compliancy-group.com/ webinar/ Get Involved. #cgwebinar
ì   Daniel  Fabbri   Founder  &  CEO  of  Maize  Analy5cs   Assistant  Professor  at  Vanderbilt  University  
Electronic  Medical  Records  
Problem:  Insecure  Data   1.  Open  access  environment   2.  Millions  of  accesses  per  week   3.  Pa<ent  care  is  dynamic  
Regulations     HIPAA,  HITECH,  and  Affordable  Care  Act   •  Minimal  requirements  to  access  PHI   •  Security  monitoring  requirements   •  Penal<es  and  fines  for  breaches  
Paper-­‐Bag  Security   “Nancy,  I’m  not  sure  that’s  what  HIPAA  had  in  mind.”    
Basic  Security  Mechanisms                  Fine-­‐grained  access  controls              Permission  escala<on            “Are  you  sure  you  want  to  con<nue?”  WARNING  
Current  Approaches                    Compliance  officers  manually  review  complaints          Flag  “suspicious”  types  of  accesses    (i)  Same  last  name,  (ii)  co-­‐workers,  (iii)  neighbors    
Audit  Limitations   ì  Most  accesses  audited  are  appropriate   ì  Inves<ga<ons  can  take  days  or  weeks  to  complete   ì  Poten<al  alert  avalanches  (turn  system  off)  
Objective       Provide  compliance  officers  the  ability  to     quickly  and  accurately     find  inappropriate  access  from  audit  logs.    
Observation   Most  appropriate  accesses  occur  for  valid  clinical  or  opera5onal  reasons.        “Authorized    access    is     limited    to    those    with    the       need    to    know    for    purposes     of    pa5ent    care,    billing,     medical    record    review    and     quality      assurance.”   University  of  Michigan  Health  System  Screen  Saver  
Explanation-­‐Based  Auditing  System  (EBAS)   !""#$%&'()*+",%-%.$-/0%123)!435.-6) 7235&%,) 82&$#3)90) :42#;):) :<) :=) !435>)?$6) @%,53)82%1$-) A$#)!&&211B) !""#$"#5%>2) C41"5&5$41) 7235&%,) 82&$#3) <D) E) Filter  accesses  so  there  are  fewer  for  manual  review.   i  
Filter  Based  On  Data  Stored  In  The  EMR  
What  is  an  Explanation?   nation Graph Evidence->Audit Log->Employee ID Evidence->Audit Log->Patient ID Evidence->Appointment->Patient ID Evidence->Appointment->Employee ID Connec<on  between  the  pa*ent  and  employee  accessing  the  pa<ent’s  record  
Explanation  Recommendations     Find  frequently  occurring  explana*ons    Graph  search  problem   Recommend  explana*ons  to  compliance  officers    Approve  correct  explana<ons    Use  to  filter  future  appropriate  accesses  
Limitations     Basic  explana<ons  are  effec<ve  for  doctors,  not  suppor<ng  staff  (e.g.,  nurses,  pharmacists,  central  staffing,  etc.)         Appointments  are  made  with  doctors,  not  nurses.     This  lack  of  data  causes  missed  explana5ons  
Enhance  Explanations   1.  Automa*cally  fill-­‐in  missing  data:    Oncologists  treat  cancer  pa5ents    Pediatric  nurses  work  with  pediatric  physicians           Pediatric  nurse   Pediatric  physician   Hospital  Employees  
Enhance  Explanations   Explanation-Based Auditing False 0.500 Medication + Department View False 0.167 Icd + Department To Icd + Department View Evidence->Audit Log->Employee ID Evidence->Audit Log->Patient ID Employee Info->Department->Info Value Employee Info->Department->Employee ID Department to ICD->Department To Department to ICD->Department To Icd->depart Patient Info->Icd->Patient ID Patient Info->Icd->Info Value 1.  Automa*cally  fill-­‐in  missing  data:    Oncologists  treat  cancer  pa5ents    Pediatric  nurses  work  with  pediatric  physicians     2.  Mine  new  explana*ons:        “The  access  occurred  because     Dr.  Dave  is  an  oncologist,     oncologists  treat  cancer     and  Alice  has  cancer”  
High-­‐Level  Results        95%  of  accesses  in  one-­‐week  sample  filtered      with  high  precision      Ongoing  trials  at  major  hospitals  to  evaluate  effec<veness   See  VLDB  2011,  JAMIA  2012  publica<ons  
Practical  Example   ì  US  hospital  audited  accesses  for  1  pa<ent  over  a  few  weeks   ì  500+  accesses  normally  audited  manually   ì  EBAS  filtered  the  list  down  to  5  for  manual  review  
Integrated  Analytics   ì  Search  for  outliers,  then  drill  down  with  EBAS   Analyze  high  usage     employees  
Deployment     Many  hospitals  will  not  release  data  to  the  cloud…yet       Hospitals  download  VM  and  run  locally!    
Data  Extraction   How  to  get  data  into  the  audi<ng  system?         Repor<ng  System  (e.g.,  Epic’s  Clarity)   Text  File   All  within  the  hospital  
Investigation  Management  
Short  Video  Summary       Pufng  the  pieces  together!   hhps://www.youtube.com/watch?v=gDEcgVwIgSU    
Why  Use  EBAS?   busy  /  too  many  audits  /  too  much  manual  effort    need  for  automa5on  /  need  for  improved  HIPAA  procedures   worried  about  OCR  audits  /  want  more  proac5ve  tools   want  published  &  peer-­‐reviewed  technology     looking  for  a  different  approach  to  audi5ng     Email  us  for  faster  HIPAA  audits!   info@MaizeAnaly5cs.com   26  
Questions?  
Free  Demo  and  60  Day  Evaluation   www.compliancy-­‐group.com     855  85  HIPAA  (855.854.4722)   The Guard: One Simple, cost effective Compliance Tracking Solution that satisfies HIPAA, HITECH Risk Assessment, & Omnibus Compliance •  Guaranteed HIPAA Audit Protection •  Gap Identification & Remediation Plans •  Built in Training, Policies & Procedures •  Business Associate Agreements Included •  HIPAA Hotline Support •  Experienced HIPAA Coach Implementation

Recommended

Exploring the fda's refuse to accept policy
Exploring the fda's refuse to accept policyExploring the fda's refuse to accept policy
Exploring the fda's refuse to accept policy
OnlineCompliance Panel
 
Infographic: The State of Application Uptime in Database Environments
Infographic: The State of Application Uptime in Database EnvironmentsInfographic: The State of Application Uptime in Database Environments
Infographic: The State of Application Uptime in Database Environments
ScaleArc
 
Covid19 cleaning and disinfection external faq (version 3 24-20 final)
Covid19 cleaning and disinfection external faq (version 3 24-20 final)Covid19 cleaning and disinfection external faq (version 3 24-20 final)
Covid19 cleaning and disinfection external faq (version 3 24-20 final)
Herman Halim
 
Site Connect — The Next Big Step Toward a Collaborative Clinical Ecosystem
Site Connect — The Next Big Step Toward a Collaborative Clinical EcosystemSite Connect — The Next Big Step Toward a Collaborative Clinical Ecosystem
Site Connect — The Next Big Step Toward a Collaborative Clinical Ecosystem
Veeva Systems
 
Getting Right with The Joint Commission's Communication Goal
Getting Right with The Joint Commission's Communication GoalGetting Right with The Joint Commission's Communication Goal
Getting Right with The Joint Commission's Communication Goal
Spok
 
5 Ways to Be Vigilant for your Medical Devices from a Cybersecurity Perspective
5 Ways to Be Vigilant for your Medical Devices from a Cybersecurity Perspective5 Ways to Be Vigilant for your Medical Devices from a Cybersecurity Perspective
5 Ways to Be Vigilant for your Medical Devices from a Cybersecurity Perspective
EMMAIntl
 
Bio Summit
Bio SummitBio Summit
Bio Summit
mcalmann
 
Stop the Blame, Find the Cause
Stop the Blame, Find the CauseStop the Blame, Find the Cause
Stop the Blame, Find the Cause
Medgate Inc.
 

Recommended

Exploring the fda's refuse to accept policy
Exploring the fda's refuse to accept policyExploring the fda's refuse to accept policy
Exploring the fda's refuse to accept policy
OnlineCompliance Panel
 
Infographic: The State of Application Uptime in Database Environments
Infographic: The State of Application Uptime in Database EnvironmentsInfographic: The State of Application Uptime in Database Environments
Infographic: The State of Application Uptime in Database Environments
ScaleArc
 
Covid19 cleaning and disinfection external faq (version 3 24-20 final)
Covid19 cleaning and disinfection external faq (version 3 24-20 final)Covid19 cleaning and disinfection external faq (version 3 24-20 final)
Covid19 cleaning and disinfection external faq (version 3 24-20 final)
Herman Halim
 
Site Connect — The Next Big Step Toward a Collaborative Clinical Ecosystem
Site Connect — The Next Big Step Toward a Collaborative Clinical EcosystemSite Connect — The Next Big Step Toward a Collaborative Clinical Ecosystem
Site Connect — The Next Big Step Toward a Collaborative Clinical Ecosystem
Veeva Systems
 
Getting Right with The Joint Commission's Communication Goal
Getting Right with The Joint Commission's Communication GoalGetting Right with The Joint Commission's Communication Goal
Getting Right with The Joint Commission's Communication Goal
Spok
 
5 Ways to Be Vigilant for your Medical Devices from a Cybersecurity Perspective
5 Ways to Be Vigilant for your Medical Devices from a Cybersecurity Perspective5 Ways to Be Vigilant for your Medical Devices from a Cybersecurity Perspective
5 Ways to Be Vigilant for your Medical Devices from a Cybersecurity Perspective
EMMAIntl
 
Bio Summit
Bio SummitBio Summit
Bio Summit
mcalmann
 
Stop the Blame, Find the Cause
Stop the Blame, Find the CauseStop the Blame, Find the Cause
Stop the Blame, Find the Cause
Medgate Inc.
 
3 Frequent Mistakes in Healthcare Data Analytics
3 Frequent Mistakes in Healthcare Data Analytics3 Frequent Mistakes in Healthcare Data Analytics
3 Frequent Mistakes in Healthcare Data Analytics
Health Catalyst
 
Demystifying cloud system and validation practices for life sciences
Demystifying cloud system and validation practices for life sciencesDemystifying cloud system and validation practices for life sciences
Demystifying cloud system and validation practices for life sciences
Veeva Systems
 
ASCP Alfresco Summit 2014
ASCP Alfresco Summit 2014ASCP Alfresco Summit 2014
ASCP Alfresco Summit 2014
Ron Swan
 
HIPAA Workloads on AWS - Pop-up Loft Tel Aviv
HIPAA Workloads on AWS - Pop-up Loft Tel AvivHIPAA Workloads on AWS - Pop-up Loft Tel Aviv
HIPAA Workloads on AWS - Pop-up Loft Tel Aviv
Amazon Web Services
 
HEA Features &amp; Benifits
HEA Features &amp; BenifitsHEA Features &amp; Benifits
HEA Features &amp; Benifits
drmichael
 
Decisio Health Overview
Decisio Health OverviewDecisio Health Overview
Decisio Health Overview
Decisio Health
 
Healthcare Factoids to Power Your Thinking
Healthcare Factoids to Power Your ThinkingHealthcare Factoids to Power Your Thinking
Healthcare Factoids to Power Your Thinking
Health Catalyst
 
Data in÷teg÷ri÷ty: Time to Integrate Human Factors
Data in÷teg÷ri÷ty: Time to Integrate Human FactorsData in÷teg÷ri÷ty: Time to Integrate Human Factors
Data in÷teg÷ri÷ty: Time to Integrate Human Factors
Ajaz Hussain
 
Data Integrity Validation Keynote Address Boston August 2016
Data Integrity Validation Keynote Address Boston August 2016Data Integrity Validation Keynote Address Boston August 2016
Data Integrity Validation Keynote Address Boston August 2016
Ajaz Hussain
 
How to prepare for OCR's upcoming phase 2 audits
How to prepare for OCR's upcoming phase 2 auditsHow to prepare for OCR's upcoming phase 2 audits
How to prepare for OCR's upcoming phase 2 audits
Compliancy Group
 
Business Associate and HIPAA Comliance Infographic
Business Associate and HIPAA Comliance InfographicBusiness Associate and HIPAA Comliance Infographic
Business Associate and HIPAA Comliance Infographic
Compliancy Group
 
Just the Facts- Meaningful Use Stage 2 & ICD 10
Just the Facts- Meaningful Use Stage 2 & ICD 10Just the Facts- Meaningful Use Stage 2 & ICD 10
Just the Facts- Meaningful Use Stage 2 & ICD 10
Compliancy Group
 
What you need to know about Meaningful Use 2 & interoperability
What you need to know about Meaningful Use 2 & interoperabilityWhat you need to know about Meaningful Use 2 & interoperability
What you need to know about Meaningful Use 2 & interoperability
Compliancy Group
 
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
Compliancy Group
 
Why a Risk Assessment is NOT Enough for HIPAA Compliance
Why a Risk Assessment is NOT Enough for HIPAA ComplianceWhy a Risk Assessment is NOT Enough for HIPAA Compliance
Why a Risk Assessment is NOT Enough for HIPAA Compliance
Compliancy Group
 
HIPAA compliance tuneup 2016
HIPAA compliance tuneup 2016HIPAA compliance tuneup 2016
HIPAA compliance tuneup 2016
Compliancy Group
 
Xybion Webinar - Rumors, Risks and Realities of spreadsheet validation
Xybion Webinar - Rumors, Risks and Realities of spreadsheet validationXybion Webinar - Rumors, Risks and Realities of spreadsheet validation
Xybion Webinar - Rumors, Risks and Realities of spreadsheet validation
Xybion Corporation
 
Minimizing Risk in Pharmacovigilance
Minimizing Risk in PharmacovigilanceMinimizing Risk in Pharmacovigilance
Minimizing Risk in Pharmacovigilance
Neal Katz
 
The must have tools to address your HIPAA compliance challenge
The must have tools to address your HIPAA compliance challengeThe must have tools to address your HIPAA compliance challenge
The must have tools to address your HIPAA compliance challenge
Compliancy Group
 
National Association of Healthcare Access Management Presentation
National Association of Healthcare Access Management PresentationNational Association of Healthcare Access Management Presentation
National Association of Healthcare Access Management Presentation
mikemike09
 
Literature screening for pharmacovigilance 190818
Literature screening for pharmacovigilance 190818Literature screening for pharmacovigilance 190818
Literature screening for pharmacovigilance 190818
Marnix Wieffer
 
Making obamacare work with Big Data
Making obamacare work with Big DataMaking obamacare work with Big Data
Making obamacare work with Big Data
laurenstill
 

More Related Content

What's hot

3 Frequent Mistakes in Healthcare Data Analytics
3 Frequent Mistakes in Healthcare Data Analytics3 Frequent Mistakes in Healthcare Data Analytics
3 Frequent Mistakes in Healthcare Data Analytics
Health Catalyst
 
Demystifying cloud system and validation practices for life sciences
Demystifying cloud system and validation practices for life sciencesDemystifying cloud system and validation practices for life sciences
Demystifying cloud system and validation practices for life sciences
Veeva Systems
 
ASCP Alfresco Summit 2014
ASCP Alfresco Summit 2014ASCP Alfresco Summit 2014
ASCP Alfresco Summit 2014
Ron Swan
 
HIPAA Workloads on AWS - Pop-up Loft Tel Aviv
HIPAA Workloads on AWS - Pop-up Loft Tel AvivHIPAA Workloads on AWS - Pop-up Loft Tel Aviv
HIPAA Workloads on AWS - Pop-up Loft Tel Aviv
Amazon Web Services
 
HEA Features &amp; Benifits
HEA Features &amp; BenifitsHEA Features &amp; Benifits
HEA Features &amp; Benifits
drmichael
 
Decisio Health Overview
Decisio Health OverviewDecisio Health Overview
Decisio Health Overview
Decisio Health
 
Healthcare Factoids to Power Your Thinking
Healthcare Factoids to Power Your ThinkingHealthcare Factoids to Power Your Thinking
Healthcare Factoids to Power Your Thinking
Health Catalyst
 
Data in÷teg÷ri÷ty: Time to Integrate Human Factors
Data in÷teg÷ri÷ty: Time to Integrate Human FactorsData in÷teg÷ri÷ty: Time to Integrate Human Factors
Data in÷teg÷ri÷ty: Time to Integrate Human Factors
Ajaz Hussain
 
Data Integrity Validation Keynote Address Boston August 2016
Data Integrity Validation Keynote Address Boston August 2016Data Integrity Validation Keynote Address Boston August 2016
Data Integrity Validation Keynote Address Boston August 2016
Ajaz Hussain
 

What's hot (9)

3 Frequent Mistakes in Healthcare Data Analytics
3 Frequent Mistakes in Healthcare Data Analytics3 Frequent Mistakes in Healthcare Data Analytics
3 Frequent Mistakes in Healthcare Data Analytics
 
Demystifying cloud system and validation practices for life sciences
Demystifying cloud system and validation practices for life sciencesDemystifying cloud system and validation practices for life sciences
Demystifying cloud system and validation practices for life sciences
 
ASCP Alfresco Summit 2014
ASCP Alfresco Summit 2014ASCP Alfresco Summit 2014
ASCP Alfresco Summit 2014
 
HIPAA Workloads on AWS - Pop-up Loft Tel Aviv
HIPAA Workloads on AWS - Pop-up Loft Tel AvivHIPAA Workloads on AWS - Pop-up Loft Tel Aviv
HIPAA Workloads on AWS - Pop-up Loft Tel Aviv
 
HEA Features &amp; Benifits
HEA Features &amp; BenifitsHEA Features &amp; Benifits
HEA Features &amp; Benifits
 
Decisio Health Overview
Decisio Health OverviewDecisio Health Overview
Decisio Health Overview
 
Healthcare Factoids to Power Your Thinking
Healthcare Factoids to Power Your ThinkingHealthcare Factoids to Power Your Thinking
Healthcare Factoids to Power Your Thinking
 
Data in÷teg÷ri÷ty: Time to Integrate Human Factors
Data in÷teg÷ri÷ty: Time to Integrate Human FactorsData in÷teg÷ri÷ty: Time to Integrate Human Factors
Data in÷teg÷ri÷ty: Time to Integrate Human Factors
 
Data Integrity Validation Keynote Address Boston August 2016
Data Integrity Validation Keynote Address Boston August 2016Data Integrity Validation Keynote Address Boston August 2016
Data Integrity Validation Keynote Address Boston August 2016
 

Viewers also liked

How to prepare for OCR's upcoming phase 2 audits
How to prepare for OCR's upcoming phase 2 auditsHow to prepare for OCR's upcoming phase 2 audits
How to prepare for OCR's upcoming phase 2 audits
Compliancy Group
 
Business Associate and HIPAA Comliance Infographic
Business Associate and HIPAA Comliance InfographicBusiness Associate and HIPAA Comliance Infographic
Business Associate and HIPAA Comliance Infographic
Compliancy Group
 
Just the Facts- Meaningful Use Stage 2 & ICD 10
Just the Facts- Meaningful Use Stage 2 & ICD 10Just the Facts- Meaningful Use Stage 2 & ICD 10
Just the Facts- Meaningful Use Stage 2 & ICD 10
Compliancy Group
 
What you need to know about Meaningful Use 2 & interoperability
What you need to know about Meaningful Use 2 & interoperabilityWhat you need to know about Meaningful Use 2 & interoperability
What you need to know about Meaningful Use 2 & interoperability
Compliancy Group
 
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
Compliancy Group
 
Why a Risk Assessment is NOT Enough for HIPAA Compliance
Why a Risk Assessment is NOT Enough for HIPAA ComplianceWhy a Risk Assessment is NOT Enough for HIPAA Compliance
Why a Risk Assessment is NOT Enough for HIPAA Compliance
Compliancy Group
 
HIPAA compliance tuneup 2016
HIPAA compliance tuneup 2016HIPAA compliance tuneup 2016
HIPAA compliance tuneup 2016
Compliancy Group
 

Viewers also liked (7)

How to prepare for OCR's upcoming phase 2 audits
How to prepare for OCR's upcoming phase 2 auditsHow to prepare for OCR's upcoming phase 2 audits
How to prepare for OCR's upcoming phase 2 audits
 
Business Associate and HIPAA Comliance Infographic
Business Associate and HIPAA Comliance InfographicBusiness Associate and HIPAA Comliance Infographic
Business Associate and HIPAA Comliance Infographic
 
Just the Facts- Meaningful Use Stage 2 & ICD 10
Just the Facts- Meaningful Use Stage 2 & ICD 10Just the Facts- Meaningful Use Stage 2 & ICD 10
Just the Facts- Meaningful Use Stage 2 & ICD 10
 
What you need to know about Meaningful Use 2 & interoperability
What you need to know about Meaningful Use 2 & interoperabilityWhat you need to know about Meaningful Use 2 & interoperability
What you need to know about Meaningful Use 2 & interoperability
 
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
How to Effectively Negotiate a Business Associate Agreement: What’s Importan...
 
Why a Risk Assessment is NOT Enough for HIPAA Compliance
Why a Risk Assessment is NOT Enough for HIPAA ComplianceWhy a Risk Assessment is NOT Enough for HIPAA Compliance
Why a Risk Assessment is NOT Enough for HIPAA Compliance
 
HIPAA compliance tuneup 2016
HIPAA compliance tuneup 2016HIPAA compliance tuneup 2016
HIPAA compliance tuneup 2016
 

Similar to Is Your EHR Safe? New Technologies for Auditing

Xybion Webinar - Rumors, Risks and Realities of spreadsheet validation
Xybion Webinar - Rumors, Risks and Realities of spreadsheet validationXybion Webinar - Rumors, Risks and Realities of spreadsheet validation
Xybion Webinar - Rumors, Risks and Realities of spreadsheet validation
Xybion Corporation
 
Minimizing Risk in Pharmacovigilance
Minimizing Risk in PharmacovigilanceMinimizing Risk in Pharmacovigilance
Minimizing Risk in Pharmacovigilance
Neal Katz
 
The must have tools to address your HIPAA compliance challenge
The must have tools to address your HIPAA compliance challengeThe must have tools to address your HIPAA compliance challenge
The must have tools to address your HIPAA compliance challenge
Compliancy Group
 
National Association of Healthcare Access Management Presentation
National Association of Healthcare Access Management PresentationNational Association of Healthcare Access Management Presentation
National Association of Healthcare Access Management Presentation
mikemike09
 
Literature screening for pharmacovigilance 190818
Literature screening for pharmacovigilance 190818Literature screening for pharmacovigilance 190818
Literature screening for pharmacovigilance 190818
Marnix Wieffer
 
Making obamacare work with Big Data
Making obamacare work with Big DataMaking obamacare work with Big Data
Making obamacare work with Big Data
laurenstill
 
Building HIPAA Compliance in service delivery teams
Building HIPAA Compliance in service delivery teamsBuilding HIPAA Compliance in service delivery teams
Building HIPAA Compliance in service delivery teams
Gaurav Garg
 
Risk Management Process for Healthcare Organizations
Risk Management Process for Healthcare OrganizationsRisk Management Process for Healthcare Organizations
Risk Management Process for Healthcare Organizations
Calance
 
Healthcare Analytics Adoption Model
Healthcare Analytics Adoption ModelHealthcare Analytics Adoption Model
Healthcare Analytics Adoption Model
Health Catalyst
 
Data Integrity
Data IntegrityData Integrity
Data Integrity
DRASHTI PATEL
 
The solutions you wrote for meDr Palmer and his staff are ups.docx
The solutions you wrote for meDr Palmer and his staff are ups.docxThe solutions you wrote for meDr Palmer and his staff are ups.docx
The solutions you wrote for meDr Palmer and his staff are ups.docx
joshua2345678
 
CHIME LEAD Fourm Houston - "Creating an Effective Cyber Security Strategy: Ke...
CHIME LEAD Fourm Houston - "Creating an Effective Cyber Security Strategy: Ke...CHIME LEAD Fourm Houston - "Creating an Effective Cyber Security Strategy: Ke...
CHIME LEAD Fourm Houston - "Creating an Effective Cyber Security Strategy: Ke...
Health IT Conference – iHT2
 
AcceleTest HIPAA Whitepaper
AcceleTest HIPAA Whitepaper AcceleTest HIPAA Whitepaper
AcceleTest HIPAA Whitepaper
Meridian
 
LEAN: 5 Keys to Success
LEAN: 5 Keys to SuccessLEAN: 5 Keys to Success
LEAN: 5 Keys to Success
Association of periOperative Registered Nurses (AORN)
 
What is the best Healthcare Data Warehouse Model for Your Organization?
What is the best Healthcare Data Warehouse Model for Your Organization?What is the best Healthcare Data Warehouse Model for Your Organization?
What is the best Healthcare Data Warehouse Model for Your Organization?
Health Catalyst
 
Seattle Code Camp 2016- Role of Data Science in Healthcare
Seattle Code Camp 2016- Role of Data Science in HealthcareSeattle Code Camp 2016- Role of Data Science in Healthcare
Seattle Code Camp 2016- Role of Data Science in Healthcare
Ruba Qaqish
 
Seattle Code Camp 2016- Role of Data Science in HHealthcare
Seattle Code Camp 2016- Role of Data Science in HHealthcareSeattle Code Camp 2016- Role of Data Science in HHealthcare
Seattle Code Camp 2016- Role of Data Science in HHealthcare
Ruba Qaqish
 
2. Setting an Organizational Agenda
2. Setting an Organizational Agenda2. Setting an Organizational Agenda
2. Setting an Organizational Agenda
Michele Molden
 
Justifying your Occupational Health Clinic budget
Justifying your Occupational Health Clinic budgetJustifying your Occupational Health Clinic budget
Justifying your Occupational Health Clinic budget
Medgate Inc.
 
Freeing Up Investigators' Time to Engage with Patients
Freeing Up Investigators' Time to Engage with PatientsFreeing Up Investigators' Time to Engage with Patients
Freeing Up Investigators' Time to Engage with Patients
TransPerfect Trial Interactive
 

Similar to Is Your EHR Safe? New Technologies for Auditing (20)

Xybion Webinar - Rumors, Risks and Realities of spreadsheet validation
Xybion Webinar - Rumors, Risks and Realities of spreadsheet validationXybion Webinar - Rumors, Risks and Realities of spreadsheet validation
Xybion Webinar - Rumors, Risks and Realities of spreadsheet validation
 
Minimizing Risk in Pharmacovigilance
Minimizing Risk in PharmacovigilanceMinimizing Risk in Pharmacovigilance
Minimizing Risk in Pharmacovigilance
 
The must have tools to address your HIPAA compliance challenge
The must have tools to address your HIPAA compliance challengeThe must have tools to address your HIPAA compliance challenge
The must have tools to address your HIPAA compliance challenge
 
National Association of Healthcare Access Management Presentation
National Association of Healthcare Access Management PresentationNational Association of Healthcare Access Management Presentation
National Association of Healthcare Access Management Presentation
 
Literature screening for pharmacovigilance 190818
Literature screening for pharmacovigilance 190818Literature screening for pharmacovigilance 190818
Literature screening for pharmacovigilance 190818
 
Making obamacare work with Big Data
Making obamacare work with Big DataMaking obamacare work with Big Data
Making obamacare work with Big Data
 
Building HIPAA Compliance in service delivery teams
Building HIPAA Compliance in service delivery teamsBuilding HIPAA Compliance in service delivery teams
Building HIPAA Compliance in service delivery teams
 
Risk Management Process for Healthcare Organizations
Risk Management Process for Healthcare OrganizationsRisk Management Process for Healthcare Organizations
Risk Management Process for Healthcare Organizations
 
Healthcare Analytics Adoption Model
Healthcare Analytics Adoption ModelHealthcare Analytics Adoption Model
Healthcare Analytics Adoption Model
 
Data Integrity
Data IntegrityData Integrity
Data Integrity
 
The solutions you wrote for meDr Palmer and his staff are ups.docx
The solutions you wrote for meDr Palmer and his staff are ups.docxThe solutions you wrote for meDr Palmer and his staff are ups.docx
The solutions you wrote for meDr Palmer and his staff are ups.docx
 
CHIME LEAD Fourm Houston - "Creating an Effective Cyber Security Strategy: Ke...
CHIME LEAD Fourm Houston - "Creating an Effective Cyber Security Strategy: Ke...CHIME LEAD Fourm Houston - "Creating an Effective Cyber Security Strategy: Ke...
CHIME LEAD Fourm Houston - "Creating an Effective Cyber Security Strategy: Ke...
 
AcceleTest HIPAA Whitepaper
AcceleTest HIPAA Whitepaper AcceleTest HIPAA Whitepaper
AcceleTest HIPAA Whitepaper
 
LEAN: 5 Keys to Success
LEAN: 5 Keys to SuccessLEAN: 5 Keys to Success
LEAN: 5 Keys to Success
 
What is the best Healthcare Data Warehouse Model for Your Organization?
What is the best Healthcare Data Warehouse Model for Your Organization?What is the best Healthcare Data Warehouse Model for Your Organization?
What is the best Healthcare Data Warehouse Model for Your Organization?
 
Seattle Code Camp 2016- Role of Data Science in Healthcare
Seattle Code Camp 2016- Role of Data Science in HealthcareSeattle Code Camp 2016- Role of Data Science in Healthcare
Seattle Code Camp 2016- Role of Data Science in Healthcare
 
Seattle Code Camp 2016- Role of Data Science in HHealthcare
Seattle Code Camp 2016- Role of Data Science in HHealthcareSeattle Code Camp 2016- Role of Data Science in HHealthcare
Seattle Code Camp 2016- Role of Data Science in HHealthcare
 
2. Setting an Organizational Agenda
2. Setting an Organizational Agenda2. Setting an Organizational Agenda
2. Setting an Organizational Agenda
 
Justifying your Occupational Health Clinic budget
Justifying your Occupational Health Clinic budgetJustifying your Occupational Health Clinic budget
Justifying your Occupational Health Clinic budget
 
Freeing Up Investigators' Time to Engage with Patients
Freeing Up Investigators' Time to Engage with PatientsFreeing Up Investigators' Time to Engage with Patients
Freeing Up Investigators' Time to Engage with Patients
 

More from Compliancy Group

HIPAA compliance for Business Associates- The value of compliance, how to acq...
HIPAA compliance for Business Associates- The value of compliance, how to acq...HIPAA compliance for Business Associates- The value of compliance, how to acq...
HIPAA compliance for Business Associates- The value of compliance, how to acq...
Compliancy Group
 
How to safeguard ePHIi in the cloud
How to safeguard ePHIi in the cloud How to safeguard ePHIi in the cloud
How to safeguard ePHIi in the cloud
Compliancy Group
 
Business Associates: How to differentiate your organization using HIPAA compl...
Business Associates: How to differentiate your organization using HIPAA compl...Business Associates: How to differentiate your organization using HIPAA compl...
Business Associates: How to differentiate your organization using HIPAA compl...
Compliancy Group
 
Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Compliancy Group
 
HIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to knowHIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to know
Compliancy Group
 
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...
Compliancy Group
 
Preparing for the unexpected in your medical practice
Preparing for the unexpected in your medical practicePreparing for the unexpected in your medical practice
Preparing for the unexpected in your medical practice
Compliancy Group
 
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...
Compliancy Group
 
How to Survive a HIPAA Audit
How to Survive a HIPAA AuditHow to Survive a HIPAA Audit
How to Survive a HIPAA Audit
Compliancy Group
 
Meaningful Use vs HIPAA
Meaningful Use vs HIPAAMeaningful Use vs HIPAA
Meaningful Use vs HIPAA
Compliancy Group
 
How to Increase Your Profits Using Patient Payments on File, Recurring and On...
How to Increase Your Profits Using Patient Payments on File, Recurring and On...How to Increase Your Profits Using Patient Payments on File, Recurring and On...
How to Increase Your Profits Using Patient Payments on File, Recurring and On...
Compliancy Group
 
HIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINED
HIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINEDHIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINED
HIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINED
Compliancy Group
 
Surving a HIPAA Audit Infographic
Surving a HIPAA Audit InfographicSurving a HIPAA Audit Infographic
Surving a HIPAA Audit Infographic
Compliancy Group
 
Cyber & Privacy Risk Infographic
Cyber & Privacy Risk InfographicCyber & Privacy Risk Infographic
Cyber & Privacy Risk Infographic
Compliancy Group
 
Surviving a HIPAA Audit: Five Crucial Steps
Surviving a HIPAA Audit: Five Crucial Steps Surviving a HIPAA Audit: Five Crucial Steps
Surviving a HIPAA Audit: Five Crucial Steps
Compliancy Group
 
Where security and privacy meet partnering tips for CSOs and privacy/complian...
Where security and privacy meet partnering tips for CSOs and privacy/complian...Where security and privacy meet partnering tips for CSOs and privacy/complian...
Where security and privacy meet partnering tips for CSOs and privacy/complian...
Compliancy Group
 
HIPAA Breach: Did You Know?
HIPAA Breach: Did You Know?HIPAA Breach: Did You Know?
HIPAA Breach: Did You Know?
Compliancy Group
 
Maintaining HIPAA Compliance with Cloud Based Solutions
Maintaining HIPAA Compliance with Cloud Based SolutionsMaintaining HIPAA Compliance with Cloud Based Solutions
Maintaining HIPAA Compliance with Cloud Based Solutions
Compliancy Group
 
The Most Wonderful Time of the Year for Health-IT...NOT
The Most Wonderful Time of the Year for Health-IT...NOTThe Most Wonderful Time of the Year for Health-IT...NOT
The Most Wonderful Time of the Year for Health-IT...NOT
Compliancy Group
 
HIPAA Breach Infographic
HIPAA Breach InfographicHIPAA Breach Infographic
HIPAA Breach Infographic
Compliancy Group
 

More from Compliancy Group (20)

HIPAA compliance for Business Associates- The value of compliance, how to acq...
HIPAA compliance for Business Associates- The value of compliance, how to acq...HIPAA compliance for Business Associates- The value of compliance, how to acq...
HIPAA compliance for Business Associates- The value of compliance, how to acq...
 
How to safeguard ePHIi in the cloud
How to safeguard ePHIi in the cloud How to safeguard ePHIi in the cloud
How to safeguard ePHIi in the cloud
 
Business Associates: How to differentiate your organization using HIPAA compl...
Business Associates: How to differentiate your organization using HIPAA compl...Business Associates: How to differentiate your organization using HIPAA compl...
Business Associates: How to differentiate your organization using HIPAA compl...
 
Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...Business Associates: How to become HIPAA compliant, increase revenue, and gai...
Business Associates: How to become HIPAA compliant, increase revenue, and gai...
 
HIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to knowHIPAA 101- What all Doctors NEED to know
HIPAA 101- What all Doctors NEED to know
 
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...
HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Pra...
 
Preparing for the unexpected in your medical practice
Preparing for the unexpected in your medical practicePreparing for the unexpected in your medical practice
Preparing for the unexpected in your medical practice
 
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...
HIPAA Compliance and Electronic Protected Health Information: Ignorance is no...
 
How to Survive a HIPAA Audit
How to Survive a HIPAA AuditHow to Survive a HIPAA Audit
How to Survive a HIPAA Audit
 
Meaningful Use vs HIPAA
Meaningful Use vs HIPAAMeaningful Use vs HIPAA
Meaningful Use vs HIPAA
 
How to Increase Your Profits Using Patient Payments on File, Recurring and On...
How to Increase Your Profits Using Patient Payments on File, Recurring and On...How to Increase Your Profits Using Patient Payments on File, Recurring and On...
How to Increase Your Profits Using Patient Payments on File, Recurring and On...
 
HIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINED
HIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINEDHIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINED
HIPAA MYTHS: HOW MUCH DO YOU KNOW? COMMON MYTHS DEBUNKED & EXPLAINED
 
Surving a HIPAA Audit Infographic
Surving a HIPAA Audit InfographicSurving a HIPAA Audit Infographic
Surving a HIPAA Audit Infographic
 
Cyber & Privacy Risk Infographic
Cyber & Privacy Risk InfographicCyber & Privacy Risk Infographic
Cyber & Privacy Risk Infographic
 
Surviving a HIPAA Audit: Five Crucial Steps
Surviving a HIPAA Audit: Five Crucial Steps Surviving a HIPAA Audit: Five Crucial Steps
Surviving a HIPAA Audit: Five Crucial Steps
 
Where security and privacy meet partnering tips for CSOs and privacy/complian...
Where security and privacy meet partnering tips for CSOs and privacy/complian...Where security and privacy meet partnering tips for CSOs and privacy/complian...
Where security and privacy meet partnering tips for CSOs and privacy/complian...
 
HIPAA Breach: Did You Know?
HIPAA Breach: Did You Know?HIPAA Breach: Did You Know?
HIPAA Breach: Did You Know?
 
Maintaining HIPAA Compliance with Cloud Based Solutions
Maintaining HIPAA Compliance with Cloud Based SolutionsMaintaining HIPAA Compliance with Cloud Based Solutions
Maintaining HIPAA Compliance with Cloud Based Solutions
 
The Most Wonderful Time of the Year for Health-IT...NOT
The Most Wonderful Time of the Year for Health-IT...NOTThe Most Wonderful Time of the Year for Health-IT...NOT
The Most Wonderful Time of the Year for Health-IT...NOT
 
HIPAA Breach Infographic
HIPAA Breach InfographicHIPAA Breach Infographic
HIPAA Breach Infographic
 

Recently uploaded

Complementary feeding in infant IAP PROTOCOLS
Complementary feeding in infant IAP PROTOCOLSComplementary feeding in infant IAP PROTOCOLS
Complementary feeding in infant IAP PROTOCOLS
chiranthgowda16
 
Vestibulocochlear Nerve by Dr. Rabia Inam Gandapore.pptx
Vestibulocochlear Nerve by Dr. Rabia Inam Gandapore.pptxVestibulocochlear Nerve by Dr. Rabia Inam Gandapore.pptx
Vestibulocochlear Nerve by Dr. Rabia Inam Gandapore.pptx
Dr. Rabia Inam Gandapore
 
Adhd Medication Shortage Uk - trinexpharmacy.com
Adhd Medication Shortage Uk - trinexpharmacy.comAdhd Medication Shortage Uk - trinexpharmacy.com
Adhd Medication Shortage Uk - trinexpharmacy.com
reignlana06
 
Promoting Wellbeing - Applied Social Psychology - Psychology SuperNotes
Promoting Wellbeing - Applied Social Psychology - Psychology SuperNotesPromoting Wellbeing - Applied Social Psychology - Psychology SuperNotes
Promoting Wellbeing - Applied Social Psychology - Psychology SuperNotes
PsychoTech Services
 
8 Surprising Reasons To Meditate 40 Minutes A Day That Can Change Your Life.pptx
8 Surprising Reasons To Meditate 40 Minutes A Day That Can Change Your Life.pptx8 Surprising Reasons To Meditate 40 Minutes A Day That Can Change Your Life.pptx
8 Surprising Reasons To Meditate 40 Minutes A Day That Can Change Your Life.pptx
Holistified Wellness
 
Role of Mukta Pishti in the Management of Hyperthyroidism
Role of Mukta Pishti in the Management of HyperthyroidismRole of Mukta Pishti in the Management of Hyperthyroidism
Role of Mukta Pishti in the Management of Hyperthyroidism
Dr. Jyothirmai Paindla
 
OCT Training Course for clinical practice Part 1
OCT Training Course for clinical practice Part 1OCT Training Course for clinical practice Part 1
OCT Training Course for clinical practice Part 1
KafrELShiekh University
 
Efficacy of Avartana Sneha in Ayurveda
Efficacy of Avartana Sneha in AyurvedaEfficacy of Avartana Sneha in Ayurveda
Efficacy of Avartana Sneha in Ayurveda
Dr. Jyothirmai Paindla
 
Aortic Association CBL Pilot April 19 – 20 Bern
Aortic Association CBL Pilot April 19 – 20 BernAortic Association CBL Pilot April 19 – 20 Bern
Aortic Association CBL Pilot April 19 – 20 Bern
suvadeepdas911
 
CHEMOTHERAPY_RDP_CHAPTER 2 _LEPROSY.pdf1
CHEMOTHERAPY_RDP_CHAPTER 2 _LEPROSY.pdf1CHEMOTHERAPY_RDP_CHAPTER 2 _LEPROSY.pdf1
CHEMOTHERAPY_RDP_CHAPTER 2 _LEPROSY.pdf1
rishi2789
 
THERAPEUTIC ANTISENSE MOLECULES .pptx
THERAPEUTIC ANTISENSE MOLECULES .pptxTHERAPEUTIC ANTISENSE MOLECULES .pptx
THERAPEUTIC ANTISENSE MOLECULES .pptx
70KRISHPATEL
 
Clinic ^%[+27633867063*Abortion Pills For Sale In Tembisa Central
Clinic ^%[+27633867063*Abortion Pills For Sale In Tembisa CentralClinic ^%[+27633867063*Abortion Pills For Sale In Tembisa Central
Clinic ^%[+27633867063*Abortion Pills For Sale In Tembisa Central
19various
 
Abortion PG Seminar Power point presentation
Abortion PG Seminar Power point presentationAbortion PG Seminar Power point presentation
Abortion PG Seminar Power point presentation
AksshayaRajanbabu
 
Ketone bodies and metabolism-biochemistry
Ketone bodies and metabolism-biochemistryKetone bodies and metabolism-biochemistry
Ketone bodies and metabolism-biochemistry
Dhayanithi C
 
share - Lions, tigers, AI and health misinformation, oh my!.pptx
share - Lions, tigers, AI and health misinformation, oh my!.pptxshare - Lions, tigers, AI and health misinformation, oh my!.pptx
share - Lions, tigers, AI and health misinformation, oh my!.pptx
Tina Purnat
 
Muscles of Mastication by Dr. Rabia Inam Gandapore.pptx
Muscles of Mastication by Dr. Rabia Inam Gandapore.pptxMuscles of Mastication by Dr. Rabia Inam Gandapore.pptx
Muscles of Mastication by Dr. Rabia Inam Gandapore.pptx
Dr. Rabia Inam Gandapore
 
CHEMOTHERAPY_RDP_CHAPTER 3_ANTIFUNGAL AGENT.pdf
CHEMOTHERAPY_RDP_CHAPTER 3_ANTIFUNGAL AGENT.pdfCHEMOTHERAPY_RDP_CHAPTER 3_ANTIFUNGAL AGENT.pdf
CHEMOTHERAPY_RDP_CHAPTER 3_ANTIFUNGAL AGENT.pdf
rishi2789
 
CBL Seminar 2024_Preliminary Program.pdf
CBL Seminar 2024_Preliminary Program.pdfCBL Seminar 2024_Preliminary Program.pdf
CBL Seminar 2024_Preliminary Program.pdf
suvadeepdas911
 
Journal Article Review on Rasamanikya
Journal Article Review on RasamanikyaJournal Article Review on Rasamanikya
Journal Article Review on Rasamanikya
Dr. Jyothirmai Paindla
 
CHEMOTHERAPY_RDP_CHAPTER 1_ANTI TB DRUGS.pdf
CHEMOTHERAPY_RDP_CHAPTER 1_ANTI TB DRUGS.pdfCHEMOTHERAPY_RDP_CHAPTER 1_ANTI TB DRUGS.pdf
CHEMOTHERAPY_RDP_CHAPTER 1_ANTI TB DRUGS.pdf
rishi2789
 

Recently uploaded (20)

Complementary feeding in infant IAP PROTOCOLS
Complementary feeding in infant IAP PROTOCOLSComplementary feeding in infant IAP PROTOCOLS
Complementary feeding in infant IAP PROTOCOLS
 
Vestibulocochlear Nerve by Dr. Rabia Inam Gandapore.pptx
Vestibulocochlear Nerve by Dr. Rabia Inam Gandapore.pptxVestibulocochlear Nerve by Dr. Rabia Inam Gandapore.pptx
Vestibulocochlear Nerve by Dr. Rabia Inam Gandapore.pptx
 
Adhd Medication Shortage Uk - trinexpharmacy.com
Adhd Medication Shortage Uk - trinexpharmacy.comAdhd Medication Shortage Uk - trinexpharmacy.com
Adhd Medication Shortage Uk - trinexpharmacy.com
 
Promoting Wellbeing - Applied Social Psychology - Psychology SuperNotes
Promoting Wellbeing - Applied Social Psychology - Psychology SuperNotesPromoting Wellbeing - Applied Social Psychology - Psychology SuperNotes
Promoting Wellbeing - Applied Social Psychology - Psychology SuperNotes
 
8 Surprising Reasons To Meditate 40 Minutes A Day That Can Change Your Life.pptx
8 Surprising Reasons To Meditate 40 Minutes A Day That Can Change Your Life.pptx8 Surprising Reasons To Meditate 40 Minutes A Day That Can Change Your Life.pptx
8 Surprising Reasons To Meditate 40 Minutes A Day That Can Change Your Life.pptx
 
Role of Mukta Pishti in the Management of Hyperthyroidism
Role of Mukta Pishti in the Management of HyperthyroidismRole of Mukta Pishti in the Management of Hyperthyroidism
Role of Mukta Pishti in the Management of Hyperthyroidism
 
OCT Training Course for clinical practice Part 1
OCT Training Course for clinical practice Part 1OCT Training Course for clinical practice Part 1
OCT Training Course for clinical practice Part 1
 
Efficacy of Avartana Sneha in Ayurveda
Efficacy of Avartana Sneha in AyurvedaEfficacy of Avartana Sneha in Ayurveda
Efficacy of Avartana Sneha in Ayurveda
 
Aortic Association CBL Pilot April 19 – 20 Bern
Aortic Association CBL Pilot April 19 – 20 BernAortic Association CBL Pilot April 19 – 20 Bern
Aortic Association CBL Pilot April 19 – 20 Bern
 
CHEMOTHERAPY_RDP_CHAPTER 2 _LEPROSY.pdf1
CHEMOTHERAPY_RDP_CHAPTER 2 _LEPROSY.pdf1CHEMOTHERAPY_RDP_CHAPTER 2 _LEPROSY.pdf1
CHEMOTHERAPY_RDP_CHAPTER 2 _LEPROSY.pdf1
 
THERAPEUTIC ANTISENSE MOLECULES .pptx
THERAPEUTIC ANTISENSE MOLECULES .pptxTHERAPEUTIC ANTISENSE MOLECULES .pptx
THERAPEUTIC ANTISENSE MOLECULES .pptx
 
Clinic ^%[+27633867063*Abortion Pills For Sale In Tembisa Central
Clinic ^%[+27633867063*Abortion Pills For Sale In Tembisa CentralClinic ^%[+27633867063*Abortion Pills For Sale In Tembisa Central
Clinic ^%[+27633867063*Abortion Pills For Sale In Tembisa Central
 
Abortion PG Seminar Power point presentation
Abortion PG Seminar Power point presentationAbortion PG Seminar Power point presentation
Abortion PG Seminar Power point presentation
 
Ketone bodies and metabolism-biochemistry
Ketone bodies and metabolism-biochemistryKetone bodies and metabolism-biochemistry
Ketone bodies and metabolism-biochemistry
 
share - Lions, tigers, AI and health misinformation, oh my!.pptx
share - Lions, tigers, AI and health misinformation, oh my!.pptxshare - Lions, tigers, AI and health misinformation, oh my!.pptx
share - Lions, tigers, AI and health misinformation, oh my!.pptx
 
Muscles of Mastication by Dr. Rabia Inam Gandapore.pptx
Muscles of Mastication by Dr. Rabia Inam Gandapore.pptxMuscles of Mastication by Dr. Rabia Inam Gandapore.pptx
Muscles of Mastication by Dr. Rabia Inam Gandapore.pptx
 
CHEMOTHERAPY_RDP_CHAPTER 3_ANTIFUNGAL AGENT.pdf
CHEMOTHERAPY_RDP_CHAPTER 3_ANTIFUNGAL AGENT.pdfCHEMOTHERAPY_RDP_CHAPTER 3_ANTIFUNGAL AGENT.pdf
CHEMOTHERAPY_RDP_CHAPTER 3_ANTIFUNGAL AGENT.pdf
 
CBL Seminar 2024_Preliminary Program.pdf
CBL Seminar 2024_Preliminary Program.pdfCBL Seminar 2024_Preliminary Program.pdf
CBL Seminar 2024_Preliminary Program.pdf
 
Journal Article Review on Rasamanikya
Journal Article Review on RasamanikyaJournal Article Review on Rasamanikya
Journal Article Review on Rasamanikya
 
CHEMOTHERAPY_RDP_CHAPTER 1_ANTI TB DRUGS.pdf
CHEMOTHERAPY_RDP_CHAPTER 1_ANTI TB DRUGS.pdfCHEMOTHERAPY_RDP_CHAPTER 1_ANTI TB DRUGS.pdf
CHEMOTHERAPY_RDP_CHAPTER 1_ANTI TB DRUGS.pdf
 

Is Your EHR Safe? New Technologies for Auditing

  • 1. 855.85HIPAA   www.compliancygroup.com   Industry leading Education Certified Partner Program •  Please ask questions •  For todays Slides http://compliancy-group.com/ slides023/ •  Todays & Past webinars go to: http://compliancy-group.com/ webinar/ Get Involved. #cgwebinar
  • 2. ì   Daniel  Fabbri   Founder  &  CEO  of  Maize  Analy5cs   Assistant  Professor  at  Vanderbilt  University  
  • 4. Problem:  Insecure  Data   1.  Open  access  environment   2.  Millions  of  accesses  per  week   3.  Pa<ent  care  is  dynamic  
  • 5. Regulations     HIPAA,  HITECH,  and  Affordable  Care  Act   •  Minimal  requirements  to  access  PHI   •  Security  monitoring  requirements   •  Penal<es  and  fines  for  breaches  
  • 6. Paper-­‐Bag  Security   “Nancy,  I’m  not  sure  that’s  what  HIPAA  had  in  mind.”    
  • 7. Basic  Security  Mechanisms                  Fine-­‐grained  access  controls              Permission  escala<on            “Are  you  sure  you  want  to  con<nue?”  WARNING  
  • 8. Current  Approaches                    Compliance  officers  manually  review  complaints          Flag  “suspicious”  types  of  accesses    (i)  Same  last  name,  (ii)  co-­‐workers,  (iii)  neighbors    
  • 9. Audit  Limitations   ì  Most  accesses  audited  are  appropriate   ì  Inves<ga<ons  can  take  days  or  weeks  to  complete   ì  Poten<al  alert  avalanches  (turn  system  off)  
  • 10. Objective       Provide  compliance  officers  the  ability  to     quickly  and  accurately     find  inappropriate  access  from  audit  logs.    
  • 11. Observation   Most  appropriate  accesses  occur  for  valid  clinical  or  opera5onal  reasons.        “Authorized    access    is     limited    to    those    with    the       need    to    know    for    purposes     of    pa5ent    care,    billing,     medical    record    review    and     quality      assurance.”   University  of  Michigan  Health  System  Screen  Saver  
  • 12. Explanation-­‐Based  Auditing  System  (EBAS)   !""#$%&'()*+",%-%.$-/0%123)!435.-6) 7235&%,) 82&$#3)90) :42#;):) :<) :=) !435>)?$6) @%,53)82%1$-) A$#)!&&211B) !""#$"#5%>2) C41"5&5$41) 7235&%,) 82&$#3) <D) E) Filter  accesses  so  there  are  fewer  for  manual  review.   i  
  • 13. Filter  Based  On  Data  Stored  In  The  EMR  
  • 14. What  is  an  Explanation?   nation Graph Evidence->Audit Log->Employee ID Evidence->Audit Log->Patient ID Evidence->Appointment->Patient ID Evidence->Appointment->Employee ID Connec<on  between  the  pa*ent  and  employee  accessing  the  pa<ent’s  record  
  • 15. Explanation  Recommendations     Find  frequently  occurring  explana*ons    Graph  search  problem   Recommend  explana*ons  to  compliance  officers    Approve  correct  explana<ons    Use  to  filter  future  appropriate  accesses  
  • 16. Limitations     Basic  explana<ons  are  effec<ve  for  doctors,  not  suppor<ng  staff  (e.g.,  nurses,  pharmacists,  central  staffing,  etc.)         Appointments  are  made  with  doctors,  not  nurses.     This  lack  of  data  causes  missed  explana5ons  
  • 17. Enhance  Explanations   1.  Automa*cally  fill-­‐in  missing  data:    Oncologists  treat  cancer  pa5ents    Pediatric  nurses  work  with  pediatric  physicians           Pediatric  nurse   Pediatric  physician   Hospital  Employees  
  • 18. Enhance  Explanations   Explanation-Based Auditing False 0.500 Medication + Department View False 0.167 Icd + Department To Icd + Department View Evidence->Audit Log->Employee ID Evidence->Audit Log->Patient ID Employee Info->Department->Info Value Employee Info->Department->Employee ID Department to ICD->Department To Department to ICD->Department To Icd->depart Patient Info->Icd->Patient ID Patient Info->Icd->Info Value 1.  Automa*cally  fill-­‐in  missing  data:    Oncologists  treat  cancer  pa5ents    Pediatric  nurses  work  with  pediatric  physicians     2.  Mine  new  explana*ons:        “The  access  occurred  because     Dr.  Dave  is  an  oncologist,     oncologists  treat  cancer     and  Alice  has  cancer”  
  • 19. High-­‐Level  Results        95%  of  accesses  in  one-­‐week  sample  filtered      with  high  precision      Ongoing  trials  at  major  hospitals  to  evaluate  effec<veness   See  VLDB  2011,  JAMIA  2012  publica<ons  
  • 20. Practical  Example   ì  US  hospital  audited  accesses  for  1  pa<ent  over  a  few  weeks   ì  500+  accesses  normally  audited  manually   ì  EBAS  filtered  the  list  down  to  5  for  manual  review  
  • 21. Integrated  Analytics   ì  Search  for  outliers,  then  drill  down  with  EBAS   Analyze  high  usage     employees  
  • 22. Deployment     Many  hospitals  will  not  release  data  to  the  cloud…yet       Hospitals  download  VM  and  run  locally!    
  • 23. Data  Extraction   How  to  get  data  into  the  audi<ng  system?         Repor<ng  System  (e.g.,  Epic’s  Clarity)   Text  File   All  within  the  hospital  
  • 25. Short  Video  Summary       Pufng  the  pieces  together!   hhps://www.youtube.com/watch?v=gDEcgVwIgSU    
  • 26. Why  Use  EBAS?   busy  /  too  many  audits  /  too  much  manual  effort    need  for  automa5on  /  need  for  improved  HIPAA  procedures   worried  about  OCR  audits  /  want  more  proac5ve  tools   want  published  &  peer-­‐reviewed  technology     looking  for  a  different  approach  to  audi5ng     Email  us  for  faster  HIPAA  audits!   info@MaizeAnaly5cs.com   26  
  • 28. Free  Demo  and  60  Day  Evaluation   www.compliancy-­‐group.com     855  85  HIPAA  (855.854.4722)   The Guard: One Simple, cost effective Compliance Tracking Solution that satisfies HIPAA, HITECH Risk Assessment, & Omnibus Compliance •  Guaranteed HIPAA Audit Protection •  Gap Identification & Remediation Plans •  Built in Training, Policies & Procedures •  Business Associate Agreements Included •  HIPAA Hotline Support •  Experienced HIPAA Coach Implementation