Business Intelligence
Solution Set
|
|
|
Product Overview
Global Works Enterprise Security View (ESV) enables effective analysis of user access rights and use of patient data. ESV is a component of Global Works Data Exchange and leverages its existing ETL framework to consolidate data from the practice management system and other enterprise applications into a single data model for reporting. ESV offers a single application for IT to manage users and the security office to monitor suspect behavior.
Patient health information is being consolidated and made available online now more than ever. Along with improvements in operations and patient safety, increased availability also invites risk.
Business Drivers
In order to assure HIPAA compliance, medical organizations must effectively manage and monitor access to patient information across multiple applications and departments.
The three key concerns for each system are identifying what PHI is being accessed, which users are accessing it and the roles and privileges of these users.
The challenge lies in the intersection of patients and users across the enterprise.
While all platforms allow for management of user access and provide a degree of date/time stamping for access to information, these disparate systems do not offer a standard method in which to view permissions and user exercise of those permissions.
ESV facilitates extraction and load of data from leading practice management and EMR systems and transformation of this data into a standard dataset for proactive analysis of user privileges.
|
Software Functionality
The strength of ESV lies in its data model. The base data from each system is unified into two simplified data structures representing user access of PHI and user rights in the enterprise:
User Events - These are records of user activity and access to patient information across systems. User Events capture what patient information has been viewed or modified, as well as log-in and log-out activity. From this data, security managers can produce reports detailing what individual users saw or did and filter by patient to show who accessed individual information. This analysis is essential for HIPAA privacy compliance.
User Configuration - These are records of user access rights and permissions across various systems. Reports and views of this data let IT manage user roles and rights as a part of their HIPAA security compliance plan.
For clients using Data Exchange, the components of the ESV module deliver a dataset based on their existing practice management system data that is designed for HIPAA compliance. Adapters allow data from other enterprise systems to be included in the ESV database.
|
