Nova Scotia Health Authority Enhances User Access Auditing Program to Automate Tasks & Monitor Activity

March 5, 2019

When manually auditing user access proved to be inefficient, Nova Scotia Health Authority invested in a solution to enhance its investigation process.

The Challenge

Before the deployment of FairWarning, District Health Authorities (DHAs) were conducting patient privacy investigations in response to complaints using a mixture of paper and highly manual electronic methods. In addition, a limited number of systems had searchable audit logs.

Established in 2006, Health Information Technology Services – Nova Scotia (HITS-NS) is charged with managing a secure, centrally hosted provincial health IT network and select provincial healthcare applications.

Before the deployment of FairWarning, District Health Authorities (DHAs) were conducting patient privacy investigations in response to complaints using a mixture of paper and highly manual electronic methods.

The result? HITS-NS and DHAs took full advantage of advanced analytics capabilities within FairWarning. They learned that performing auditing and monitoring using only the application audit logs allows for relatively basic searches such as family member snooping and random audits. They found that monitoring could be greatly improved with the addition of advanced user access data such as information from human resources systems. With this advanced user access data, several customizable analytics such as co-worker snooping and supervisor snooping are now being conducted.

The Results

  • Added ability to search and provide reporting on multiple EHRs simultaneously
  • Detected potential privacy incidents with out-of-the-box reports
  • Fulfilled patient requests by generating a record of all accesses to a given patient across multiple systems
  • Created a customer community that shares challenges, solutions, and ideas for the protection of patient privacy
Previous Document
Health Quest Prevents Internal Privacy Breaches With the Latest Data Protection Technologies
Health Quest Prevents Internal Privacy Breaches With the Latest Data Protection Technologies

Health Quest previously had multiple data protection technologies in place to prevent external threats. How...

Next Document
UPMC Creates an Optimal Privacy Program by Unifying Identity Management and FairWarning
UPMC Creates an Optimal Privacy Program by Unifying Identity Management and FairWarning

One of UPMC's core business challenges involved investigations, which required technical support staff to s...