St. Dominic’s Reduces Privacy Incidents With Patient Privacy Intelligence and Training

March 5, 2019

At risk for compliance violations and potential breaches, St. Dominic added FairWarning to its technology stack.

The Challenge

Exhausting effort was spent due to no feasible way to parse out specific audit information from any system and there was no consistency in any reporting. The conclusion was that the random sampling method was ineffective for detecting inappropriate access.

When HIPAA Privacy/Security Officer Dena Boggan joined St. Dominic Jackson Memorial Hospital in June 2006, she found a less than optimal environment to effectively maintain HIPAA compliance and security operations. St. Dominic faced many challenges common to a health organization:

  • Some systems had no audit logs while others had no way to parse out specific information
  • Its existing audit tool, Cerner P2Sentinel, had no flexibility to customize for other systems or for the environment
  • The number of random audits did not correspond to number of hospital admissions from a due diligence perspective
  • Audits were time-consuming and ineffective – so much so that full investigations were only launched when a complaint was logged by
    patients or employees

The automation, ease, and facts coming out of the FairWarning solution have resulted in program alignment across St. Dominic’s organization.

During the first few months following deployment of FairWarning, inappropriate EHR access was detected at a very high rate, reducing the number of privacy incidents. St. Dominic then implemented training and enforcement policies that reduced inappropriate access by ten-fold.

The Results

  • Reduced privacy audit review time 10X 
  • Reduced reviews from five days per week to one to two days per week
  • Re-focused personnel on training, education, research, and programs to drive compliance, privacy, and security across the organization
  • Increased visibility of internal privacy incidents 5X
Previous Document
Health First Improves Patient Privacy Monitoring Program to Help Meet Compliance Goals
Health First Improves Patient Privacy Monitoring Program to Help Meet Compliance Goals

At any given time, Health First’s proactive auditing activities required between six and eight full-time em...

Next Document
Health Quest Prevents Internal Privacy Breaches With the Latest Data Protection Technologies
Health Quest Prevents Internal Privacy Breaches With the Latest Data Protection Technologies

Health Quest previously had multiple data protection technologies in place to prevent external threats. How...