With an increasing number of applications accessing patient information, UPMC implements an integrated solution for identity management.
One of the key business challenges was conducting investigations, as well as, a centralized source for application audit logs
UPMC has been at the forefront of innovative approaches in protecting patient privacy. Core to UPMC’s strategy is their Identity Management System in correlation with FairWarning® Patient Privacy Monitoring. UPMC combined these solutions to develop a system-wide privacy compliance program, including monitoring, training and sanctions.
One of the key business challenges was conducting investigations. During each investigation, the facility Privacy Officers (more than 20 across the health system) needed access log information for each application thought to be involved. Investigations required extensive time from the technical support staff to run access log reports on a system-by-system basis.
The result? Positive impacts of UPMC’s solution include improved dissemination of information and a reduction in incidents. They can aggregate logs and alerts into one bucket with a single reviewer who has the ability to look at all of the logs and alerts across an organization, or send logs and alerts to a user’s manager, so that the manager or Privacy Officer can perform a more focused investigation and/or reviews as necessary.
- Improved dissemination of information
- Reduction in incidents
- Ability to review aggregate information from one single place