Looking to dramatically simplify its auditing process to keep up with regulatory requirements, Halifax Regional was able to automate its audit reports with FairWarning.

The challenge

Halifax Regional had a manual audit reporting process and knew they could not keep up with requirements using the current manual auditing process.

As an early adopter of EHRs, Halifax Regional was always aware of the need to address privacy and security concerns. With McKesson as their primary EHR vendor, they had been using McKesson STAR Audit for reporting on activity within their clinical systems for 17 years.

With increasing regulations and standards for privacy and security, Halifax Regional knew they could not keep up with requirements using the current manual auditing process. Long before ARRA HITECH, the privacy office at Halifax Regional was seeking a tool to provide: Proactive privacy monitoring to detect breaches independent of receiving a complaint, Effective random auditing capabilities, Advanced analysis and reporting off of audit log data, and Automation of compliance auditing for HIPAA.

Prior to FairWarning, we didn’t trust the audit log data. It was like stabbing in the dark, hoping you hit what you were looking for.

Using McKesson Services, we were able to implement a new audit source in less than one day. I was very impressed.

With FairWarning, I feel comfortable that I can keep an eye on employee access.

The result? Once FairWarning was up and running, education and communication was conducted across the organization, that access to EHRs was being monitored. This lead to a dramatic decrease in incidences throughout the organization. In addition, when the Chief Privacy Officer receives a request for a report of all access to a particular patient’s record, she has the report in hand and emailed to the requesting manager within 15 minutes. Prior to FairWarning, this would have taken 2 to 3 days or longer, and possibly up to 4 weeks if a report required vendor assistance.

The Results

  • Proactive privacy monitoring to detect breaches independent of receiving a compliant
  • Effective random auditing capabilities
  • Advanced analysis and reporting off of audit log data
  • Automation of compliance auditing for HIPAA
Download Full Story

Related Success Stories

  • Memorial Healthcare
    Learn More
    Managed Privacy Services
    Memorial Healthcare’s Privacy And Security Comeback: From Reported Breach To Patient Privacy Excellence
  • Nemours and Kaweah Delta
    Learn More
    Patient Privacy Intelligence
    How Leading Security and Privacy Executives Maximize their Time to Secure Patient Data
  • Northeastern Academic Health System
    Learn More
    Patient Privacy Intelligence | Managed Privacy
    Academic Health System invests in a proactive privacy monitoring program to help meet compliance