Patient Privacy Monitoring for Detroit Medical Center2017-02-01T17:46:01+00:00

Deployment of Patient Privacy Monitoring at Detroit Medical Center

With increasing regulatory requirements and a strong reputation to uphold, Detroit Medical Center recognized the need for more advanced auditing capabilities to protect their patients privacy.

Detroit Medical Center (DMC) is the largest healthcare provider in southeast Michigan with more than 2,000 licensed beds and over 15,000 employees. It serves as a teaching hospital for one of the United States’ largest medical schools, and is the official healthcare provider for the Detroit Tigers, Detroit Red Wings and Detroit Pistons.

With such so many significant and prestigious areas of service, DMC had a strong reputation to uphold and faced several challenges in fulfilling their privacy and security needs.

Today, FairWarning ’s automated alerting capabilities have replaced random auditing, fulfilled key requirements for the achievement of meaningful use, and the staff is confident that they are proactively identifying potential privacy breaches.

Challenge

Detroit Medical Center rolled out a new EHR across all hospital and clinic locations, but were not capable of auditing the access of over 15,000 employees according to the new privacy and security requirements of ARRA HITECH of 2009 to achieve “meaningful use” and financial incentives.

Additionally, they had many concerns of VIP snooping vulnerabilities as the healthcare provider for so many local, professional sports teams.

DMC turned to FairWarning to help fulfill their monitoring and alerting needs across their multiple hospitals and clinics with a high priority of completing a full implementation in four months or less.

Solution

Ultimately, Detroit Medical Center chose FairWarning’s Patient Privacy Monitoring based on the strength of its 200+ patient privacy monitoring analytics, production customer references, and compatibility with over 180 healthcare applications.

In less than 90 days, DMC completed their full implementation of FairWarning and initiated the continuous monitoring of EHR access for all of their employees. FairWarning trained DMC staff and helped them configure the reports they needed most, so they could being receiving automated alerts based on the specific behaviors they were most concerned about.

.

Results

Prior to the implementation of FairWarning, the Regulatory staff at Detroit Medical Center was conducting all of their auditing activities manually, which was hit-or-miss, and most potential breaches were identified as a result of a patient complaint.

Today, FairWarning’s automated alerting capabilities have replaced random auditing, fulfilled key requirements for the achievement of meaningful use, and the staff is confident that they are proactively identifying potential privacy breaches. DMC has reduced the number of potential privacy breaches through a combination of continuous improvement of FairWarning monitoring and employee education and training.

Download PDF

Implementation Experience

Led by their assigned FairWarning implementation manager, Detroit Medical Center moved through the FairWarning implementation process quickly. Beginning with Sunquest, DMC then began feeding Cerner Millennium and Siemens Invision audit logs into FairWarning. The whole process from initial data extraction using scripts provided by FairWarning to online training and report configuration was completed in less than 90 days.

Profile

  • Eight hospitals
  • More than 100 clinics
  • More than 2,000 beds
  • Teaching hospital for Wayne State University
  • Official healthcare provider for the Detroit Tigers, Detroit Red Wings, and the Detroit Pistons

Health Information Systems

  • Cerner Millenium
  • Lawson HR
  • Siemens Invision
  • Sunquest Laboratory

FairWarning Products

Making Auditing Across Multiple Applications a Reality – Baptist Health Care

When Baptist Health Care became concerned about confidentiality among their EHR records, the McKesson-equipped facility needed FairWarning to ensure their records were safe.

Read the Case Study

Combining Patient Privacy Monitoring & Identity Management

With rising regulatory requirements and an increasing number of independent applications accessing patient information, UPMC decided it was time to implement an integrated patient privacy solution.

Read the Case Study