Activity monitoring can spot privacy breaches
Activity monitoring can spot privacy breaches
With growing attention to the threat of privacy breaches through social media, some healthcare organizations are utilizing "user activity monitoring" to help ensure compliance with the Health Insurance Portability and Accountability Act (HIPAA).
With user activity monitoring, organizations can monitor, capture, and analyze all user and user group activity on the employer's device including e-mail sent and received, chat and instant messages, web sites visited, applications and programs accessed, web searches, file transfers, and data printed or saved to removable devices. The system also can take screenshots of employees' activities at pre-set intervals.
McKenzie (TN) Medical Center implemented Spector360 user activity monitoring after noticing high bandwidth usage as well as issues with worker productivity. (See Resource at end of this article for information on purchasing the software.) The medical center employs more than 30 medical providers and almost 300 support staff. Unrestricted access to the Internet, personal e-mail, and social media presented potential legal liability, and the center wanted to ensure that all employees were complying with HIPAA regulations, says Don Page, IT manager and security officer.
User activity monitoring allows hospitals and healthcare organizations to track employees' activity on social networking sites and receive alerts regarding potential suspicious activity based on established key words, Page says. It is also beneficial to employee training, he says, with hospital administrators able to flag issues and discuss them with employees. For example, if an employee posted confidential information on Facebook, hospital administrators can provide proof and discuss with the employee how he or she violated regulations.
With the user activity monitoring software, McKenzie was able to quickly identify more than $18,000 worth of time where employees were spending time on non-work related computer use. The clinic director then reminded employees of the company's Internet usage policies and spoke with offenders regarding the new monitoring process.
Since implementing user activity monitoring, McKenzie has increased productivity and reduced non-work related online activities, Page says. Not wanting to be too severe, the center also allows employees limited access to the Internet for personal reasons, such as paying bills online or visiting Facebook. Four computers have been set up in the lunch room for employees' use during their lunch break.
Although McKenzie originally implemented user activity monitoring to address productivity concerns, Page says it has become a valuable tool in HIPAA compliance. During HIPAA compliance investigations, McKenzie Medical is able to replay all activity that took place on an employee's screen or activity logs relating to alleged incident. In some instances, employees have been cleared of wrongdoing after the hospital reviewed their activity.
"Protecting our patients' privacy and ensuring that meet HIPAA compliance regulations is our foremost concern," Page says. "With user activity monitoring, we're able to address and respond to HIPAA concerns in a timely manner."
Source
Don Page, IT Manager and Security Officer, McKenzie (TN) Medical Center. Telephone: (731) 352-7907.
Resource
SPECTOR 360 7.3 is available for purchase at www.spector360.com or by calling SpectorSoft Corporate Sales at (888) 598-2788. Standard pricing is $115 per endpoint for a perpetual license.
With growing attention to the threat of privacy breaches through social media, some healthcare organizations are utilizing "user activity monitoring" to help ensure compliance with the Health Insurance Portability and Accountability Act (HIPAA).Subscribe Now for Access
You have reached your article limit for the month. We hope you found our articles both enjoyable and insightful. For information on new subscriptions, product trials, alternative billing arrangements or group and site discounts please call 800-688-2421. We look forward to having you as a long-term member of the Relias Media community.