How Organizations Meet Compliance Demands with Smart Technology

Guest post by Chris Strammiello, Vice President of Global Alliances & Strategic Marketing, Nuance.

Chris Strammiello
Chris Strammiello

The growing use of smart devices at the point of care exacerbates the dual, yet contradictory, challenges confronting hospital IT directors and compliance officers: Making patients’ health information easier to access and share, while at the same time keeping it more secure.

A major problem is that there are just too many touch points that can create risk when sharing protected health information (PHI) inside and outside of the hospital. In addition to securing communications on cell phones, tablets and laptops, these tools can send output to smart multi-function printers (MFPs) that not only print, but allow walk-up users to copy, scan, fax and email documents. This functionality is why the Office of the National Coordinator for Health Information Technology now defines MFPs as workstations where PHI must be protected. These protections need to include administrative, physical and technical safeguards that authenticate users, control access to workflows, encrypt data handled on the device and maintain an audit trail of all activity.

Accurate, Effective and Secure Use of Patient Information at Point of Care

Hospitals need to adopt an approach that automatically provides security and control at the smart MFP from which patient information is shared and distributed. This approach must also support the use of mobile computing technologies, which are helping to bring access to patient information and electronic health records (EHR) to the point of care. Advanced secure information technology and output management solutions can help hospitals protect patient health information as part of achieving HIPAA-compliant use of PHI with software by adding a layer of automated security and control to both electronic and paper-based processes. These solutions can minimize the manual work and decisions that invite human error, mitigate the risk of non-compliance and help hospitals avoid the fines, reputation damage and other costs of HIPAA violations and privacy breaches.

With this approach, vulnerabilities with capturing and sharing PHI are reduced with a process that ensures:

Deploying Smart Computing Technology to Meet Compliance

While it’s clear that hospitals continue to deploy smart technologies to deliver more efficient point of care to patients, those technologies continue to provide vexing security and compliance challenges. However, implementing a flexible and scalable solution that adds a layer of automated security and control to both electronic and paper-based processes significantly reduces non-compliance risks.

The solution should include five important attributes: authentication; authorization; encryption; file destination control; and content filtering. For example, electronic orders, referrals, reports and other sensitive information can be completed on smartphones, tablets, or laptops, electronically signed and safely and securely delivered to EHR.

With these security enhancements in place, hospitals can confidently open their networks and gain control of smart device proliferation in their patient point of care processes.


Write a Comment

Your email address will not be published. Required fields are marked *