Mandated Government Regulations in Healthcare: Is Healthcare It Overregulated? a Post Mandate Study

Over the past decade, healthcare organizations have been subjected to many federally mandated statutes to comply with. Three of the biggest statutes over the last decade are the Health Information Portability and Accountability Act (HIPAA), the Red Flag Rules, and the Health Information Technology for Clinical Health (HITECH). These mandates deal directly with the security of electronic patient information. To date, many entities have provided estimations of cost of compliance. Some have provided quantitative models to calculate the return of IT investments. Very few have attempted to look retrospectively and determine the level of and barriers to compliance. This quantitative study used a similar study as the framework to build upon. The study in part used survey questions from Mhamed Zineddine\u27s doctoral dissertation titled, “Compliance of the healthcare industry with the Health Insurance Portability and Accountability Act security regulations in the Washington State: A quantitative study two years after mandatory compliance. The survey asked hospital Information Technology directors and managers questions to look at the level of compliance with the Health Insurance Portability and Accountability Act standards. Additionally, the survey asked questions to determine the impact on a health care organization when attempting to comply with multiple government mandates simultaneously. The analysis is an attempt to answer the question “Is Healthcare IT over regulated

One Sky SharePoint Form Flow

In today\u27s competitive economy, organizations are reliant on technology to maximize efficiency. One method of maximizing efficiency is automation, the technique of making a system operate automatically. Through automation, manual processes can be streamlined to eliminate waste. This project outlines the automation of the Individual Service Agreement (ISA) process at One Sky Community Services. The three stages of this process, Creation, Review, and Approval, were prototyped and implemented into a digital management system, Microsoft SharePoint Online, using Agile methodologies

A Decision Support System for Moving Workloads to Public Clouds

The current economic environment is compellingCxOs to look for better IT resource utilization in order to get morevalue from their IT investments and reuse existing infrastructureto support growing business demands. How to get more from less?How to reuse the resources? How to minimize the Total Cost ofOwnership (TCO) of underlying IT infrastructure and data centeroperation cost? How to improve Return On Investment (ROI) toremain profitable and transform the IT cost center into a profitcenter? All of these questions are now being considered in light ofemerging ‘Public Cloud Computing’ services. Cloud Computingis a model for enabling resource allocation to dynamic businessworkloads in a real time manner from a pool of free resourcesin a cost effective manner. Providing resource on demand atcost effective pricing is not the only criteria when determiningif a business service workload can be moved to a public cloud.So what else must CxOs consider before they migrate to publiccloud environments? There is a need to validate the businessapplications and workloads in terms of technical portability andbusiness requirements/compliance so that they can be deployedinto a public cloud without considerable customization. Thisvalidation is not a simple task.In this paper, we will discuss an approach and the analytictooling which will help CxOs and their teams to automate theprocess of identifying business workloads that should move toa public cloud environment, as well as understanding its costbenefits. Using this approach, an organization can identify themost suitable business service workloads which could be movedto a public cloud environment from a private data center withoutre-architecting the applications or changing their business logic.This approach helps automate the classification and categorizationof workloads into various categories. For example, BusinessCritical (BC) and Non-business Critical (NBC) workloads canbe identified based on the role of business services within theoverall business function. The approach helps in the assessmentof public cloud providers on the basis of features and constraints.This approach provides consideration for industry complianceand the price model for hosting workloads on a pay-per-usebasis. Finally, the inbuilt analytics in the tool find the ‘best-fit’cloud provider for hosting the business service workload. ‘Bestfit’is based on analysis and outcomes of the previously mentionedsteps.Today, the industry follows a manual time consumingprocess for workload identification, workload classification andcloud provider assessment to find the best-fit for business serviceworkload hosting. The suggested automated approach enables anorganization to reduce cost and time when deciding to move toa public cloud environment. The proposed automated approachaccelerates the entire process of leveraging cloud benefits,through an effective, informed, fact-based decision process

Privacy and Security in the Clinical Audiology Setting: Ohio Audiologists' Knowledge of the Health Insurance Portability and Accountability Act

The purpose of this study was to investigate the knowledge possessed by professionally licensed audiologists regarding the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its implications for clinical audiological practices. The study also aimed to examine the training and enforcement of HIPAA regulations in audiology clinics and facilities. A 30-question survey was distributed to professionally licensed audiologists in Ohio via an online survey instrument. The survey focused on audiologists’ knowledge of HIPAA regulations as well as corresponding sources of education and training. Subsequently, six pre-generated discussion questions were electronically distributed to Ohio audiologists. The discussion questions focused on the HIPAA training and education provided to audiologists in their employment settings. The results of the study indicated that audiologists possess limited knowledge regarding HIPAA regulations and that the majority of audiologists currently receive annual training and education through electronic sources. The results of the current study demonstrate the need for enhanced HIPAA training strategies in educating audiologists regarding the importance of federal privacy and security regulations as well as compliance with them

Information security compliance in a healthcare setting: A user behavior pilot study

Human behavior is known to be one of the weakest links to information security and a likely cause of incidents that may lead or contribute to the loss or compromise of sensitive information (Ahmad, & Ismail, 2010; Akhunzada, Kam, 2015; Aloul, 2012; Cain, Edwards, & Still, 2018; Long, 2013; Narayana, Sookhak, & Anuar, 2015; Pike, 2011; Seidenberger, 2016). The Health Insurance Portability and Accountability Act (1996) requires healthcare organizations to comply with national standards to reduce the likelihood of a privacy breach. Online stolen data markets, where cybercriminals operate in the dark web, advertise, sell, share, and trade sensitive personally identifiable information for nefarious purposes (Chertoff, 2017; Holt et al., 2016). The 29-statement pilot study survey replicates the Safa et al. (2015) survey and was administered to 39 UW Medicine (UWM) employees via the UWM Research Electronic Data Capture online survey application. The survey statements are based on the Theory of Planned Behavior, the Protection Motivation Theory, and the Safa et al. (2015) employee information security conscious care behavior model. The UWM pilot study statements were modified, and results are presented (n = 32). Descriptive statistics are provided, as well as lessons learned, which will be incorporated into a larger-scale survey deployment. This is a timely study to determine how best to reduce the likelihood of a user error or a cyber adversary exploiting a weakness that could lead to or cause a global catastrophic cyber event that could potentially trigger further political, economic, and social volatility

Value Based Healthcare: The Missing Formula for Quality Patient Care

Value Based Care is driving the need to balance value with cost. Health care organizations must address the value component as part of the patient care experience. Reimbursements to physicians and healthcare organizations are the focus on delivering value care to the patient while keeping costs down for the insurance company and overhead for the organizations. Health care providers face challenges on how to connect ethics, patient safety, and decision making to quality of care for each individual patient. Insurance companies are looking at the volume of people, how many episodes of care for each condition, how many providers for each separate condition, and finding the lowest cost for highest quality of care the patient can experience. Creating, testing and implementing new policies and procedures is what the leading insurance companies are currently doing to make Value Based Care a reality in the United States Healthcare System. This paper will focus on the integration of value, cost, and customer satisfaction with patient care delivery

mHealth Support System for Researchers and Participants

With the proliferation of mobile technologies, there is a significant increase of research using mobile devices in the medical and public health area. Mobile technology has improved the efficiency of healthcare delivery effectively. Mobile Health or mHealth is an interdisciplinary research area which has been active for more than a decade. Much research has been conducted and many software research tools (mHealth Support System) have been developed. Despite the time length, there is a significant gap in the mHealth research area regarding software research tools. Individual research groups are developing their own software research tool though there is a significant similarity among them. Most of the research tools are study or disease specific. Some of the tools are device specific (desktop/laptop, mobile phone, and tablet) and some are platform specific (web, android, iOS, and windows). This costs each research study their precious time, money, and workforce to develop similar service or software research tools. Based on the mHealth research characteristics, it is possible to design and implement a customizable generic software research tool. In this thesis, we have proposed, designed, and implemented a customizable generic mHealth software research tool. It has most of the common software research modules that are needed for an mHealth research study. These include real-time data collection, research participant management, research staff management, role based access control, research data anonymization, customizable surveys, report generation, study forum, and activity tracking. This software research tool is responsive and HIPAA compliant which makes it device independent, privacy-aware, and security-aware