Disadvantages of Spreadsheets – Obstacles to Compliance in the Healthcare Industry

Most of the regulatory compliance issues we talked about concerning spreadsheets have been related to financial data. But there are other kinds of data that are stored in spreadsheets which may also cause regulatory problems in the future.

In the US, a legislation known as HIPAA or Health Insurance Portability and Accountability Act is changing the way health care establishments and practitioners handle patient records. The HIPAA Privacy Rule is aimed at protecting the privacy of individually identifiable health information a.k.a. protected health information (PHI).

Examples of PHI include common identifiers like a patient’s name, address, Social Security Number, and so on, which can be used to identify the patient. HIPAA covers a wide range of health care organisations and service providers, including: health plan payers, health care clearing houses, hospitals, doctors, dentists, etc.

To protect the confidentiality, integrity, and availability of PHI, covered entities are required to implement technical policies such as access controls, authentication, and audit controls. These can easily be implemented on server-based systems.

Sad to say, many health care organisations who have started storing data electronically still rely on spreadsheet-based systems. Those policies are hard to implement in spreadsheet-based systems, where files are handled by end-users who are overloaded with their main line of work (i.e. health care) and have very little concern for data security.

In some of these systems, spreadsheet files containing PHI may have multiple versions in different workstations. Chances are, none of these files have any access control or user authentication mechanism whatsoever. Thus, changes can easily be made without proper documentation as to who carried out the changes.

And because the files are normally easily accessible, unauthorised disclosures – whether done intentionally or accidentally – will always be a lingering threat. Remember that HIPAA covered entities who are caught disclosing PHI can be fined from $50,000 up to $500,000 plus jail time.

But that’s not all. Through the HITECH Act of 2009, business associates of covered entities will now have to comply with HIPAA standards as well. Business associates are those companies who are performing functions and services for covered entities.

Examples of business associates are accounting firms, law firms, consultants, and so on. They automatically need to comply with the standards the moment they too deal with PHI.

 

More Spreadsheet Blogs

 

Spreadsheet Risks in Banks

 

Top 10 Disadvantages of Spreadsheets

 

Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry

 

How Internal Auditors can win the War against Spreadsheet Fraud

 

Spreadsheet Reporting – No Room in your company in an age of Business Intelligence

 

Still looking for a Way to Consolidate Excel Spreadsheets?

 

Disadvantages of Spreadsheets

 

Spreadsheet woes – ill equipped for an Agile Business Environment

 

Spreadsheet Fraud

 

Spreadsheet Woes – Limited features for easy adoption of a control framework

 

Spreadsheet woes – Burden in SOX Compliance and other Regulations

 

Spreadsheet Risk Issues

 

Server Application Solutions – Don’t let Spreadsheets hold your Business back

 

Why Spreadsheets can send the pillars of Solvency II crashing down

?

Advert-Book-UK

amazon.co.uk

?

Advert-Book-USA

amazon.com

 

Check our similar posts

Saving Energy Step 4 – Breathing Life into the Project

Today we consider the fourth step on the road to energy saving, when we introduce key contributors who will pull it all together. We have been on quite a journey. We started by developing a management system and then followed up with practical improvements, while challenging the assumptions behind the energy bills we may have paid unchallenged in the past.

After we knock off the big-ticket savings, managing energy becomes a process of improvement characterised by smaller increments. Kaizen is the classic model and it includes everybody in the organization from the janitor to the CEO. I inverted the pyramid deliberately, because ideas deserve considering no matter where the originator parks in the company yard.

People ? our people ?are truly central to the process. Energy adds extra leverage to their efforts, keeps them warm in winter, cool in summer and powers up the ovens in the company canteen. They are brimming over with ideas because that is the nature of being human. The best managers are those who release this potential and participate in its flowering,

It is important not to threaten job security. So many savings-driven initiatives have ended in job losses that people on the shop floor automatically suspect another round. Shrinking carbon footprints is about making the world a better place for everyone. We become more effective when we turn ?increasing profit? into making the enterprise sustainable in itself.

Engaging employees is more than office circulars and speeches at the Christmas Party. Organizations are organic places where trust grows slowly but conflict can flare in a moment. Before involving your people in your energy ?kaizan? make sure your words and intentions overlap perfectly. You will be amazed at the power you unlock in your people.

The best way I know of doing this is through your health and safety structure, which then becomes your environment, health and safety structure EHS. As you explore this idea at safety committees you find these things overlap, in the sense of creating people-centric environments at work and home.

That said, there is no magic formula for achieving employee engagement. The fact that people universally want a cleaner planet is the power to tap into. One way to form a team is to create one artificially and give it a task. The other is to work together towards a shared objective. Which one do you prefer?

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
The Connection Between Six Sigma and CRM

Six Sigma is an industrial business strategy directed at improving the quality of process outputs by eliminating errors and system variables. The end objective is to achieve a state where 99.99966% of events are likely to be defect free. This would yield a statistical rating of Sigma 6 hence the name.

The process itself is thankfully more user-friendly. It presents a model for evaluating and improving customer relationships based on data provided by an automated customer relations management (CRM) system. However in the nature of human interaction we doubt the 99.99966% is practically achievable.

Six Sigma Fundamentals

The basic tenets of the business doctrine and the features that set off are generally accepted to be the following:

  1. Continuous improvement is essential for success
  1. Business processes can be measured and improved
  1. Top down commitment is fundamental to sustained improvement
  1. Claims of progress must be quantifiable and yield financial benefits
  1. Management must lead with enthusiasm and passion
  1. Verifiable data is a non-negotiable (no guessing)

Steps Towards the Goal

The five basic steps in Six Sigma are define the system, measure key aspects, analyse the relevant data, improve the method, and control the process to sustain improvements. There are a number of variations to this DMAIC model, however it serves the purpose of this article. To create a bridge across to customer relationships management let us assume our CRM data has thrown out a report that average service times in our fast food chicken outlets are as follows.

<2 Minutes 3 to 8 Minutes 9 to 10 Minutes >10 Minutes
45% 30% 20% 5%
Table: Servicing Tickets in Chippy?s Chicken Caf?s

Using DMAIC to unravel the reasons behind this might proceed as follows

  • Define the system in order to understand the process. How are customers prioritised up front, and does the back of store follow suit?
  • Break the system up into manageable process chunks. How long should each take on average? Where are bottlenecks most likely to occur?
  • Analyse the ticket servicing data by store, by time of day, by time of week and by season. Does the type of food ordered have a bearing?
  • Examine all these variables carefully. Should there for example be separate queues for fast and slower orders, are there some recipes needing rejigging
  • Set a goal of 90% of tickets serviced within 8 minutes. Monitor progress carefully. Relate this to individual store profitability. Provide recognition.

Conclusion

A symbiotic relation between CRM and a process improvement system can provide a powerful vehicle for evidencing customer care and providing feedback through measurable results. Denizon has contributed to many strategically important systems.?

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
Are Target Operating Models strategic compasses?

The short answer is they usually are, because every organisation needs a road-map of where they are going. Target operating models can be complex documents with illustrative details including project management structures, special tools, implementation procedures and management metrics. They can also be simple statements, as for example Winston Churchill?s promise that ?we shall fight them on the beaches, on the landing grounds and in the fields? which gave Britain the strategic direction it needed.

Many initiatives unfortunately fail because managers are ?too busy? to bottom on what their target operating model should say, or simply don’t believe in paperwork. As a result, promising initiatives may blunder off course or die a slow death without them really noticing. We cannot manage what we cannot measure, which is where the management metrics fit in. One of my favourite quotes is ?if you don’t know where you are going any road will get you there? which is what the Cheshire Cat said to Alice in Wonderland when she got lost.

The author blundered through life without a plan because there was no one else with his particular brand of imagination. The current business climate is different because everybody is trying to ramp up, and investors want to know exactly what is going to happen to their money and by when. Hence a target operating model can be indispensable throughout a change or product cycle.

The benefits of having a measurable operations / technology plan can produce powerfully tangible results if the organisation follows through on it. Built-in metrics with milestones are powerful tool for management, and, when they map through to the company financial plan almost irreplaceable as cash-flow forecasters.

Other benefits may include:

  • Shorter times to market and greater agility when launching new ideas
  • Reduced investor risk through a predictable process that’s readily monitored
  • A stable operating environment where there is consensus on direction
  • Greater likelihood of delivering on time and leading to repeat orders
  • A more cost-effective process, with less risk of loss of quality and money

Although it dates back a few years the Wills UK and Ireland Retail model still provides an excellent benchmark of a target operating plan that worked. The strategic goals were exceptionally clear, and they brought in a proven project manager to help them drive the program forward.

We have delivered advanced business management services to many of our clients, and believe you will find our personalised approach time-efficient and effective too.

Ready to work with Denizon?

Contact Us Today