Disadvantages of Spreadsheets – Obstacles to Compliance in the Healthcare Industry

Most of the regulatory compliance issues we talked about concerning spreadsheets have been related to financial data. But there are other kinds of data that are stored in spreadsheets which may also cause regulatory problems in the future.

In the US, a legislation known as HIPAA or Health Insurance Portability and Accountability Act is changing the way health care establishments and practitioners handle patient records. The HIPAA Privacy Rule is aimed at protecting the privacy of individually identifiable health information a.k.a. protected health information (PHI).

Examples of PHI include common identifiers like a patient’s name, address, Social Security Number, and so on, which can be used to identify the patient. HIPAA covers a wide range of health care organisations and service providers, including: health plan payers, health care clearing houses, hospitals, doctors, dentists, etc.

To protect the confidentiality, integrity, and availability of PHI, covered entities are required to implement technical policies such as access controls, authentication, and audit controls. These can easily be implemented on server-based systems.

Sad to say, many health care organisations who have started storing data electronically still rely on spreadsheet-based systems. Those policies are hard to implement in spreadsheet-based systems, where files are handled by end-users who are overloaded with their main line of work (i.e. health care) and have very little concern for data security.

In some of these systems, spreadsheet files containing PHI may have multiple versions in different workstations. Chances are, none of these files have any access control or user authentication mechanism whatsoever. Thus, changes can easily be made without proper documentation as to who carried out the changes.

And because the files are normally easily accessible, unauthorised disclosures – whether done intentionally or accidentally – will always be a lingering threat. Remember that HIPAA covered entities who are caught disclosing PHI can be fined from $50,000 up to $500,000 plus jail time.

But that’s not all. Through the HITECH Act of 2009, business associates of covered entities will now have to comply with HIPAA standards as well. Business associates are those companies who are performing functions and services for covered entities.

Examples of business associates are accounting firms, law firms, consultants, and so on. They automatically need to comply with the standards the moment they too deal with PHI.

 

More Spreadsheet Blogs

 

Spreadsheet Risks in Banks

 

Top 10 Disadvantages of Spreadsheets

 

Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry

 

How Internal Auditors can win the War against Spreadsheet Fraud

 

Spreadsheet Reporting – No Room in your company in an age of Business Intelligence

 

Still looking for a Way to Consolidate Excel Spreadsheets?

 

Disadvantages of Spreadsheets

 

Spreadsheet woes – ill equipped for an Agile Business Environment

 

Spreadsheet Fraud

 

Spreadsheet Woes – Limited features for easy adoption of a control framework

 

Spreadsheet woes – Burden in SOX Compliance and other Regulations

 

Spreadsheet Risk Issues

 

Server Application Solutions – Don’t let Spreadsheets hold your Business back

 

Why Spreadsheets can send the pillars of Solvency II crashing down

?

Advert-Book-UK

amazon.co.uk

?

Advert-Book-USA

amazon.com

 

Check our similar posts

8 Reasons why you Need to Undertake Technical and Application Assessments

Are your information assets enabling you to operate more cost-effectively or are they just drawing in more risks than you are actually aware of? Obviously, you now need to get a better picture of those assets to see if your IT investments are giving you the benefits you were expecting and to help you identify areas where improvements should be made.

The best way to get the answers to those questions is through technical and application assessments. In this post, we?ll identify 8 good reasons why it is now imperative to undertake such assessments.

1. Address known issues – Perhaps the most common reason that drives companies to undertake a technology/application assessment is to identify the causes of existing issues such as those related to data accessibility, hardware and software scalability, and performance.

2. Cut down liabilities and risks – Unless you know what and where the risks are, there is no way you can implement an appropriate risk mitigation strategy. A technology and application assessment will enable you to thoroughly test and examine your information systems to see where your business-critical areas and points of failure are and subsequently allow you to act on them.

3. Discover emerging risks – Some risks may not yet be as threatening as others. But it would certainly be reassuring to be aware if any exist. That way, you can either nip them in the bud or keep them monitored.

4. Comply with regulations – Regulations like SOX require you to establish adequate internal controls to achieve compliance. Other regulations call for the protection of personally identifiable information. Assessments will help you pinpoint processes that lack controls, identify data that need protection, and areas that don’t meet regulatory requirements. This will enable you to act accordingly and keep your company away from tedious, time-consuming and costly sanctions.

5. Enhance performance – Poor performance is not always caused by an ageing hardware or an overloaded infrastructure. Sometimes, the culprits are: unsuitable configuration settings, inappropriate security policies, or misplaced business logic. A well-executed assessment can provide enough information that would lead to a more cost-effective action plan and help you avoid an expensive but useless purchase.

6. Improve interoperability – Disparate technologies working completely separate from each other may be preventing you from realising the maximum potential of your entire IT ecosystem. If you can examine your IT systems, you may be able to discover ways to make them interoperate and in turn harness untapped capabilities of already existing assets.

7. Ensure alignment of IT with business goals – An important factor in achieving IT governance is the proper alignment of IT with business goals. IT processes need to be assessed regularly to ensure that this alignment continues to exist. If it does not, then necessary adjustments can be made.

8. Provide assurance to customers and investors – Escalating cases of data breaches and identity theft are making customers and investors more conscious with a company?s capability of preserving the confidentiality of sensitive information. By conducting regular assessments, you can show your customers and investors concrete steps for keeping sensitive information confidential.

How to be cleaner and greener indoors

The supply of water on planet earth is finite hence the need to conserve this precious resource. Water is a utility that is often used in and outdoors and for that reason, water conservation activities should be undertaken everywhere.

Get greener everywhere
Water saving can be achieved through various ways. Of utmost importance, fixing leaks should be undertaken in all areas. Small household leaks can add up to gallons of water lost every day. It is therefore important to check all water system fixtures and ensure that there are no leakages.

Greener bathroom habits
Turning off taps- this should be practised in the bathroom especially while shaving and brushing teeth. One could also consider using showers instead of baths since showers use less water and get into the habit of taking shorter showers.

Clean and green dishes
The kitchen is one of the areas where a lot of water is used. Some of the ways through which water can be conserved in the kitchen are:

  • Use of basins when washing dishes by hand
  • Using a dishwasher – when using the dish washer, it is important to make sure it’s fully loaded. Scraping plates instead of rinsing before loading it into the dishwasher will also go a long way in the conservation of the valuable commodity called water

Green your laundry and earn green bucks
The other area where water saving can be made is the laundry room. Washing only full loads of laundry will ensure that your washing machine is running at full efficiency hence you will be able to maximise your washer for energy efficiency. Always ensure you use the appropriate water level or load size selection on the washing machine. All these will not only save water but energy too and since savings are earnings you can smile all the way to the bank where some green bucks will be credited to your account.

Top 3 reasons to get into Multi-Channel Retail

Multi-channel retail, which nowadays understandably includes online channels, is something you just have to do this year. Every single day you put off doing it, the competition gobbles up market share that should have been yours. There are a number of reasons why even successful retailers are now going into multi-channel retailing. Here?s three of the most important ones.

1. You’ll get a BIG jump in sales

Not counting this year, which could be getting a big boost from major activities like the Queen?s Diamond Jubilee and the 2012 Olympics, sales of UK retailers have been experiencing tremendous growth particularly from their online channels. Already two years ago (2010), a number of UK retailers boasted significant increases in sales as a result of multi-channel retail initiatives. These retailers included:

  • Argos, which got a whopping ?1.9bn from multichannel sales back then;
  • House of Fraser, which reported a 150% jump in its online sales in just 6 months; and
  • Debenhams, whose profits rose by 20%

There were many others. Now, the reason I?m showing you 2010 figures is because online retail sales increased by 14% in 2011 and those same businesses still added to that growth. So, if only you had enough foresight and started expanding your business to the Web two years ago, you could just imagine what your sales would have been today.

The good news is that, it’s not yet too late if you start now. Here?s why…

2. Those numbers are going to keep on growing

We’re getting all sorts of predictions from leading researchers regarding the possible growth of the Internet economy. All these predictions have one thing in common. They all have a positive outlook. The Boston Consulting Group (BCG), for instance, predicts an average growth of no less than 10% per year in the G-20 nations.

3. Most online retailers aren’t doing it right yet

Although many retailers have already started bringing their business to the Web, most of them are doing it the wrong way. For example, many of them fail to integrate their offline and online channels. This is a serious shortcoming because it leads to customer dissatisfaction.

When a customer goes to your website and sees something he likes, you wouldn’t want him to drive all the way to your store only to find out that the item isn’t available there or, if the item is there, that it isn’t priced as he expected. The lack of multi-channel integration is very common among multi-channel retailers.

These inadequacies are actually good news because it means there are still many areas you can improve on. After improving on them, you can then highlight those areas as your key differentiators.

If you’re still looking for more reasons on why you should go into multi-channel retailing, read this post:

5 Numbers Showing Why the Time to Invest on eCommerce in the UK is Now

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Ready to work with Denizon?

Contact Us Today