Disadvantages of Spreadsheets – Obstacles to Compliance in the Healthcare Industry

Most of the regulatory compliance issues we talked about concerning spreadsheets have been related to financial data. But there are other kinds of data that are stored in spreadsheets which may also cause regulatory problems in the future.

In the US, a legislation known as HIPAA or Health Insurance Portability and Accountability Act is changing the way health care establishments and practitioners handle patient records. The HIPAA Privacy Rule is aimed at protecting the privacy of individually identifiable health information a.k.a. protected health information (PHI).

Examples of PHI include common identifiers like a patient’s name, address, Social Security Number, and so on, which can be used to identify the patient. HIPAA covers a wide range of health care organisations and service providers, including: health plan payers, health care clearing houses, hospitals, doctors, dentists, etc.

To protect the confidentiality, integrity, and availability of PHI, covered entities are required to implement technical policies such as access controls, authentication, and audit controls. These can easily be implemented on server-based systems.

Sad to say, many health care organisations who have started storing data electronically still rely on spreadsheet-based systems. Those policies are hard to implement in spreadsheet-based systems, where files are handled by end-users who are overloaded with their main line of work (i.e. health care) and have very little concern for data security.

In some of these systems, spreadsheet files containing PHI may have multiple versions in different workstations. Chances are, none of these files have any access control or user authentication mechanism whatsoever. Thus, changes can easily be made without proper documentation as to who carried out the changes.

And because the files are normally easily accessible, unauthorised disclosures – whether done intentionally or accidentally – will always be a lingering threat. Remember that HIPAA covered entities who are caught disclosing PHI can be fined from $50,000 up to $500,000 plus jail time.

But that’s not all. Through the HITECH Act of 2009, business associates of covered entities will now have to comply with HIPAA standards as well. Business associates are those companies who are performing functions and services for covered entities.

Examples of business associates are accounting firms, law firms, consultants, and so on. They automatically need to comply with the standards the moment they too deal with PHI.

More Spreadsheet Blogs

Spreadsheet Risks in Banks

Top 10 Disadvantages of Spreadsheets

Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry

How Internal Auditors can win the War against Spreadsheet Fraud

Spreadsheet Reporting – No Room in your company in an age of Business Intelligence

Still looking for a Way to Consolidate Excel Spreadsheets?

Disadvantages of Spreadsheets

Spreadsheet woes – ill equipped for an Agile Business Environment

Spreadsheet Fraud

Spreadsheet Woes – Limited features for easy adoption of a control framework

Spreadsheet woes – Burden in SOX Compliance and other Regulations

Spreadsheet Risk Issues

Server Application Solutions – Don’t let Spreadsheets hold your Business back

Why Spreadsheets can send the pillars of Solvency II crashing down

amazon.co.uk

amazon.com

Check our similar posts

ISO in Energy management

Every industry has its own set levels of quality that are considered acceptable or desirable. Energy performance like any other field is governed by some set standards. These differ across regions but international standards do exist.

ISO 50001 is the international energy standard applicable to both large and small organisations irrespective of geographical, cultural or social conditions. It outlines the best energy management practices that are considered to be the best by specifying that an organisation must integrate an energy management system and institute an energy policy, objectives, targets, and action plans taking into account legal requirements and information related to significant energy use. The energy standard is applicable to organisations.

What’s the importance of attaining energy certification?

ISO certification in any industry is a demonstration of quality or that a service or product meets the expected service standards. In energy management, ISO certification is a demonstration that an organisation or company has implemented sustainable energy management systems, completed a baseline of energy use and, is committed to continuously improve its energy performance. In addition, ISO certification assists organisations in the following ways:

? Organisations are able to optimise the existing energy-consuming assets

? Offers guidance on bench-marking, measuring, documenting, and reporting energy intensity improvements and their projected impact on reducing GHG emissions

? Creates transparency and facilitates communication on the management of energy resources

? Promotes energy management best practices and reinforces good energy management behaviours

? Assists facilities in evaluating and prioritising the implementation of new energy-efficient technologies

? Provides a framework for promoting energy efficiency throughout the supply chain

? Facilitates energy management improvements in the context of GHG emission reduction projects: The reduction of carbon emissions means therefore an organisation is able to meet government carbon reduction targets by demonstrating environmental credentials. The accruing benefits are many, ranging from increased investor confidence to more tender opportunities

Energy management software plays a vital role in helping organisations comply with energy standards through improved performance across the various functions in an organisation.

Article 8 of the EU Energy Efficiency Directive ? Orientation

Following in-depth discussion of the UK?s ESOS response, we decided to backtrack to the source, especially since every EU member is facing similar challenges. The core purpose of the directive is to place a pair of obligations on member states. These are

To promote the availability of energy audits among final customers in all sectors, and;
To ensure that enterprises that are not SMEs carry out energy audits at least every four years.

Given the ability for business to look twice at every piece of legislation it considers unproductive, the Brussels legislators took care to define what constitutes an enterprise larger than an SME.

Definition of a Large Undertaking

A large undertaking meets one or both of the following conditions:

It employs 250 or more people
Its annual turnover is more than ?50 million and its balance sheet total exceeds ?43 million

Rules for Energy Audits

If accredited / qualified in-house specialists are unavailable then independent experts should supervise audits. The talent shortage seems common to many EU businesses. In hindsight, the Union could have ramped up slower, especially since the first compliance date of 5 December 2015 does not leave much swing room.

ecoVaro doubts there was a viable alternative, given the urgent imperative to beat back the scourge of carbon that is threatening the viability of our planet. The legislators must have been of a similar mind when laying down the guidelines. Witness for example the requirement that penalties be ?effective, proportionate and dissuasive?.

In order to be compliant, an energy audit must

Be based on twelve months of verifiable data that is
- over a continuous period beginning no more than 24 months before the beginning of the energy audit, and;
- identifies energy saving opportunities including paths to their achievement
Analyse the participant’s energy consumption and energy efficiency
Have not been used as the basis for an energy audit in a previous compliance period

Measurement of current status and progress tracing are at the core of energy saving and good governance generally. EcoVaro has a powerhouse of software tools available on the cloud to help project teams save time and money.

Benefits of Integrating IoT and Field Service

Owing to the complexity of its definition, many people loosely use the phrase Internet of Things (IoT) without having a solid grasp of its true meaning. A majority in this category take IoT to be nothing more than the automation of home gadgets, where the internet is used to interconnect computing components embedded in everyday devices.

Granted, the whole idea of IoT got its roots from the home setting. Nevertheless, IoT has outgrown that spectrum and has since penetrated into almost every area of business and industry. By employing IoT, you can literally take full control of everything in your business using a single device. From assigning tasks to monitoring security, managing bills to tracking time, IoT has revolutionized the way business is done.

Interestingly, not so long ago, most technology experts limited their forecasts to machine-to-machine (M2M) integration and Augmented Reality (AR), which also, admittedly, hit the technology industry with an admirable suave. Back then, it could have been laughable for anyone to have suggested that IoT would be so commanding in almost every industry, including real estate, medicine, automobile, and more.

It’s not for nothing, therefore, that the field service industry has also embraced IoT, integrating it in the daily running of business activities, including tracking machine diagnostics, detecting breakdowns, and assigning field engineers to attend to customer needs.

How the Field Service Industry is Benefiting from IoT

Machine uptime has remained an ongoing concern for many customers. In the traditional approach, whenever a machine breaks down, the customer alerts the service provider and then the field service manager checks to see if there is any field engineer available for a new task. Once an engineer has been identified, he?s then dispatched to the site. This worked, but it resulted in an extended machine downtime, a terrible experience for customers.

Thanks to IoT, things are now happening differently.

IoT is now integrating machines to a central communications centre, where all alerts and status updates are sent. The notifications are instant. The field service manager, therefore, gets to learn of the status of machines at the exact time of status change. An engineer who?s not engaged would then be immediately assigned to undertake any needed servicing or repair.

By employing IoT, the service provider receives timely reports relating to diagnostics, machine uptime, part failures, and more. The field manager can, as a result, foretell and forestall any possible downtime.

How has this been helpful?

Before giving a definite answer to that question, it’s crucial to note that more than half of all field service organizations now employ IoT in their Asset Management Systems and Field Service Management. And to answer the question, all the organizations that have the two systems integrated using IoT experience twice as much efficiency as those that don’t, states an Aberdeen Group report. As you already know, improved efficiency results in a corresponding upshot in customer satisfaction.

Apps Making a Difference in IoT-Field Service

The integration of IoT into almost every aspect of business prompted the design and development of different applications to link computing devices. Since the advent of IoT, the software development for the technology has come of age. Powerful and lightweight apps that don simple yet beautiful user interfaces are now readily available at affordable price tags.

A good example of such an App is ecoVaro by Denizon.

ecoVaro not only helps businesses to monitor energy and other relevant environmental data such as Electricity, Gas, Water, Oil, Carbon, Temperature, Humidity, Solar Power, and more, but also provides analytics and comprehensive yet easy to understand reports. The data received from devices such as meters is converted into useful information that’s then presented in figures and graphs, thus allowing you to make decisions based on laid down controls.

The focus of the app is to instantly alert service engineers to go on site to fix issues.

With ecoVaro, field service engineers no longer have to return to the office to get new instructions. Also, customers don’t have to manually fire alerts to the service provider whenever something isn’t working correctly. By employing the latest in IoT, ecoVaro sends notifications to field service managers and engineers about respective customers that need support.

How ecoVaro Helps

Best-in-class companies aren’t ready to compromise on customer satisfaction. Therefore, every available avenue is used to address customer concerns with the deserved agility. By using IoT, ecoVaro makes it possible for field service providers to foresee and foreclose any possible breakdowns.

The inter-connectivity among the devices and the central communications centre results in increased revenue and improved interactivity between the system and the field engineers. This results in greater efficiency and lower downtime, which translates into improved productivity, accountability, and customer satisfaction, as well as creating a platform for a possible expansion of your customer base.

ecoVaro isn’t just about failed machines and fixes. It also provides diagnostics about connected systems and devices. With this, the diagnostics centre receives system reports in a timely manner, allowing for ease of planning and despatch of field officers where necessary.

Clearly, but using the right application, IoT can transform your business into an excellently performing field service company.