Disadvantages of Spreadsheets – Obstacles to Compliance in the Healthcare Industry
Most of the regulatory compliance issues we talked about concerning spreadsheets have been related to financial data. But there are other kinds of data that are stored in spreadsheets which may also cause regulatory problems in the future.
In the US, a legislation known as HIPAA or Health Insurance Portability and Accountability Act is changing the way health care establishments and practitioners handle patient records. The HIPAA Privacy Rule is aimed at protecting the privacy of individually identifiable health information a.k.a. protected health information (PHI).
Examples of PHI include common identifiers like a patient’s name, address, Social Security Number, and so on, which can be used to identify the patient. HIPAA covers a wide range of health care organisations and service providers, including: health plan payers, health care clearing houses, hospitals, doctors, dentists, etc.
To protect the confidentiality, integrity, and availability of PHI, covered entities are required to implement technical policies such as access controls, authentication, and audit controls. These can easily be implemented on server-based systems.
Sad to say, many health care organisations who have started storing data electronically still rely on spreadsheet-based systems. Those policies are hard to implement in spreadsheet-based systems, where files are handled by end-users who are overloaded with their main line of work (i.e. health care) and have very little concern for data security.
In some of these systems, spreadsheet files containing PHI may have multiple versions in different workstations. Chances are, none of these files have any access control or user authentication mechanism whatsoever. Thus, changes can easily be made without proper documentation as to who carried out the changes.
And because the files are normally easily accessible, unauthorised disclosures – whether done intentionally or accidentally – will always be a lingering threat. Remember that HIPAA covered entities who are caught disclosing PHI can be fined from $50,000 up to $500,000 plus jail time.
But that’s not all. Through the HITECH Act of 2009, business associates of covered entities will now have to comply with HIPAA standards as well. Business associates are those companies who are performing functions and services for covered entities.
Examples of business associates are accounting firms, law firms, consultants, and so on. They automatically need to comply with the standards the moment they too deal with PHI.
There is a child just below the surface in all of us. When were kids, adults lopped off the sharp bits that intruded into their ?genteel? society. Schools, to their everlasting shame sanded away our unique free spirits, as they stuck us into uniforms and imposed a daily classroom discipline. We received badges and prizes if we obeyed, and strict sanctions when we did not. This produced a generation of middle-age managers who no longer know how to play.
Life can be so deadly serious ?
Things work pretty much the same in business. Life is deadly serious. If we want to keep our jobs, we must deliver on the bottom line in our departments. There is little time for fun outside the Christmas party, when we may, within the limits of decorum engage in activity for enjoyment and recreation, rather than a serious or practical purpose.
Team builds (and strategic planning sessions) can be deadly boring affairs that proceed down narrow funnels defined by human resource facilitators. No matter how hard HR they may try, the structural hierarchy will remain intact, unless they find a way to set it aside during the program. Injecting fun into the occasion liberates independent thought, and this is why.
? But not for a little child at play
Next time you dine out at a branded family restaurant, select a seat that allows you observe the kiddies? play zone. Notice how inventive children become, when the family hierarchy is not there to tell them what to do (although parents may try from the wrong side of the soundproof glass). The ?serious play? side of fun team-builds aims to liberate managers by releasing their child for the duration. Shall we dig a little deeper into this and discover the dynamics?
Many of us have less than perfect oral communication skills. This is one of the great impediments to modern business meetings. We may not have sufficient time to formulate our thoughts for them to remain relevant when we speak. When we express them, we sense the group?s impatience for us to hurry up, so other members can have their opportunity to contribute.
Sharing better thinking with LEGO? bricks
Most of us feel an urge to click the brightly coloured plastic bricks together that carpenter Ole Kirk Christiansen released into a war-weary world in 1949. The basic kit is a great leveller because the blocks are all the same, and the discriminators are the colours and the power of our imagination. Watching a free-form LEGO builder in action is equally fascinating, as we wonder ?what they will do next? and ?what is happening in their mind.?
Examples of LEGO Serious PLAY in action
Instead of asking team members to describe themselves in a minute, a LEGO? SERIOUS PLAY? facilitator may gather them around a table piled high with LEGO bricks instead, and ask them to each build a model of themselves. The atmosphere is informal with interaction and banter encouraged. It is still serious play though, as team members get to know each other, and their own personalities better
The system is equally effective in strategic sessions, where the facilitator provides specially selected building blocks for the team to experiment with as they learn to listen, and share. This enables them to deconstruct a problem into its component parts, and share solutions regardless of seniority, culture, and communication skills.
Creating problem- and solution-landscapes three dimensionally this way, enables open conversations that keep the focus on the problem. Participants at these team builds do not only reach effective consensus faster. They are also busy building better communication skills as they do.
FieldElite, our mobile workforce management software, has been key to several industries? return on investment. Whether it’s for plumbing, electrical, property management, cleaning, and maintenance, FieldElite has provided data centralisation for efficient management of these business activities.
Field service management software is important to utilise current workload, and also helps resolve future issues. We’re talking about a proactive approach to preventative maintenance.
How exactly do field service managements help in preventative maintenance?
The answer lies in how field service management is interlinked with IoT in predicting future jobs for the mobile service industry.
What is IoT?
Simply put, the Internet of Things (IoT) is a network of devices and sensors connected to the internet. These ?things? (e.g. your smartphone or smartwatch) enable data to be sent and be received without human intervention.
Fundamentally, IoT is about devices being connected to the internet to allow remote monitoring.
For many years now, remote monitoring for IT infrastructure has been widely used.
What’s new that we’re experiencing right now is even the smallest devices ? individual light bulbs and sensors ? can have a network and internet connection, allowing entire systems to be monitored in great detail.
Implementing IoT and accessing data can be challenging for most service organisations. However, when combined with predictive analytics and field management software, it can have a huge potential impact on individual businesses and the service industry as a whole.
What is Preventative Maintenance?
Preventive maintenance refers to regular, routine maintenance to help keep equipment up and running, preventing any unplanned downtime and expensive costs from unanticipated equipment failure.
The goal of preventative maintenance is to decrease the likelihood of a machine or an equipment’s failure by performing regular maintenance.
Preventative management can be very complex, especially for companies with a fleet of equipment or customers. It requires careful planning and scheduling of maintenance on equipment before there is an actual problem.
Also, preventive maintenance is evolving. It’s not just about scheduling the same work every month to prevent failure anymore. Today, working smarter with better information about equipment conditions is critical to ensure maintenance is effective.
That’s where IoT and field service management software, like FieldElite, comes in. Together, they organise and carry out preventive maintenance needs for service industries.
How IoT and FieldElite Helps in Preventative Maintenance
With FieldElite and IoT technology, you get the best in preventive maintenance management.
Evaluation of equipment or machines ? the condition of machines or equipment is evaluated in order to predict when maintenance needs to be performed.
Automated work order ? automated time-based work order creation
Full condition-based plans allows you to do the following:
Right-size your maintenance work
Lower costs
Extend the life of your or customer?s assets
Quicker reporting ? due to its efficient and automated nature, IoT and field service management software can reduce a field technician?s average report time from two weeks to two days, therefore boosting your cash flow!
That’s the most important result a mobile service management software can produce (in connection with preventative maintenance). It’s cost-saving! This can be achieved over routine or time-based preventive maintenance, as tasks are only performed when they are needed.
The Internet of Things (IoT) and field service management software is changing field service as we know it.
Companies who adapt and utilise these technologies will benefit the most from the resulting competitive advantage of preventative maintenance.
Start elevating every field service experience now!
Our field service software, FieldElite helps you:
Accepts jobs in the field
Automate appointment scheduling
Manage scheduled jobs
Get real-time visibility into all operations
Have a clear and easy viewing of job locations
Resolve field service calls faster
Enable mobile workers to get the job done right
Keep customers updated at every step
Create quotations and accept payments
Analyse efficient reports from field technicians
Helps in proper preventative maintenance management.
A mobile workforce management software is key to managing an efficient field workforce.? Managing a staff of people can be tricky in any industry. Try keeping track of employees on shifting jobsites, many whom are paid hourly or temporary workers. The added pressure of ensuring the right workers get to the right sites at the right times, but they also need to track hours, parts used, vehicles and equipment assets.
In a previous post, we defined what is an operational review and why they play a key process in the continual evolution of successful businesses.?
Operational reviews allow the organization members to evaluate their performance, according to the procedures, resources properly, timescales and budgets.
In this post, we’ll take a closer look at how to implement an operational review and the steps typically undertaken to help you and your organisation to implement an operational review.
What the steps in a Operational Review Process
There are typically six steps in an operational review that range from preparatory work conducting interviews and collecting documents to the presentation of the final written report.
An audit should be customized to meet a organisatons specific needs, so standard steps can and should only serve as a guideline.? Management and internal and external auditors should adjust the process to address the company’s particular goals and objectives.
Initial Management Meeting
Understanding the problem is the first crucial step of an operational review. This is one of major areas of discussions when the audit team meets with the management, and department heads will be asked to identify any specific areas of concern. Once the problem is identified, it would be easier to come up with workable solutions.
Conduct Interviews
The next step in the evaluation is carried out with experienced teams doing interviews and keeping close observation. Each team essentially watches how employees carry out their responsibilities. This is considered a key part of the process.
When doing the interview, it is also vital that the observing team gains the employees? trust and confidence. Likewise, the staff must be assured that whatever transpires between the team and the employee will be kept confidential. Management must therefore guarantee anonymity to anyone who offers critical information, lest employees withhold vital information and render the data gathered inaccurate.
Systems Review
Employees and management practices will be reviewed by the assessing team according to the standard policies and guidelines of the company. The effectiveness of the controls in place as well as their appropriateness to the current operating conditions will also be evaluated.
Reporting
A documentation of the data gathered and the assessment of the evaluating team, will be submitted to the management after the review process. Flow charts and written narratives of departmental activities are usually part of this report. This is also where observations and recommendations of the team will be presented to the department heads concerned.
Review Results
While the operational review is being conducted, it is important to take into account the vital factors that affect the company: the people, processes, procedures, and strategies. These four factors can determine the company?s progress in the future.
Key Areas of focus in operation reviews
At a minimum an operational review should include the following key ares of assessment
Management Control
Responsibilities, authority, and the scope in which an employee has the freedom to act must be clearly defined and documented. A complete and specific job description for instance, would give the employee a clear perspective on how he acts and functions within the company.
Boundaries should be set not only to benefit the employer but more so the employee as well.
Moral and Ethical Guidelines
Moral and ethical guidelines are just as important to ensure for a smoother employer?employee relationship. Otherwise, personal issues such as work ethics, work attitude and personal values may post problems in the long run if such guidelines are not drawn properly before relationships are established.
Processes and procedures
Evaluating processes is only beneficial if the company itself updates its processes and procedural manuals regularly, or at least when needed. Such protocols may need revision and some steps may be obsolete already. Improving a company?s processes and procedures doesn’t always entail cost. In fact, improvised procedures may even be cost-effective and could make the processes more manageable.
Communication and reporting standards
Gaps in communication could result in serious lapses in internal controls, putting the company and/or its assets at risk. This is where the importance of timely and clear communication comes in. Likewise, reports must be useful, and the flow of information and how it is processed must keep pace with the company?s growth.
Information technology (IT) and security controls can also be included under the communication clause. Proper IT security policies must be in place, state-of-the-art protection techniques employed, and everything be documented, periodically updated, and continually monitored.
Strategic planning and tactics
No company can ever be complete without its strategies. It would unwise for any organization to proceed without first knowing where it stands and what direction it wants to take. Strategic planning draws such a map. It must be aligned to the mission and vision of the company, and should also coincide with the organizational goals set. Strategic planning deals with these three key questions:
What do we do now
Whom do we do it for?
How can we overcome competition
Without clear strategic direction, expectations would likely differ between ownership and management.
Contingency planning, testing and recovery
Contingency plans must be up-to-date, and are essential to the organization. If one course of action fails, the company should have plan B, C and so on. In addition, an organization should be prepared to respond to interference’s.
This includes establishing a formal process to review transactions processing during both disruption and recovery.
Presentation of Report
Based on your objectives and our findings, we will develop detailed recommendations to improve your company?s performance and productivity. Our written report will include a list of both short-term and long-term projected improvements and courses of action, to be mutually agreed upon by both parties.
To ensure the achievement of the improvements we outlined, our team will also assist in the implementation of these modifications.
The plan has three levels of recommendations: one for executives, another for management, and a third one for staff.
The executive summary concentrates on your company?s strengths, weaknesses, opportunities and threats to its entirety. It includes recommendations for any needed changes in policy or governance.
The management plan is based on employee feedback and includes areas of immediate improvement as well as identification of potential problem areas. Concerns from the bottom level management can now be forwarded to the top level management in formal writing. Better working relationships may evolve from this, thereby setting the work environment for a higher productivity ratio.
Lastly, the staff report deals with topics like charting the hierarchy of the organization, and discussing in detail specific control objectives that are critical to the company?s mission. Part of our goal is to encourage personnel to pay close attentions to such changes, if any, as these efforts are essential if they want to bring about both organizational and personal success.
If you would like to further discuss how our operational review services can benefit your company, please feel free to contact us at your convenience to schedule an initial consultation. We?ll be more than happy to assist you.
