Disadvantages of Spreadsheets – Obstacles to Compliance in the Healthcare Industry

Most of the regulatory compliance issues we talked about concerning spreadsheets have been related to financial data. But there are other kinds of data that are stored in spreadsheets which may also cause regulatory problems in the future.

In the US, a legislation known as HIPAA or Health Insurance Portability and Accountability Act is changing the way health care establishments and practitioners handle patient records. The HIPAA Privacy Rule is aimed at protecting the privacy of individually identifiable health information a.k.a. protected health information (PHI).

Examples of PHI include common identifiers like a patient’s name, address, Social Security Number, and so on, which can be used to identify the patient. HIPAA covers a wide range of health care organisations and service providers, including: health plan payers, health care clearing houses, hospitals, doctors, dentists, etc.

To protect the confidentiality, integrity, and availability of PHI, covered entities are required to implement technical policies such as access controls, authentication, and audit controls. These can easily be implemented on server-based systems.

Sad to say, many health care organisations who have started storing data electronically still rely on spreadsheet-based systems. Those policies are hard to implement in spreadsheet-based systems, where files are handled by end-users who are overloaded with their main line of work (i.e. health care) and have very little concern for data security.

In some of these systems, spreadsheet files containing PHI may have multiple versions in different workstations. Chances are, none of these files have any access control or user authentication mechanism whatsoever. Thus, changes can easily be made without proper documentation as to who carried out the changes.

And because the files are normally easily accessible, unauthorised disclosures – whether done intentionally or accidentally – will always be a lingering threat. Remember that HIPAA covered entities who are caught disclosing PHI can be fined from $50,000 up to $500,000 plus jail time.

But that’s not all. Through the HITECH Act of 2009, business associates of covered entities will now have to comply with HIPAA standards as well. Business associates are those companies who are performing functions and services for covered entities.

Examples of business associates are accounting firms, law firms, consultants, and so on. They automatically need to comply with the standards the moment they too deal with PHI.

 

More Spreadsheet Blogs

 

Spreadsheet Risks in Banks

 

Top 10 Disadvantages of Spreadsheets

 

Disadvantages of Spreadsheets – obstacles to compliance in the Healthcare Industry

 

How Internal Auditors can win the War against Spreadsheet Fraud

 

Spreadsheet Reporting – No Room in your company in an age of Business Intelligence

 

Still looking for a Way to Consolidate Excel Spreadsheets?

 

Disadvantages of Spreadsheets

 

Spreadsheet woes – ill equipped for an Agile Business Environment

 

Spreadsheet Fraud

 

Spreadsheet Woes – Limited features for easy adoption of a control framework

 

Spreadsheet woes – Burden in SOX Compliance and other Regulations

 

Spreadsheet Risk Issues

 

Server Application Solutions – Don’t let Spreadsheets hold your Business back

 

Why Spreadsheets can send the pillars of Solvency II crashing down

?

Advert-Book-UK

amazon.co.uk

?

Advert-Book-USA

amazon.com

 

Check our similar posts

What Energy Management Software did for CDC

Chrome Deposit Corporation ? that’s CDC for short ? reconditions giant rollers used to finish steel and aluminium sheets in Portage, Indiana by applying grinding, texturing and plating methods. While management was initially surprised when the University of Delaware singled their plant out for energy assessment, this took them on a journey to bring energy consumption down despite being in an expansion phase.

Metal finishing and refinishing is an energy-intensive business where machines mainly do the work while workforces as small as 50 individuals tend them. Environmental impacts also need countering within a challenging environment of burgeoning natural gas and electricity prices.

The Consultant’s Recommendations

The University of Delaware was fortunate that Chrome Deposit Corporation had consistently measured its energy consumption since inception in 1986. This enabled it to pinpoint six strategies as having potential for technological and process improvements.

  • Insulate condensate tanks and pipes
  • Analyse flue gas air-fuel ratios
  • Lower compressed air pressures
  • Install stack dampers on boilers
  • Replace belts with pulleys and cogs
  • Fit covers on plant exhaust fans

CDC implemented only four of the six recommendations. This was because the boiler manufacturer did not recommend stack dampers, and the company was unable to afford certain process automation and controls.

Natural Gas Savings

The project team began by analysing stack gases from boilers used to heat chrome tanks and evaporate wastewater. They found the boilers were burning rich and that several joints in gas lines were leaking. Correcting these issues achieved an instant gas saving of 12% despite increased production.

Reduced Water Consumption

The team established that city water was used to cool the rectifiers. It reduced this by an astonishing 85% by implementing a closed-loop system and adding two chillers. This also helped the water company spend less on chemicals, and energy to drive pumps, purifiers and fans.

Summary of Benefits

Electricity consumption reduced by 18% in real terms, and natural gas by 35%. When these two savings are merged they represent an overall 25% energy saving. These benefits were implemented across the company?s six other plants, resulting in benefits CDC management never dreamed of when the University of Delaware approached them.

ecoVaro offers a similar data analytics service that is available online worldwide. We have helped other companies slash their energy bills with similarly exciting results. We?ll be delighted to share ideas that only data analytics can reveal.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
Do you really need a Cloud Broker?

A cloud broker is someone who can serve as your trusted adviser when it comes to your dealings with a cloud service provider. Sort of an IT consultant who: is familiar with cloud computing, can negotiate a mutually beneficial relationship between you and a provider, and help you manage usage, performance and delivery of cloud services.?But do you need one?

Is it even time for cloud adoption?

Of course, if you haven’t even started considering moving your IT systems to the cloud, what’s the point of reading this article, right? Well, if you’re running a business in Ireland or the UK maybe you should start thinking about it. The benefits (of moving to the cloud) are simply overwhelming. But then that’s for another post.

For now, let’s just briefly talk about the rate of cloud adoption so far. This should give you an idea what other decision makers nearby think about cloud computing and what they’ve done in this regard so far.

According to research conducted by the Cloud Industry Forum (CIF), the number of first-time users of cloud computing in the United Kingdom has risen by about 27% compared to last year.

The study, which was carried out by research company Vanson Bourne and which involved IT decision-makers from both the private and public sector in UK, also showed that 61% of companies are subscribing to cloud-based services. A similar research conducted last year (2011) revealed only 48%.

In Ireland, plans are underway to adopt cloud computing. According to Pricewaterhouse Coopers, 75% of Ireland’s CIOs and IT directors are already adopting a cloud computing strategy.

Definitely, the number of cloud adopters is growing. If that number already includes your hottest competitor, then perhaps there’s no time to waste.

But while a migration to the cloud should be in your pipeline, it shouldn’t be something you should rush into. Generally speaking, there are at least three kinds of services offered by cloud service providers: IaaS (Infrastructure as a Service), PaaS (Platform as a Service), and SaaS (Software as a Service).

Some providers offer variations of these services. You might only need one type of service or a little of everything. There are also technical and regulatory compliance issues that need consideration.

Obviously, if you have no idea where or how to start, you’ll need someone who can help you. But what kind of help do you need?

Let’s proceed by talking about the kinds of services cloud brokers offer as these are obviously indicative of the needs of current cloud customers.

What cloud brokers do?

Cloud brokers offer three main types of services.

Cloud?inter-mediation

Cloud inter-mediation services are designed to add value to existing services and improve capabilities. ?Examples of cloud inter-mediation include managing access to cloud-based services, carrying out performance reporting, and establishing stronger security.

Cloud aggregation

As mentioned earlier, some cloud customers may end up subscribing to multiple cloud services; most likely from different cloud service providers. To get optimal return on their various cloud subscriptions, these customers will need to apply data integration and make these disparate systems work together. They will also have to make sure data flowing from one system to another is kept secure. This is where cloud aggregation comes into play.

Cloud arbitrage

This entails finding the best cloud service provider(s) to solve a particular problem. One example is comparing different providers offering data storage services and identifying the one offering the most competitive rates.

Other cloud arbitrage brokers develop new solutions by combining the services of different cloud service providers and then offer them to cloud customers. While there are similarities between cloud arbitrage and cloud aggregation, the former is more flexible and allows the customer to transfer from one provider to another where conditions are more favourable.

Problems a cloud broker can help you solve

Just like with natural clouds, your experiences in cloud computing won’t be all white and fluffy. You’ll also encounter gray and uncertain (or even stormy) clouds.

One major issue in cloud computing is cloud security. In fact, cloud security (or the apparent lack of it) is the one thing that’s really clouding up the sky of cloud computing. But that doesn’t mean the cloud is totally insecure. Besides, there are certain types of information that really don’t require a high level of security. These types you can easily migrate to the cloud.

For sensitive information, you really need to conduct due diligence to make sure your cloud service providers’ data centres are secure enough.

Where exactly will your data be stored? Are there enough provisions for regulatory compliance? How will your data be segregated? Does the infrastructure readily support ?data forensics? Is there a sound disaster recovery/business continuity plan? These are just some of the questions that need clear answers before you sign a contract with a cloud service provider.

Suggested reading: 9 Cloud Security Questions You Need To Ask Service Providers

Also, before you sign, you need to study the SLA (Service Level Agreement) very carefully. Look at the guaranteed uptime. Is it enough to meet your own desired service levels?

Bear in mind that the answers to these questions may be too technical. This is one of those instances when a cloud broker can come in handy. As your trusted adviser, your cloud broker can break down the technical jargon and present everything in a language that you can make intelligent decisions from.

A cloud broker will also be able to study the cloud provider’s security architecture and policies and determine whether they’re sufficient to meet your own security requirements. Basically, a cloud broker will not only help you obtain answers to your questions.

He will also know exactly what vital information to extract from providers in order to ensure that you find the best deal possible.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK
Big Energy Data Management

Recent times have seen the advent of cloud based services and solutions where energy data is being stored in the cloud and being accessed from anywhere, anytime through remote mobile devices. This has been made possible by web-based systems that can usually bring real-time meter-data into clear view allowing for proactive business and facility management decisions. Some web based systems may even support multi utility metering points and come in handy for businesses operating multiple sites.

Whereas all this has been made possible by increased use of smart devices/ intelligent energy devices that capture data at more regular intervals; the challenge facing businesses is how to transform the large data/big volume of data into insights and action plans that would translate into increased performance in terms of increased energy efficiency or power reliability.

A solution to this dilemma facing businesses that do not know how to process big energy data, may lie in energy management software. Energy management software?s have the capability to analyse energy consumption for, electricity, gas, water, heat, renewables and oil. They enable users to track consumption for different sources so that consumers are able to identify areas of inefficiency and where they can reduce energy consumption, Energy software also helps in analytics and reporting. The analytics and reporting features that come with energy software are usually able to:

? Generate charts and graphs ? some software?s give you an option to select from different graphs

? Do graphical comparisons e.g. generate graphs of the seasonal average for the same season and day type

? Generate reports that are highly customisable

While choosing from the wide range of software available, it is important for businesses to consider software that has the capacity to support their data volume, software that can support the frequency with which their data is captured and support the data accuracy or reliability.

Energy software alone may not make the magic happen. Businesses may need to invest in trained human resources in order to realise the best value from their big energy data. Experts in energy management would then apply human expertise to leverage the data and analyse it with proficiency to make it meaningful to one?s business.

Ready to work with Denizon?

Contact Us Today