Under HIPAA guidelines, every comprehensive healthcare strategy must include Patient Privacy Protection and User Activity Monitoring. SPHER utilizes AI and Machine Learning technologies to monitor 100% of daily user activity to provide data protection and accurately detect any unauthorized access to patient electronic Protect Health Information (ePHI). SPHER specifically addresses key HIPAA governance and compliance criteria requested in the early stages of any OCR/CMS/Civil Liability Audit.
SPHER leverages A.I. to Detect abnormal activity within the clinical application.
SPHER's Artificial Intelligence is a tool that enables healthcare compliance and privacy specialists to integrate user activity information in a new format. Our AI models extract detailed insights and patterns from audit log user data and use the resulting insights to significantly improve decision making associated with access to PHI.
SPHER Alerts you of potential unauthorized access within the EHR
SPHER utilizes Email Notifications to send Alerts that an anomaly has been detected within a user(s) usage pattern that requires direct investigation. These messages, while devoid of any specific user activity, are sent to SPHER administrators via web or mobile device interfaces. SPHER notifications can only be sent to predetermined users who have opted-in to documented privacy and security policies and procedures. Alert Notifications are used by Compliance Officers to build, engage, and enforce a culture of compliance.
SPHER incorporates Forensic Tools to determine if a Breach incident has occurred.
A Compliance or Security Officer is granted access to our dashboard where they can immediately make determinations on any suspicious activities detected and reported by SPHER's Machine Learning (ML) models. Once verified, the administrator can expand the investigation, review audit logs, inspect data visualizations and manage forensic information associated with the Incident, ultimately escalating the review up to a declaration of a Data Breach.
SPHER’s Analytics and Open API enable multiple report scenarios.
While SPHER highlights any suspicious activity to the attention of an compliance specialist, it is also creating a digitized record of the activity for subsequent review. The actions of the User and the Investigator are recorded in SPHER and maintained for seven years. The forensic tools in SPHER allow for robust detailed built-in reporting in real-time or export to any preferred environment, such as Excel.
SPHER’s Adapters streamline & automate Solution connectivity.
SPHER partners with clients and clinical application manufacturers to determine the outgoing Audit Log transfers. SPHER features a secure FTP solution that supports authentication and encryption of all data sent to SPHER. SPHER acknowledges a file was received, and ensures the file was not altered or corrupted while in transit. SPHER is maintained in a HIPAA-compliant and HITRUST certified environment to provide the highest levels of security and support.