Employee Snooping

password.png

Patient Privacy Breaches are an all too common occurrence in today's Healthcare environment. One specific breach type is categorized as "snooping," a case in which an employee has violated federal law by viewing patient records they were not authorized to access. SPHER maintains detectors that examine the daily activity of each credentialed user and looks for the anomalies typically associated with an employee looking at a family member, relative, neighbor or co-worker's medical record. In 90% of our "Go-Live" activities, SPHER will identify multiple instances of employees looking at medical records where they had no workflow related reason for the access. As a result of an OCR investigation, any CE/BA can be fined up to $1.5 million per HIPAA snooping violation in the case of willful neglect, in addition to individual lawsuits which may result from the breach notification process.


Time of Access

clockwork orange.png

The activity associated with logging in after hours and gaining unauthorized access to records of patients is often a strong indicator of malfeasance and a HIPAA violation. An employee stopping in to the office on a weekend to complete the diagnostics and reporting on a patient visit, while admirable, may be against corporate access policies and procedures, or worse, a breach. Late night remote log-in activity, accessing patient records during times the user is normally not in the "system,” or simply access from an unknown IP Address could be be the trigger that allows SPHER to detect the activity and Alert the Compliance/Security Officer to the probability of an unauthorized access Event.


Records Per Hour

thumbnail_folder (1).png

In the event of a large volume of medical records being accessed and exfiltrated from a healthcare facility system, the Covered Entity would want to be Alerted to the Incident. SPHER creates a behavioral map of each user’s record access profile, looking for instances when the volume of record would be out of the normal pattern of the user, and thus, indicative of potential malfeasance and a breach. Whether it’s accessing 1500 records to email to someone outside of the workflow process, or attempting to access and print thousands of medical records which could then be passed on to someone for use in tax fraud or an identity theft scenario, SPHER is constantly monitoring the user’s access to the records and alerting the Privacy Officer to the incident in a timely manner that is consistent with State and Federal breach reporting laws and regulations.