SAN RAMON, California — July 2, 2013 — Avatier Corp., a leader in risk-driven identity management software, advises healthcare providers to leverage identity and access management best practices before digitizing medical records to avoid risk in its blog, "Dare to Go Digital: Automating HIPAA HITECH Compliance." In following this advice, healthcare providers under constant budget pressure will save time and money, reduce critical IT time, while ensuring HIPAA privacy statutes and HIPAA HITECH information technology audit requirements are met.
"While digitizing medical records is necessary to provide improved patient care, streamline operations and reduce costs, it also puts the healthcare provider at risk for a security breach. With today's binding HIPAA statutes around patient privacy, any breach can spell real trouble," said Nelson Cicchitto, chairman and CEO of Avatier. "By following identity management best practices — which include automating user provisioning protocols — healthcare providers are better able to meet their regulatory mandates and keep private information from getting into the wrong hands."
As in any industry, government and competitive bottom-line pressures force healthcare organizations to put greater focus on cutting costs and generally doing more with less. Digitizing medical records is one way to cut costs, but it also introduces privacy risks, which are closely monitored through rigorous HIPAA compliance regulations. To be effective, identity and access management programs must be automated from end-to-end. "A truly automated solution isn't one that provides partial automation only to end up generating help desk tickets that still need manual attention", Cicchitto adds.
He also points out that automating identity management and access provisioning should begin with role-based system access. If a user's role changes, the system should automatically update permissions based on the new position.
And automated access provisioning should be a centralized repository for a clean and clear identity IT audit trail. With the right tools in place, user access certification and verification audits that used to take days can be completed within hours without taxing IT staff. In an environment where HIPAA PHI compliance audits are stringent and frequent, simplified access certifications save approver aggravation and valuable time, thus allowing decision-makers to focus on more important healthcare-related activities.
Avatier is the Identity Management IT Automation Company. Our software, consulting, and cloud offerings transform the business by standardizing all identity processes through a single actionable business service catalog that integrates with on-premise and cloud technologies while ensuring IT compliance. Our easily extensible identity management platform lowers operational cost, improves security and delivers an unrivaled IT governance solution.
Founded in 1997, the company is headquartered in the San Francisco Bay area with offices in Chicago, Dallas, New York, Washington DC, London, Munich, Singapore, Dublin, and Sydney. For more information, please visit www.avatier.com and follow @Avatier on Twitter.
415-963-4082, ext. 101