– QUICK ANSWERS TO COMMON QUESTIONS –
WHAT DOES EHR STAND FOR?
Electronic Health Records
WHAT IS AN ACCESS LOG?
A record of each time a user accesses a piece of sensitive data within the EHR..
WHAT IS PHI?
PHI stands for Protected Health Information or Personal Health Information and is any health information held by a covered entity which concerns health status, provision of health care, or payment for health care that can be linked to an individual. In short, PHI includes any part of an individual’s medical record, or payment history.
WHAT IS EBAS?
The Maize Analytics Explanation-Based Auditing System uses data-mining algorithms to determine if the access of PHI is explained or suspect.
DOES PHI LEAVE THE HOSPITAL NETWORK?
No, PHI stays within the virtual machine. EBAS only contacts a server to verify credentials and log usage of the tool.
MY EHR IS HOSTED IN THE CLOUD. CAN I STILL USE EBAS?
Yes, EBAS can be installed with your current cloud hosting vendor. Let us know who you are using, and we’ll get them set up.
HOW CAN EBAS HELP?
EBAS is designed to work with your current auditing system and improve its efficiency, reducing the burden on privacy officers to perform manual audits and allowing more attention to be spent on suspicious activity.
CAN I TEST EBAS BEFORE PURCHASING THE SOFTWARE?
Yes! Request a free trial here.
HOW DOES EBAS INTEGRATE WITH EHRS?
Current deployments use EMR reporting systems (e.g., Epic’s Clarity) to extract information for auditing to a text file, which can be easily loaded into EBAS.
HOW LONG DOES IT TAKE TO INSTALL EBAS?
You can be up and running in less than 30 minutes. Simply download the Virtual Box software, download EBAS, and start the virtual machine. That’s it!
DOES EBAS OPERATE VIA THE CLOUD?
No. EBAS integrates seamlessly and securely with your current EHR. No PHI leaves your healthcare network.
IS IT DIFFICULT TO CREATE EXPLANATIONS FOR ACCESS?
No, EBAS automatically finds explanations for access from the data you upload. You can then approve those explanations that are valid, disregarding the rest.
DO PATIENTS INTERACT WITH EBAS?
No, patients do not use the tool, but can request from their hospital’s privacy office an access report detailing the history of accesses to their medical record. EBAS attempts to enhance these access reports with text descriptions that state why each access occurred.
WHAT IS HIPAA?
HIPAA stands for the Health Insurance Portability and Accountability Act. It provides the ability to transfer and continue health insurance coverage for individuals when a job is lost or transferred, reduces health care fraud, mandates standards for health care information and protects the confidentiality of healthcare records.
WHERE CAN I LEARN MORE ABOUT HIPAA AND OTHER PRIVACY LAW?
WHAT IS HITECH?
HITECH stands for Health Information Technology for Economic and Clinical Health Act. It designates standards for the privacy of electronic health information and breach notification to consumers. HITECH requires HHS to conduct audits of compliance with the HIPAA Privacy, Security, and Breach Notification Rules. HHS Office for Civil Rights (OCR) enforces these rules.