The
following excerpts are from a case study that examines the
common challenges experienced
by businesses
in regards
to the Health Information Portability and Accountability
Act ( HIPAA Compliance ).
Mobridge
Regional Hospital
Monitoring Software Saves Money, Ensures HIPAA Compliance
For more than 45
years, Mobridge Regional Hospital has provided medical
care to communities surrounding the South Dakota town of
Mobridge.
“It’s
a busy environment,” said Information Technology
Director Eric Skillingstad. “We’re a small-town
community hospital with about 130 employees across a variety
of departments and clinics.”
Skillingstad oversees
a computer network running Windows 2003 Server, with approximately
50 PC clients using Windows 98, 2000 Pro, and XP.
“HIPAA was
the main push … the main reason we were looking at
software,” said Skillingstad. “Email control
is a critical issue when it comes to HIPAA. Communicating
about a friend or family member who’s in the hospital … how
they’re doing, what happened to them … that’s
a BREACH. Plus, our basic stance is that email should be
solely for work purposes … not for communications
with friends and family.
Given HIPAA guidelines
and standards, and Skillingstad’s position as the
hospital’s HIPAA Security Officer, he took the initiative
to find a way to help Mobridge Regional Hospital comply.
“I brought
the idea of activity monitoring software to management,” said
Skillingstad. “After a search on Google for auditing
software, I found Spector CNE and saw what it claimed to
do. Honestly, I thought it was a little too good to be
true … there must be a catch.”
“Spector CNE
stood out,” said Skillingstad. “And the price
was really good compared to the alternatives … far
superior to what I’ve seen. I said to myself, I’ll
give this a try.”
After testing, Skillingstad
confirmed the software did everything SpectorSoft said
it would do.
Everything
was a go,” said Skillingstad. “It was the best
choice.”
Skillingstad said
Spector CNE reports showed that a great deal of the hospital’s
inappropriate PC activity occurred during off hours.
“We found
a lot of abuse on the long overnight shifts … weekends
also,” said Skillingstad. “That’s when
people would really play around … the main daytime
workforce, not as much.”
“Everyone
was updated via a memo from me,” said Skillingstad. “Management
then met with department heads and relayed all the information.”
“Along with
many HIPAA policies, we do have a definitive Internet and
PC use policy,” said Skillingstad.
“Spector CNE
has freed up bandwidth and the network,” said Skillingstad. “It’s
so great for controlling email, Internet activity, installs,
and downloads.”
“It’s
definitely something that works well for us. I have shared
this with other HIPAA Security Officers. I have told them
how happy I am with it.”
“You’re
ahead of the game with CNE. As far as work behavior, it
makes money for you.”
 Spector CNE
(Corporate Network Edition)
Spector CNE is the
world’s leading computer and Internet monitoring
software. Spector
CNE can be configured and installed remotely FROM any computer
on the network TO
any computer on the network, and the recordings can be
viewed from ANYWHERE on the network.
Spector
CNE automatically captures and lets corporations review:
• Emails
sent and received
• Chat conversations and instant messages
• Web sites visited
• Applications launched
• Keystrokes typed
• Peer-to-peer files downloaded
• VCR-like screen snapshots
Spector CNE provides
immediate email alerts to notify the appropriate person
or persons when specified key words or sensitive phrases
appear in an email, chat, instant message, or on a web
site visited.
HIPAA
Compliance
|
