Baxter PSAS Privacy Self Audit System An exercise in process re-engineering Jeff Bailey Winter/Spring 2006 CS 491.

Slides:



Advertisements
Similar presentations
HCQ P MEDICARES HEALTH CARE QUALITY IMPROVEMENT PROGRAM QualityNet Exchange Dennis Stricker Director, Information Systems Group Office of Clinical Standards.
Advertisements

Student Life Contracts 101 Office of Student Life.
MediTract Contract Management Software
Sustainability Implementing Sustainable Practices for Productivity Enhancement for Productivity Enhancement Presented by Ryte Byte, Inc.
Corporate Interface Architecture George Palios. Contents Outlines the activities undertaken to enhance the quality of service of the Corporate interfacing.
Notes: Update as of 1/13/2010. Vulnerabilities are included for SQL Server 2000, SQL Server 2005, SQL Server Oracle (8i, 9i, 9iR2, 10g, 10gR2,11g),
SLIDE 1 Westbrook Technologies from Fortis: A Healthcare Solution for Medical Records, Billing and HIPAA.
Solutions Summit 2014 Compliance Update Month-by-Month Compliance Obligations Mark Vogel – Chesapeake Systems.
2010 Region II Conference Corporate Compliance Panel June 3, 2010
Validata Release Coordinator Accelerated application delivery through automated end-to-end release management.
Request Material Information Use Case Item as created in Optiva. Supplier information request(s) can happen at any time. The same process works for Optiva.
 Sertifi automates the process of sending and obtaining documents for approval and signature. A completely secure web-based solution, senders and signers.
1 The IIPC Web Curator Tool: Steve Knight The National Library of New Zealand Philip Beresford and Arun Persad The British Library An Open Source Solution.
Developing a Records & Information Retention & Disposition Program:
October 1, 2005 (Rev. 10/06) Statewide Electronic Commerce Program (SECP) Electronic Funds Transfer Enrollment Process For agencies and eligible entities.
Pertemuan Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Electronic Signatures This work is the intellectual property of the author. Permission is granted for this material.
ITIL: Why Your IT Organization Should Care Service Support
For Sage MIP Fund Accounting
NOAA Financial Policy and Compliance Division 1.  Background  Purpose  Preapprovals  Validations 2.
Accounts Payables Invoice Automation for SharePoint.
Electronic Funds Transfer Enrollment Process For agencies and eligible entities desiring to participate in the State Controller’s Master Services Agreement.
Managing Offender’s Personal Property Corrections Technology Association Charleston, SC Tuesday May 8, 2007.
Electronically approve and create Suppliers in Oracle Financials using a combination of APEX and Oracle Workflow. NZOUG Conference 2010 Brad Sayer Team.
Creating Business Workflow Using SharePoint Designer 2007 Presented by Tarek Ghazali IT Technical Specialist Microsoft SQL Server MVP Microsoft SQL Server.
WIDE AREA WORKFLOW RECEIPTS & ACCEPTANCE Presented by: Jackie Shook HQ AFMC/PKS.
GEORGIA ELECTRONIC CONVICTION PROCESSING SYSTEM 1 Georgia Electronic Conviction Processing System (GECPS)
SWIS Digital Inspections Project (SWIS DIP) Chris Allen, Information Management Branch California Integrated Waste Management Board November 5, 2008 The.
ABSTRACT Zirous Inc. is a growing company and they need a new way to track who their employees working on various different projects. To solve the issue.
DBS to DBSi 5.0 Environment Strategy Quinn March 22, 2011.
Landlord Utility Services Work Instructions. To enter the portal, simply enter your assigned User ID and Password, provided by Consumers Energy. Log In.
New Grants Model Document Retention 1 District 5240 Grants Document Retention District Assembly /6/2013.
Roles and Responsibilities
Introducing Paperless Bill Management and Accounts Receivable Processing.
IT Service Delivery And Support Week Eleven – Auditing Application Control IT Auditing and Cyber Security Spring 2014 Instructor: Liang Yao (MBA MS CIA.
D5240 Document Retention System 8/20/ District 5240 The Rotary Foundation Grants Document Retention System Rotary Year
Current Projects in DTEI Presented By: Tracy Jordan.
Erie 1 BOCES / WNYRIC eBOCES applications Visit us at:
Presentation to the Information Services Board March 6, 2008 Bill Kehoe, Chief Information Officer Bill Kehoe, Chief Information Officer.
Release Management Configuration management. Release Management Goal Coordinate the processes through the project development life cycle Ensure the.
Strengthening Partnerships: Shaping the Future Portland, OR June 6 th – 10 th, 2004 MISSION: Crafting an Integrated, Streamlined & Efficient Customer Service.
Application Summary  Web Application that allows its users to keep track of their exercises.  User has full control over what exercises are visible.
DEFENSE LOGISTICS AGENCY AMERICA’S COMBAT LOGISTICS SUPPORT AGENCY DEFENSE LOGISTICS AGENCY AMERICA’S COMBAT LOGISTICS SUPPORT AGENCY WARFIGHTER SUPPORT.
Supervision SICOR Securities, Inc.. Why? NASD 3110 requires the firm to “…establish and maintain a system to supervise the activities of each registered.
SWIS Digital Inspections Project Chris Allen, Information Management Branch California Integrated Waste Management Board August 22, 2008.
An introduction to records management at Clemson University Records Center is located at the Library Depot 103 Clemson Research Blvd Anderson, S.C
HIPAA Security John Parmigiani Director HIPAA Compliance Services CTG HealthCare Solutions, Inc.
April 23, 2008 Electronic Certified Payroll Sandia National Laboratories.
Advanced Higher Computing Science The Project. Introduction Worth 60% of the total marks for the course Must include: An appropriate interface using input.
Cut down on the time it takes employees to process invoices using Square 9’s SmartSearch integration with Microsoft Dynamics GP. SmartSearch allows invoice.
Quarterly Geo/SIG Coordinator Webinar June 25, 2014.
IT Audit for non-IT auditors Cornell Dover Assistant Auditor General 31 March 2013.
Streamline your HR document management processes
Database Systems: Design, Implementation, and Management Tenth Edition
Implementation Specialists Presents
Database Management System (DBMS)
ITIL: Why Your IT Organization Should Care Service Support
ITIL: Why Your IT Organization Should Care Service Support
Solutions for Construction
WIDE AREA WORKFLOW (WAWF)
Department of Licensing HP 3000 Replatforming Project Closeout Report
Presentation to Project Certification Committee, DoIT August 24, 2008
ITIL: Why Your IT Organization Should Care Service Support
Integrated Program Management
HQ Expectations of DOE Site IRBs
REAL WORLD CASE STUDY.
Modern benefits administration and HR software, supported by us.
Agency Account Training
Presentation transcript:

Baxter PSAS Privacy Self Audit System An exercise in process re-engineering Jeff Bailey Winter/Spring 2006 CS 491

PSAS – Background ● Baxter Data Privacy and Security function requires an annual audit of all business processes, vendors, and systems to ensure compliance to global privacy policies. – HIPAA – US EU Safe Harbor – Country Specific Regulations ● Incomplete or late audit may result in temporary suspension of vendor contracts or system shut down.

PSAS - Current Process ● Process or system owner completes up to four audits. – 5 to 16 questions each. ● Completed audits are routed to the appropriate reviewer. – Transmitted via fax or intra-office mail to a Data Privacy Coordinator. – Data Privacy Coordinator identifies appropriate reviewer. – Forwarded to reviewer via fax or intra-office mail.

PSAS - Current Process ● Review Process. – Approved ● Update master approval list (Excel spreadsheet) ● Original documents are transferred to remote facility (Iron Mountain) for long term storage. ● Other copies are destroyed. – Rejected ● Audit returned to owner with comments. ● Owner makes necessary corrections. ● Audit submitted to Data Privacy Coordinator

PSAS – Problems ● Slow – Average turn around time on audits is more than five (5) weeks. ● Risky – Owners must “remember” when audits are due. – System shut-downs are not uncommon. ● Complexity – Less than half the questions can be answered without assistance. ● No access to prior audit data. ● 5% of responses differ from prior audits.

PSAS – Problems ● Reporting – Reconstructing an audit history is not possible. – Master approval list inaccurate. ● Communications – Personnel changes result in chaos.

PSAS – Solution ● J2EE web application for tracking audits and approvals. ● Corporate Integration – IBM Websphere – Application Server – Oracle 10g – Data Store – Microsoft Active Directory – Authentication ● Open Source Libraries – Webwork – Web Framework – Sitemesh – Interface Templating – Spring – Transaction Management, IoC (injection) – Hibernate – Object Relational Persistence

PSAS – Benefits ● Streamlined process – Immediate routing and notification to responsible party. ● No more confusion and delays due to lost submissions. – Focus on changes ● Improved accuracy. ● Less effort. – Eliminate procedures around storage and transfer of paper records. ● Reporting – Full audit and approval history ● Makes lawyers happy (for a change) ● Storage – NO MORE PAPER!

PSAS – Objectives ● Complete development by May 1, 2006 ● In production June 1, 2006 in time for Q2 audits. ● Data Migration (from paper) by June 30, 2006

PSAS – Progress ● Business requirements signed off. ● Application development – User interface – done – Primary flows – 85% complete – Notification system – 10% complete – Reports – not started – Data Migration – 20% complete ● Q/A – Unit tests – 85% complete – User Acceptance Testing – not started ● Deployment – Request production database – done. – Schedule deployment – not started.

PSAS – Next Steps ● Notification system. ● Reports and audit history. ● Finalize audit questions. ● Testing Testing Testing! ● Schedule deployment. ● Data migration – Paper to Spreadsheet – in progress – Spreadsheet to SQL – not started

PSAS – Screen Shots