PaDent Privacy Monitoring with Splunk

Similar documents
Predict, Alert, Manage, and OpDmize an Ecosystem with Splunk

Splunk Dashboard Framework What s New Nicholas Filippi Product Management, Splunk

XtreemStore A SCALABLE STORAGE MANAGEMENT SOFTWARE WITHOUT LIMITS YOUR DATA. YOUR CONTROL

MIS 5121:Enterprise Resource Planning Systems Week 2: Business Process System Components, Asser5ons, Procure to Pay

Real World Big Data Architecture - Splunk, Hadoop, RDBMS

HIPAA and HITECH Compliance Simplification. Sol Cates

Ecommerce lecture 3. Selling on the web

Leveraging Machine Data to Deliver New Insights for Business Analytics

Crowdsourcing the Matrix: Improving the Service Desk Experience and ITIL/ SDLC Processes

Deploying the Splunk App for Microso> Exchange

Who is looking at your electronic health record?

Grid CompuAng AnalyAcs with Splunk Finnbar Cunningham

End- to- End Monitoring Unified Performance Dashboard (UPD)

Splunk Company Overview

From the Datacenter to the Dean s office

View the Replay on YouTube. Sustainable HIPAA Compliance: Enhancing Your Epic Reporting. FairWarning Executive Webinar Series October 17, 2013

Splunk Apps for Monitoring Microso< Based Infrastructure

The join operation allows you to combine related rows of data found in two tables into a single result set.

SSRS Reporting Using Report Builder 3.0. By Laura Rogers Senior SharePoint Consultant Rackspace Hosting

Excel 2003, MS Access 2003, FileMaker Pro 8. Which One Should I Use?

Hunk & Elas=c MapReduce: Big Data Analy=cs on AWS

Accelera'ng Your Solu'on Development with Splunk Reference Apps

How to Leverage Splunk s Security Intelligence PlaKorm for Security OperaNons Environments

More Comprehensive Digital Intelligence - CorrelaFng Client and Server- side Data

DEPLOYMENT ROADMAP March 2015

Architec;ng Splunk for High Availability and Disaster Recovery

Achieving HIPAA Compliance with Identity and Access Management

Managing Privacy and Security Challenges of Patient EHR Portals

RESCO MOBILE CRM QUICK GUIDE. for MS Dynamics CRM. ios (ipad & iphone) Android phones & tablets

Database Migration : An In Depth look!!

SELF SERVICE RESET PASSWORD MANAGEMENT DATABASE REPLICATION GUIDE

HIPAA/HITECH Compliance Using VMware vcloud Air

Self Service Business Intelligence - how to bring Oracle and DB2 z/os data together

Deployment Best PracHces for Splunk Apps Monitoring MicrosoK- based Infrastructure

BI/Analytics for NoSQL: Review of Architectures

Oracle Database 10g Express

Cyber, Security and Privacy Questionnaire

Sustainable Compliance: A System for Ongoing Audit Readiness

Splunk for.net Developers

Vulnerability Management with the Splunk App for Enterprise Security

Data Use and the Liquid Grids Model

Implementing Electronic Medical Records (EMR): Mitigate Security Risks and Create Peace of Mind

User Replicator USER S GUIDE

Leveraging Dedicated Servers and Dedicated Private Cloud for HIPAA Security and Compliance

Business Analyst Position

Gain Control of Space with Quest Capacity Manager for SQL Server. written by Thomas LaRock

Patching, AlerFng, BYOD and More: Managing Security in the Enterprise with Splunk Enterprise

Joseph Mertz, Ph.D Teaching Professor H. John III Heinz College Dietrich College IS Program

Centralized Oracle Database Authentication and Authorization in a Directory

Splunk Cloud as a SIEM for Cybersecurity CollaboraFon

Genesee Health System RFI-Business Intelligence & Analytics with Dashboard Reporting Questions and Answers

Decoding the Big Data Deluge a Virtual Approach. Dan Luongo, Global Lead, Field Solution Engineering Data Virtualization Business Unit, Cisco

Establishing A Multi-Factor Authentication Solution. Report to the Joint Legislative Oversight Committee on Information Technology

Well-Documented Controls Reduce Risk and Support Compliance Initiatives

How To Fix A Powerline From Disaster To Powerline

Galaxy Software Addendum

ENTERPRISE BI AND DATA DISCOVERY, FINALLY

Using Splunk to Protect Pa=ent Privacy and Achieve Meaningful Use

Bi-Directional Interface between EMR and Quest Diagnostics Microsoft.NET with SQL Server Reporting Services solution for Healthcare Company

Salesforce Integration Guide

Active Directory Authentication Integration

Copyright 2013 Splunk Inc. Introducing Splunk 6

Patient Privacy and HIPAA/HITECH

Making the Most of the New Splunk Scheduler

The manual contains complete instructions on 'converting' your data to version 4.21.

Best Practices for Monitoring Databases on VMware. Dean Richards Senior DBA, Confio Software

Splunk Enterprise in the Cloud Vision and Roadmap

Transcription:

Copyright 2015 Splunk Inc. PaDent Privacy Monitoring with Splunk Davin Studer Systems Analyst, The Vancouver Clinic

Disclaimer During the course of this presentadon, we may make forward looking statements regarding future events or the expected performance of the company. We caudon you that such statements reflect our current expectadons and esdmates based on factors currently known to us and that actual events or results could differ materially. For important factors that may cause actual results to differ from those contained in our forward- looking statements, please review our filings with the SEC. The forward- looking statements made in the this presentadon are being made as of the Dme and date of its live presentadon. If reviewed aqer its live presentadon, this presentadon may not contain current or accurate informadon. We do not assume any obligadon to update any forward looking statements we may make. In addidon, any informadon about our roadmap outlines our general product direcdon and is subject to change at any Dme without nodce. It is for informadonal purposes only and shall not, be incorporated into any contract or other commitment. Splunk undertakes no obligadon either to develop the features or funcdonality described or to include any such feature or funcdonality in a future release. 2

The Vancouver Clinic Serving Southwest Washington since 1939 Locally owned and governed Comprehensive and high quality padent care My role as a Systems Analyst IntegraDon of medical systems Improvement of business processes IntroducDon 3

Agenda Who should be interested in padent privacy monitoring? Why is padent privacy monitoring Important? What are some of the opdons? How has The Vancouver Clinic approached privacy monitoring? Takeaways 4

Who should be interested in padent privacy monitoring? 5

Everyone! HIPAA (Health Insurance Portability and Accountability Act) HITECH Act (Health InformaDon Technology for Economic and Clinical Health) Other state/federal reguladons Risk of idendty theq Exposure of sensidve personal data 6

Why is padent privacy monitoring important? 7

Because the Consequences Are Very Costly 8

What are some of the opdons? 9

The Bad, The Worse and the Ugly Third- party vendors TradiDonal repordng tools Canned applicadon reports % of charts resembling Pac- Man % of charts not resembling Pac- Man Expensive Requires a dedicated report wridng team You sdll do 80-90% of Steep learning curve the work Expensive plaforms At the mercy of the vendor s Dme table 10 Siloed reports per applicadon Reports you want may not exist or can t be run Limited repordng capabilides

or the Good! One interface to search them all Easy to get the data in Searches can be created quickly VersaDle 11

The Vancouver Clinic s approach to privacy monitoring 12

Timeline of Events 2010 Splunk for IT monitoring Jan Apr 2013 Evaluated privacy monitoring vendors May 2013 Switched to Splunk Server & workstadon logs Network infrastructure ApplicaDon logs Steep upfront and on- going costs Many billed as turn- key soludons, but were not Timelines to compledon were too high We would sdll be doing 80-90% of the work! 13 Data in Splunk within two weeks MulDple reports with real data Ability to produce reports that many vendors could not provide

Process Overview EMR Report Reviewer(s) Daily ETL Process ReporDng DB Rolling 30 days Access Logs Geocoded Addresses HR System AcDve Directory Dashboards and Reports SQL scripts 14

ImplementaDon HR System Employee ID Join HRIS_AD EMPLOYEE_ID USER_NAME FIRST_NAME LAST_NAME BIRTH_DATE GENDER ADDRESS CITY STATE ZIP_CODE AcDve Directory EMR_USER EMR_USER_ID NAME - - - USER_NAME EMR_ACCESS_LOG - - - EMR_USER_ID - - - PATIENT_ID ADDRESS_GEOCODE ADDRESS CITY STATE ZIP_CODE LATITUDE LONGITUDE EMR_PATIENT PATIENT_ID FIRST_NAME LAST_NAME BIRTH_DATE GENDER ADDRESS CITY STATE ZIP_CODE Daily Geocoding Process 15

Reports Employee viewing: VIP Self Neighbor - Offline geocoded all employee and padent addresses - htp://www.datasciencetoolkit.org/ PaDent at same address Employee - Employee viewing manager - Manager viewing direct report - Employee viewing co- worker 16

Snapshot View of All Reports 17

Deep Dive InvesDgaDon 18

Lessons Learned Key/Value data is much easier to index (ex. key1= value key2= value ) If your data is in a database by all means use DB Connect Work closely with the compliance team to determine the requirements You must start with security in mind as there is PHI involved 19

Takeaways Splunk helps us fulfill HIPAA and HITECH requirements for privacy monitoring Saved over $50K + $12K yearly Easy to implement Flexibility to add reports and data sources 20

Contact Info: Davin Studer dstuder@tvc.org 21

QuesDons? 22

THANK YOU

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information