Continuous Auditing and Monitoring Leveraging Your Data for Compliance



Similar documents
Using CAAT in Compliance

Using Technology to Automate Fraud Detection Within Key Business Process Areas

Internal Control Deliverables. For. System Development Projects

Auditing Application User Account Security and Identity Management with Data Analytics

Current Uses and Trends in ACL and Data Mining

The Impact of HIPAA and HITECH

CONTINUOUS CONTROLS MONITORING

HIPAA and HITECH Compliance for Cloud Applications

Continuous Auditing with Data Analytics

An Auditor s Guide to Data Analytics

Leveraging Big Data to Mitigate Health Care Fraud Risk

MDaudit Compliance made easy. MDaudit software automates and streamlines the auditing process to improve productivity and reduce compliance risk.

Using Data Analytics to Detect Fraud

U S I N G D A T A A N A L Y S I S T O M E E T T H E R E Q U I R E M E N T S O F R I S K B A S E D A U D I T I N G S T A N D A R D S

OFFICE OF AUDITS & ADVISORY SERVICES ACCOUNTS PAYABLE VENDOR MASTER FILE AUDIT FINAL REPORT

ACL WHITEPAPER. Automating Fraud Detection: The Essential Guide. John Verver, CA, CISA, CMC, Vice President, Product Strategy & Alliances

Information Protection Framework: Data Security Compliance and Today s Healthcare Industry

Medical Assistance Provider Incentive Repository (MAPIR) - 13 State Collaborative

Compliance, Security and Risk Management Relationship Advice. Andrew Hicks, Director Coalfire

These are some labor burden test queries that auditors can make if they have the contractor s or vendor s labor burden breakdown:

Securing Patient Portals. What You Need to Know to Comply With HIPAA Omnibus and Meaningful Use

Internal Audit Practice Guide

REGULATORY CHANGES DEMAND AN ENTERPRISE-WIDE APPROACH TO DISCLOSURE MANAGEMENT OF PHI

Advanced Forms Automation and the Link to Revenue Cycle Management

Business Associate Management Methodology

Using Computer Assisted Audit Techniques For More Effective Compliance Auditing and Monitoring In Healthcare Organizations

REALIZING MAXIMUM BENEFITS FROM GOVERNANCE, RISKS AND COMPLIANCE (GRC) TOOLS

Who is looking at your electronic health record?

NEW PERSPECTIVES. Professional Fee Coding Audit: The Basics. Learn how to do these invaluable audits page 16

Information Security Governance:

Use of Data Extraction & Analysis Software In a Financial Statement Audit

Continuous Controls Monitoring ISACA, Houston Chapter. August 17, 2006

Agenda 3/7/ ERM Symposium March 14 16, Continuous Controls Monitoring. I. Changes In Corporate Environment

What Virginia s Free Clinics Need to Know About HIPAA and HITECH

Eric Moriak - CISSP, CISM, CGEIT, CISA, CIA Program Manager - IT Audit Children s Medical Center Dallas. Dallas, Texas

Leveraging data analytics and continuous auditing processes for improved audit planning, effectiveness, and efficiency. kpmg.com

Integration for your Health Information System

Inpatient EHR. Solution Snapshot. The right choice for your patients, your practitioners, and your bottom line SOLUTIONS DESIGNED TO FIT

Feature. Multiagent Model for System User Access Rights Audit

Fire Department Overtime Audit Report

AGA Kansas City Chapter Data Analytics & Continuous Monitoring

How to select a practice management system

Internal Auditing & Controls. Examination phase of the internal audit Module 5. Course Name: Internal Auditing & Controls

A SELECTICA GUIDE ALL THINGS STARK LAW WHAT IS STARK LAW, AND HOW CAN CONTRACT MANAGEMENT SOFTWARE HELP YOU COMPLY?

Information overload: How to make data analytics work for the internal audit function

Securely Yours LLC Top Security Topics for Sajay Rai, CPA, CISSP, CISM

Tom Deas, Jr. MD, MMM. Karen Van Wagner, Ph.D. Executive Director, North Texas Specialty Physicians

Transformational Data-Driven Solutions for Healthcare

Internal Audit Quality Assessment. Presented To: World Intellectual Property Organization

Data Analytics Leveraging Data Visualization and Automation in Audit Real World Examples

THE ABC S OF DATA ANALYTICS

HIPAA Security. 1 Security 101 for Covered Entities. Security Topics

Information & Asset Protection with SIEM and DLP

Data & Analytics in Internal Audit. January 13, 2015

Preventing Healthcare Fraud through Predictive Modeling. Category: Improving State Operations

Best Practices for Protecting Sensitive Data in an Oracle Applications Environment. Presented by: Jeffrey T. Hare, CPA CISA CIA

Presenters. How to Maximize Technology to Improve Care and Reduce Cost 9/17/2015

S24 - Governance, Risk, and Compliance (GRC) Automation Siamak Razmazma

Financial Management TRANSACTION CONTROL AND APPROVAL

Forensic Audit and Automated Oversight Federal Audit Executive Council September 24, 2009

Application Testing: Not Just for IT Auditors. Insert Logo Here

RISK ADVISORY SERVICES CONSTRUCTION AUDIT SERVICES

Fraud and Abuse. Current Trends and Enforcement Activities

AHIA HCCA Auditing & Monitoring Focus Group Defining the Key Roles and Responsibilities Corporate Compliance and Internal Audit.

Microsoft Confidential

ALERT LOGIC FOR HIPAA COMPLIANCE

Qi Liu Rutgers Business School ISACA New York 2013

HITRUST CSF Assurance Program

CA Technologies Healthcare security solutions:

Comptroller of Maryland Information Technology Division Annapolis Data Center Operations

Innovative Projects: Big Data Revisited (An ACHE Qualified Education (Cat II), 1.0 Hour CEU)

Data Management Practices for Intelligent Asset Management in a Public Water Utility

Open Platform. Clinical Portal. Provider Mobile. Orion Health. Rhapsody Integration Engine. RAD LAB PAYER Rx

Case Study Success with a. into a Corporate Integrity Agreement (CIA)

Transcription:

Continuous Auditing and Monitoring Leveraging Your Data for Compliance A Phyllis Patrick & Associates LLC White Paper April 2014 Gail Hormats, B.S., M.B.A., C.I.A., C.I.S.A., C.R.M.A., C.A.D.A. Automated Continuous Testing and Monitoring Ad-hoc Testing and Monitoring Manual Testing and Monitoring

Executive Summary Data analysis solutions, including automated continuous auditing and monitoring approaches, can enable information security and privacy compliance. This is a new trend and one that we predict will not only leverage the resources of information security and privacy programs, but will evolve the programs to a higher level of credibility and sustainability through the use of analytic tools and reporting. In this paper, we will explain how continuous auditing and monitoring (CAM) can provide ongoing assurance for security, privacy, compliance and audit in your organization. We will describe some of the key tools and types of testing that will benefit your organization. CAM is a process or methodology used to test transactions based upon prescribed criteria, identify anomalies, and provide written assurance via the reporting process simultaneously with or shortly after the review. CAM employs computer aided audit techniques (CAATs) to mine data to check whether an organization s security, privacy, financial, clinical, or other controls are working to ensure regulatory compliance or to prevent fraud, waste, abuse, or errors. The deployment of these tools provides the capability for data to be checked in near real-time and the results shared with those having a need to know. One of the most common CAAT applications is ACL Analytics (ACL). ACL is a data mining and analytic application developed by ACL Services, Inc. (Vancouver, CN). Coupled with Visual Basic for Applications and Excel, ACL provides a platform for creating routines that can be scheduled to run automatically on a pre-set schedule. These routines can range from simple, such as testing applications for authorized access or dormancy, to complex analytics that verify meaningful use calculations. Other possibilities include routines that allow management to monitor compliance with level of care regulations related to an Electronic Medical Record or to identify possible invoice duplicates before they are paid. Routines can be designed such that Security, Privacy, Audit or Compliance Departments receive responses from management as a result of automated routines. Routines are designed to be a turnkey solution requiring minimal or no intervention on the part of Security, Privacy, Compliance or Audit staff. Phyllis A. Patrick & Associates LLC 2

Table of Contents What Is Continuous Auditing and Monitoring... 4 Data Analytics... 5 Success Factors... 6 Management Agreement... 6 CAAT Tools... 6 Data Availability... 6 Examples of CAM Routines... 8 Development of a CAM Routine... 9 Planning... 9 Developing Data Understanding... 9 Script and Output Report Development... 10 Moving to Production... 10 Summary... 11 Appendix A Sources... 12 Appendix B About the Author... 12 Phyllis A. Patrick & Associates LLC 3

What Is Continuous Auditing and Monitoring? The Institute of Internal Auditors defines Internal Audit as an independent, objective assurance and consulting activity designed to add value and improve an organization's operations... bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. Audit is the application of a methodical process to gathering and analyzing processes to ensure that controls exist to mitigate risk. Audit is generally the responsibility of the Internal Audit Department. Merriam Webster defines monitor as to watch, keep track of, or check usually for a special purpose. 1 The Environmental Protection Agency (EPA) defines monitoring as measurement data or other information for assessing performance against a standard or status with respect to a specific requirement. 2 Thus, monitoring is the routine collection or review of data to ensure that operations are functioning properly. Monitoring is a responsibility of operational management, which generally includes Security, Privacy and Compliance departments. Merriam-Webster defines continuous as continuing without stopping: happening or existing without a break or interruption; marked by uninterrupted extension in space, time, or sequence 1 In an automated, continuous auditing and monitoring (CAM) process, however, continuous can better be defined as done repetitively, on a pre-defined schedule. It is continuous, in the sense that, compared to a traditional audit or review which may be done annually or less frequently, CAMs occur routinely on a set schedule. CAM is used to test transactions based upon prescribed criteria, identify anomalies, and provide written assurance via the reporting process simultaneously with or shortly after the review. CAM has also been defined as the automated and frequent analyses of data through the use of computer assisted audit tools (CAATs) and other audit techniques. CAM employs CAATs to check whether an organization s data is processed correctly and determines whether internal controls are working to prevent errors and fraud. As noted above, deployment of these tools provides the capability for controls to be checked in near real-time and the results shared with those having a need to know. Use of these tools also allows testing of complete populations not just sampling. Putting these tools in place provides assurance regarding the integrity of information at given points in time and provides constant checking for issues, errors or fraud. CAM may be used to audit controls or it may be used to strengthen compliance monitoring. Phyllis A. Patrick & Associates LLC 4

Data Analytics According to the Institute of Internal Auditors, Data analysis is the process of identifying, gathering, validating, analyzing, and interpreting various forms of data within an organization to further the purpose and mission... 3 ISACA indicates that data analytics allow enterprises to make better business decisions and increase competitive advantage. 4 In the security and privacy arena, data analytics can provide assurance that data integrity is maintained and that the date is appropriately protected. Data analytics can also help to ensure that employees are complying with regulations and that the information is properly reported. Data analysis technologies are computer programs the reviewer or auditor uses to process data of significance in order to improve the effectiveness and efficiency of the review process. When data analysis is being used, the overall objective and scope of a review does not change. Data analytics can also be used to develop controls to ensure that a process is functioning as designed. For example, data analytics can be used to create alerts if employees access patient data outside of job needs that is, an alert concerning a potential patient privacy breach and/or violation of an organization s Minimum Necessary Policy. The use of data analytic tools ranges in maturity from ad-hoc to a vigorous continuous (or at least repetitive) monitoring. A capability or maturity model describes process components that are believed to lead to better outputs and better outcomes. A low level of maturity implies a lower probability of success in consistently meeting an objective while a higher level of maturity implies a higher probability of success. 5 ACL Figure 1: Audit Analytic Capability Model Source: ACL Services, LTD. The Audit Analytic Capability Model (AACM) in Figure 1 shows the stages of CAM development. At the basic Data Analysis level (1), analytics are typically ad-hoc and mostly used during a single audit for simple summarizations of data. At the Applied Analytics level (2), analytics are still ad-hoc but more comprehensive, and integrated into the audit process. At the Managed Analytic level (3), analytics are a core part of the audit process. Data analyses may occur near real-time, are maintained in a central repository, and are often scripted. Although an individual generally initiates testing, analysis at this level is repeatable and sustainable. Phyllis A. Patrick & Associates LLC 5

At the Continuous Auditing level (4), suites of tests are in production and run in an automated, or near automated fashion. Testing is now real-time or near real-time. This increases the ability of Security, Privacy, Compliance, and Audit Departments to more effectively and efficiently identify and share opportunities for improvement (OFI) with management. The Continuous Monitoring level (5) moves automated analytics away from the Audit Department and into management s responsibility. The analytics at this stage are used by management to continuously or near continuously monitor a process. Together, continuous auditing and continuous monitoring provide management with continuous assurance that processes security, privacy, and business controls are functioning as designed. This assures that fraud, waste, and abuse are likely to be identified and corrected, and that the organization is complying with required laws and regulations. Success Factors A number of factors must be in place for a CAM routine to be successfully implemented. The three key factors are management agreement, CAAT tools, and data availability. Management Agreement A successful CAM routine requires management agreement. A CAM routine will identify conditions that need a response, e.g., a possible breach will need to be investigated, a user s access may need to be terminated, or revenue may need to be returned to a payer. Additionally, business processes may need to be modified or changed based on the results of the CAM process. CAAT Tools Many healthcare organizations use ACL. ACL permits data analysis without changing the original data and while tracking each step in the analysis (maintaining an audit log). ACL has a scripting language that allows the development of programs to facilitate repetitive or near continuous testing. Visual Basic for Applications and the use of a job scheduler extends the ability of ACL to create a completely automated CAM. Other CAAT tools that can be used include IDEA, a data analytic tool similar to ACL, and Excel or any other spreadsheet application. As data sets become more complex (what is referred to as big data), more elaborate data analytic tools are required. These include, but are not limited to, SAS (Statistical Analysis System), HADOOP (big data strings), and NoSQL (representing different database technologies). Data Availability The CAM process relies on obtaining and analyzing data from various sources, including computer applications, spreadsheets, lists, and even Adobe files. Key applications used in many CAM routines are defined in Figure 2 below. Data may be in the form of a stand-alone file, an ODBC connection into the application s database, or a direct link into the application s database. Phyllis A. Patrick & Associates LLC 6

Figure 2: Common Applications Used in CAM Routines APPLICATION 1. Electronic Medical Record PURPOSE Contains clinical information, including physician orders. Information can be used for many CAM routines including but not limited to meaningful use validation, PHI mapping, and revenue recovery. Examples include EPIC, Cerner, and Meditech. 2. Data Loss Prevention Used to detect potential data breach or ex-filtration transmissions and prevent them by monitoring, detecting and blocking sensitive data while in-use, in-motion, and at-rest. Can be used in conjunction with PHI mapping and CAM routines to strengthen safeguards and minimize data leakage risks, due to workforce error. Examples include Cisco, Symantec, and McAfee. 3. Physician Billing System Usually includes a combined Provider Patient Registration, Scheduling, Accounts Receivable, and Billing System. An example is IDX. 4. Facility Billing System Usually is a combined Master Patient Index, Hospital Patient Registration and Accounts Receivable System. Two examples are SMS and Meditech. 5. Reimbursement Results 6. Badge/Security Identification Contains hospital paid claims data used in billing reviews (i.e. RAC); generally is the 835 reimbursement file data or an application that aggregates this information such as The Advisory Board Company s Revenue Integrity Compass. Used to assign and track physical access to the organization s property; may or may not be the application that actually prints the badges. An example is Premisys. 7. Time Application Employee time capture. One of the most commonly used is KRONOS. 8. Enterprise Resource Management System (ERM) The major financial application(s) used to manage the organization. Generally consists of General Ledger, Asset Management, Purchasing, and Accounts Payable modules. Examples include Lawson, Oracle Financials, and Meditech. 9. HRMIS Human Resources Information Management System (including employee data, payroll and benefits. Examples include Oracle HRMIS and PeopleSoft. 10. Research or Project Application(s) that contain research or project related information such as special purpose fund budgets or construction budgets. Phyllis A. Patrick & Associates LLC 7

Examples of CAM Routines Following are examples of CAM routines, organized by review focus: Security and Privacy, Compliance, and Audit. This list is a starting point for determining how you can use data analytics and CAM tools to meet auditing and monitoring objectives throughout an organization. Information security and privacy officers, internal auditors, compliance officers, quality officers, safety officers, and other functional areas can leverage the value of these tools and processes to identify potential issues and analyze data in new and creative ways while improving programs and reporting results. Security and Privacy Meaningful Use - Validate meaningful use attestation calculations, determining accuracy of payments and requests for incentive monies from CMS and state Medicaid agencies. PHI Mapping - Identify where protected health information (PHI) resides in systems, on devices, in network drives, and other areas. Use information to develop strategies for minimizing data leakage. Logical Security Access Testing - Test additions, transfers, and terminations of users. Test dormancy, last login, and unapproved access. Business Associate Agreements (BAA) - Assist in developing and testing BAA Inventories and determining high-risk vendors. Data Breach - Develop tests and alerts to identify possible data breaches. This is particularly useful to test applications other than the electronic medical record, i.e., interfacing systems that provide lab, radiology, and other diagnostic results. Compliance Revenue Recovery and Protection - Compare group practice and facility billing for missing revenue either by the hospital or physician s group practice (usually organization based) and identify mismatched data that may lead to compliance concerns. These types of CAM routines are particularly effective in areas such as Surgery, Interventional Radiology, Cardiac Catheterization, Electrophysiology Laboratory, and other high-dollar clinical areas. Outcomes Reporting - Compare clinician documentation and use electronic health record (EHR) modules to determine potential over-coding, cloning, errors, and other issues related to EHR integrity. Level of Care - Compare EHR and patient accounting systems (daily and quarterly) to ensure level of care is billed appropriately. The value is captured by using a quarterly look back comparing the daily accounts to the actual reimbursement received. Exclusions - Test personnel inclusion on Federal and State exclusion lists. This routine can be fully automated if employee and physician social security numbers (SSN) are available for comparison to the exclusion lists. If only names and addresses are available, a final manual check must be made by comparing the SSN of the hit to the employee or physician SSN. Phyllis A. Patrick & Associates LLC 8

Physician Contracting - Validate that payments to and from physicians do not violate Stark and Anti-Kickback Laws, including lease payment testing. 72-hour Rule Testing - Provide assurance that all charges that fall within the 72-hour rule are rolled into a single bill. Human Resources (HR) - Test for compliance with labor regulations and an organization s policies including minimum wages and employees paid as vendors. Audit Overtime - Develop tests to ensure excess overtime has not been charged. Pension Validation - Test that pension payments have been properly calculated. General Ledger Analyze the trial balance roll-forward and anomalous transactions. Accounts Receivable - Test the accounts receivable aging. Accounts Payable - Test possible upcoming duplicates and provide a look back to identify any already paid duplicates. Vendor Master File (VMF) - Test the VMF data integrity including but not limited to dormant and duplicate vendors and missing data. Development of a CAM Routine The continuous audit approach used to develop a CAM routine consists of five major stages: Planning Understanding process / data Developing scripts Developing reports Implementing routine into production Each phase is important and plays a key role in continuous auditing and monitoring. Planning The planning phase involves developing a general understanding of the process being considered for CAM and identifying potential testing routines. During the planning phase the scope and objectives of the CAM routine are documented. Approximately 5% of the project time is spent in planning. Developing Data Understanding In developing data understanding, the CAM developer works with the subject matter experts and Information Systems Departments to identify the specific data needed and to determine how it is stored. During this phase, one or more sample data files are produced, and the automated extraction schedule and storage location are defined. If sensitive data is involved (e.g. protected health information or employee social security numbers), protective measures such as limited access shared drives, are established. This phase represents about 30% of the project. Phyllis A. Patrick & Associates LLC 9

Script and Output Report Development The script and output report development phases are intertwined. During these phases, data analytics are programmed and results validated with subject matter experts. The final format of the output report and any required management response(s) are defined and developed. Together, these two phases comprise about 50% of the project. Moving to Production The last phase is the move to production. During this phase, instructions for maintaining the CAM routine are developed and shared with the responsible parties. Also, if required, the developer creates the code needed for ensuring the routine runs on the agreed schedule. This phase encompasses 15% of the project. Figure 3 shows the process flow of a continuous audit or monitoring project from start to completion depicted by stage. Click on Figure 3 below to see a larger version. Figure 3: Continuous Audit and Monitoring Process Flow Source: Gail Hormats, C.I.A., C.I.S.A., A.C.D.A. and Feline O Gorman, C.P.A., A.C.D.A., Case Study: Continuous Audit Recovers Lost Cardiac Catheterization Laboratory Revenue, New Perspectives, Association of Healthcare Internal Auditors, Fall 2011. Phyllis A. Patrick & Associates LLC 10

Summary This white paper explains automated continuous auditing and monitoring (CAM) and describes how it can be used to facilitate security and privacy compliance, as well as other compliance and audit functions. As noted earlier, there are five stages of maturity in the development of using data analytics for ongoing auditing and monitoring. Together, the two most mature stages provide continuous assurance that processes are functioning as designed. A five-stage process (planning, understanding data, developing scripts, developing output reports, and moving CAMs to production) provides the methodology for developing automated CAM routines. While CAM routines and CAAT tools have been used in internal and financial functions for many years, use of these tools and techniques to achieve data analytics objectives is new for security, privacy, and related functions such as, meaningful use, PHI mapping, data integrity in EHRs and other systems, and vendor risk assessment. We are confident that these tools will provide the key to improving and sustaining security and privacy programs and related functions by providing compliance measures, new reporting capabilities, and an effective adjunct to an organization s risk analysis and risk mitigation programs. Phyllis A. Patrick & Associates LLC 11

Appendix A Sources 1 http://www.merriam-webster.com/ 2 Environmental Protection Agency, Technology Transfer Network Clearinghouse for Inventories & Emissions Factors http://cfpub.epa.gov/oarweb/mkb/basic_information.cfm 3 Altus J. Lambrechts, C.I.S.A., C.R.I.S.C., Jacques E. Lourens, C.I.A., C.I.S.A., C.G.E.I.T., CRISC, Peter B. Millar, and Donald E. Sparks, C.I.A., C.I.S.A., The Institute of Internal Auditors Global Technology Audit Guide (GTAG ) 16 : Data Analysis Technologies, August 2011. 4 Generating Value from Big Data Analytics, ISACA, 2014. 5 IPPF Practice Guide Selecting, Using, and Creating Maturity Models: A Tool for Assurance and Consulting Engagements, The Institute of Internal Auditors, July 2013. The ACL Audit Analytic Capability Model, ACL, 2013. http://www.acl.com/pdfs/white_paper_aacm.pdf Gail Hormats C.I.A., C.I.S.A., A.C.D.A. and Feline O Gorman C.P.A., Case Study: Continuous Audit Recovers Lost Cardiac Catheterization Laboratory Revenue, New Perspectives, Association of Healthcare Internal Auditors, Fall 2011. Gerard (Rod) Brennan, Ph.D., Continuous Auditing Comes of Age, ISACA, 2008. David Coderre, Royal Canadian Mounted Police (RCMP), The Institute of Internal Auditors Global Technology Audit Guide 3: Continuous Auditing: Implications for Assurance, Monitoring, and Risk Assessment, July 2005. Practice Advisory 2320-4: Continuous Assurance, The Institute of Internal Auditors, June 2013. Appendix B About the Author Gail Hormats, B.S., M.B.A., C.I.A., C.I.S.A., C.R.M.A., C.A.D.A. Ms. Hormats served as Project Leader (Audit Services), as Manager of Audit Services, and most recently, as Manager of Audit and Compliance at Baystate Health. In her roles at Baystate Heath, she developed and managed the Continuous Audit and Monitoring Program. The program averaged direct recoveries or revenue protection of approximately $7.5 million annually. Prior to working for Baystate Health, Ms. Hormats was the Associate Director of IT Audit for the University of Massachusetts where she introduced Computer Aided Audit Techniques using ACL. Ms. Hormats has held audit positions at Boston Medical Center, John Hancock Financial Services, Boston Children s Hospital and the University of Massachusetts Medical Center. Ms. Hormats is a member of the Institute of Internal Auditors, the Association of Healthcare Internal Auditors, and ISACA. She has served as the Chair, Technology Committee for the Association of Internal Auditors and program coordinator for ISACA. Phyllis A. Patrick & Associates LLC 12

Phyllis A. Patrick & Associates LLC partners with Gail Hormats to provide this service. Ms. Hormats is passionate about the use of data and data analytics to foster robust information security and privacy programs, and to identify and reduce risks associated with confidential information its creation, use, storage, and maintenance. Office: 1-508-769-2618 Mail: gail@phyllispatrick.com Phyllis A. Patrick & Associates LLC 13

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information