Scenario: You are working as an HIM manager in a large hospital in Los Angeles, CA that often treats celebrities. You have noticed an increase in employees accessing records inappropriately. The Privacy Officer is concerned about the increasing number of calls and feels that a team needs to be created to investigate the breaches. In addition, the Privacy Office feels that more aggressive monitoring of access of patient information needs to take place on an ongoing basis.
The IT department does send regular audit trail reports to you, as the HIM manager. You have noticed that these audit trails are very weak and do not contain enough information to perform a thorough investigation. Perform a search using the library to find information on what should be included in the audit trail and who should be responsible for ongoing monitoring of this information. Consider how often the information should be reviewed as well.
Utilizing a memo format, write the Privacy Officer of your facility indicating which departments should be included on the Audit Trail Investigative Team, how often the team will meet, what standard items should be included on the daily audit trail, how often these audit trails should be reviewed, and how the team will communicate their regular audit findings back to the Privacy Officer.
