healthcaretechoutlook

Maize Analytics: Streamlined HIPAA Audits and Improved Data Security

 Daniel Fabbri, Founder & CEO
Today, compliance officers, serving in various healthcare verticals, face numerous challenges when handling electronic medical records (EMRs). With hospitals collecting and storing vast amounts of personal data about patients, they become targets for intrusion attempts in spite of having firewalls in place. With the enforcement of the Affordable Care Act and HIPAA, healthcare organizations are facing increasing pressure to take necessary measures to stay compliant. The access to this information cannot be avoided as hospital staff may need to have critical EMR data on hand like patient history, allergy information, prescriptions, dosage requirements, and other treatment-critical information. Providing an unhindered channel to patient data will increase the risk of information misuse and it is the healthcare provider’s responsibility to safeguard patient records. Failing to do so will attract lawsuits and heavy fines. Maize Analytics, addresses these issues by offering solutions that are designed to control the threat of data misuse from internal sources and monitor data access through their innovative auditing platform. “Our platform is created to drastically reduce the mundane complexities faced by compliance professionals investigating data and identity thefts,” says Daniel Fabbri, Founder and CEO, Maize Analytics.

Academically proven at the University of Michigan, Maize Analytics’ Explanation-Based Auditing System (EBAS) is an intuitive solution designed for conducting streamlined HIPAA compliance checks in a highly automated manner, providing the needed technology to efficiently monitor EMR accesses. “Upon installing the EBAS system, it is fed with the hospital’s EMR data to keep track and learn the healthcare employees responsible for treating a certain patient,” says Fabbri. This database can also be run through EBAS’ customizable security-filters that can highlight any form of suspicious activity.
Employee accesses to patient data outside their jurisdiction will be notified to the compliance officer, who can initiate an investigation on a case-by-case basis. This practice has helped speed up the security and compliance audits by reducing the number of false-positive flags that need to be investigated.

While installing their solutions in a healthcare organization, Maize Analytics takes a principled and transparent approach, an attribute that has become a key differentiating factor of the firm. By disclosing the inner working of their offering to clients, Maize Analytics helps compliance officers fully understand the mechanism of EBAS. In doing so, hospitals can truly comprehend the way the system works and understand its value. “We believe that working closely with our clients is essential to improving our technology and helping healthcare organizations secure patient information,” says Fabbri. The patented system leverages clinical context and machine learning to identify why each access occurs, which Maize refers to as an ‘explanation’.


The patented system leverages clinical context and machine learning to identify why each access occurs



Maize Analytics values its client feedbacks and considers it to be crucial in the development process. This practice also helps in designing new features to be added to the platform to improve and develop new capabilities. “We developed a new ranking system that will help us categorize activities based on the level of suspicion it generates, making it easier to locate and prioritize access flags,” says Fabbri. Additionally, the firm plans to infuse unified analytics capabilities into their offerings, for healthcare providers with multiple hospitals, without curbing their ability to work individually in their combined network. A hierarchical, but unified system for security management will be an essential tool for large clients with multiple healthcare outlets. With their innovative strides in healthcare technology systems, Maize Analytics aims to empower their clients in the healthcare sector and help them in securing EMR data better.