This makes your existing audit logs an "excellent database that can be used to identify the number of audits, auditors, previous activity, etc", according to Frank Ruelas, Principal at HIPAA College.
"We have built a very collegial relationship with many of those entities that are "frequent fliers" when it comes to auditing activity." - Frank Ruelas, Principal at HIPAA CollegeFor example he has been able to "educate" the auditors' management on how their own auditors "may or may not have been able to make some of the conclusions they make in their final reports based on their access".
Veriphyr identity and access intelligence service makes it easy to compile reports on the auditors activity across all your applications. In a single report you can see what applications they accessed, what they did in the application, and which customers/patients and employees they looked at.
For more about this see:
Frank Ruelas posting on the Healthcare Compliance Associations (HCCA) bulletin board
Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.Sources:
(a) Frank Ruelas posting on the Healthcare Compliance Associations (HCCA) bulletin board - HCCANet - March 24, 2013