While credit card and social security numbers can be worth a few dollars on the black market, a single entry in the electronic medical record (EMR) could be worth hundreds of dollars. Patients' medical records are significantly more valuable to hackers simply because the data could be used repeatedly—often for years after the theft. However, while health systems spent billions of dollars over time to secure themselves against outside threats, the biggest risks happen to actually reside inside the organizations themselves: their employees. From unintentional errors to the rogue employee, internal breaches have become a critical area of concern for hospital professionals, as institutions extend their reach throughout their networks to include physician offices, outpatient clinics, and health information exchanges.
Most health systems approach the threat in a reactive manner, retroactively analyzing the journey of the threat after the damage has already been done, and patching the areas impacted. However, the dynamic nature of 21st-century threats makes this activity both ineffective and expensive. Furthermore, not all health systems have fully embraced a risk-based approach towards protecting their assets, still trying to protect everything at the expense of keeping themselves exposed equally across the risk profile.
Haystack Informatics takes a data-driven approach that enables health systems to deliver quality patient care in a highly secure and cost-effective manner. The company employs advanced behavioral and social networking analysis technology that protects patients’ privacy. Using multiple detection engines, the company's technology can find anomalies in employees' access patterns. What truly distinguishes Haystack from its competition is its ability to offer a contextualized view of the relationships that exist between staff members and patients, guiding the privacy staff from detection of a threat, through investigation, all the way to reporting to the higher levels of the organization, and to the Office of Civil Rights. With the built-in efficiencies of the solution, health systems can achieve high levels of patient privacy monitoring without having to augment the privacy staff.
Furthermore, working with a data science team that came out of Harvard University, the company has developed a novel approach to understanding employee activity and patient experience in a healthcare setting. This new technology, called "Haystack Intelligence", analyzes data from the time of patient appointment, all the way to billing and discharge. Haystack Intelligence acts as both a mirror and a compass: it provides a mirror as to what exactly is taking place in the interactions between providers and patients, and acts as a compass by guiding the staff towards the areas that would provide the most benefits to the organization and its patients.
We are applying Haystack Intelligence to a multitude of initiatives across health systems, to help them standardize best practices and reduce unwanted variability
Furthermore, by using HR data, it can produce automatic time-driven activity-based-costing (TD-ABC) estimates of the staff cost of care delivery. As Adrian Talapan, Co-founder and CEO states, “One of the goals of this technology is to illuminate the sources of unwanted variability across the health system, thereby helping organizations understand what is actually taking place, vs. what the managers think it's taking place. In turn, this understanding helps health systems standardize best practices and care delivery, reducing costs.” Kevin Klick, VP of Business Development adds, “Our ability to expand patient privacy monitoring with Haystack Intelligence enables our customers to effectively conduct operational or behavioral changes, as well as measure the benefits of such changes.”
Moving ahead, Haystack Informatics plans to explore partnerships with consulting organizations and software providers interested in integrating Haystack Intelligence in their offerings. “We wish to apply our extensive knowledge of user behavior and interactions to new areas, as we work to safeguard and optimize healthcare. To this end, we look forward to working with health systems, consultants, and other software partners,” says Talapan.