190 likes | 375 Vues
Team 5 . Oyin Adeleye Michael Mai Harika Malineni Kalyani Prabhakar David Siegelman. Introduction: . 20 year old EHR System Introduced network system ONLY 5 years ago New legislation creating funds for EHR system Two Options
E N D
Team 5 Oyin Adeleye Michael Mai Harika Malineni Kalyani Prabhakar David Siegelman
Introduction: • 20 year old EHR System • Introduced network system ONLY 5 years ago • New legislation creating funds for EHR system Two Options Comfortable Inc.’s Perpetual EHR system Believable Inc.’s EHR application, Untroubled
Goals • Moderizen EHR • Efficiency • Reduced personnel cost
Two Options • Comfortable Inc.’s Perpetual EHR system • Believable Inc.’s EHR application, Untroubled (Eliminate this page and move to Introduction)
vs. Comfortable EHR • Hosting at company sites • Run by the company staff • Flexibility to choose the required modules/functionality • Customizable to suit the company's unique needs • HIPAA compliant • Clinical module was one of the best • Excellent Testimonials Believable EHR • All hardware, software and data would be housed in Believable's servers • No need to employ more staff • Low Total Cost of Ownership • Practice Management is better • Provides disaster recovery and security
Questions to consider... • Please itemize the risks associated with both Comfortable’s offerings.
Risks associated with Comfortable: • Lack of IT Support (Funds, Resources) • Compliance • Data Access & Location • Disaster Recovery • Data & Network Security • System Issues
Questions to consider... • Please itemize the risks associated with Believable’s offerings. Where are the similar risks with Comfortable? Where are the differences?
Risks Associated with Believable: • Compliance with law and regulation • Access Control • Data Security • Disaster Recovery • Multi-tenancy • Subcontracting Risks • Service Availability
Questions to consider... • Where are the similarities and differences in Risk between the two options?
Risks Similar to Both • Network Security • Data Security • System Integration • System Performance Issues • Data Access • Disaster Recovery
Differences in Risks • IT Support Funding • Subcontracting Risk • Muti-tenancy • Expenditure Cost
Questions to consider... • How does the contract with Believable come into play in your evaluation?
Important aspects that the Contract with Believable should address: Data Ownership Service Level Data Security Security Insurance Warranties
Questions to consider... • What is the most important aspect that Clear Thinking should consider besides the contract?
Governance Right controls and visibility in place Understand Believable’s policies and controls Who has access to what?Who does access what? • Ultimate responsibility on Clear Thinking • Ability of Believable to produce audit report in the format of SAS 70
Controls What controls would you recommend if the agency chooses Believable’s SAAS offering?
EHR Application Architecture • Looking at the diagram. Which controls do they have? Recommend any controls that you think may be needed.
Recommendation & Reasoning: • Cloud computing offers benefits: • cost reduction • there is no need to hire and train more IT staff • service flexibility • Fit the business objectives