Editor's Note: Part I of our three-part package takes a big-picture look at BPM in healthcare, while Part II focuses on BPM's role in helping eliminate paper records. Here, Part III examines BPM's role in helping healthcare organizations with ever-tougher regulatory compliance.
When it comes to helping healthcare providers comply with a maze of regulations designed to protect the security and confidentiality of patient records, BPM could be just what the doctor ordered.
Among the best-known and most stringent requirements are those contained in the Health Insurance Portability and Accountability Act (HIPAA), which, among things, requires healthcare organizations to implement the principle of least privilege.
In theory, the principle is straightforward: Access to personal health information (PHI) should be restricted as much as possible while still allowing for normal functioning. But implementing that approach can be particularly difficult in the healthcare universe given the complexity of medical IT systems and one big variable-the people who work in the field.
BPM AND HEALTHCARE: A GOOD MATCH
A healthcare organization's information-handling processes are well suited for BPM methodologies, particularly when the goal is to achieve and maintain HIPAA compliance. "How you gather information about a patient and put it into a system will affect [other users'] ability to use that information. How [they] use that information will have some effect on issues of compliance and efficiency," says Steven J. Spear, a senior fellow at the Institute for Healthcare Improvement and a senior lecturer at the MIT Sloan School of Management. This is similar insurance system that used widely on top payday loan websites and there are ways to avoid charges as described in this article.