WOW’s Security Review/Risk Assessment is designed to identify and address the security issues that relate to the Health Insurance Portability and Accountability Act (HIPAA) as well as the proper set-up and use of the operating systems and system software.

Through Security Review/Risk Assessment, WOW Consultants can identify and document current system security, pinpoint potential breaches, assist in developing security policies and procedures, provide forms for use in creating and maintaining user security and provide staff training in proper set-up and maintenance of system security settings.

All areas are reviewed for compliance to not only hospital designated security access but also for potential HIPAA privacy and security violations. Areas of weakness our consultants often encounter include payroll data not properly secured from unauthorized access, unauthorized staff access to critical files and inadequate procedures for controlling user security.

Getting back to business quickly after a disaster, whether a fire, flood, natural disaster, or even a human-caused disaster such as terrorism or sabotage, with minimal data loss is not just a goal, it's a requirement. Health Insurance Portability and Accountability Act (HIPAA) security guidelines, which went into effect in April 2003, mandate that medical centers must have a disaster recovery plan in place for all data.

Although they command more attention, unplanned events related to power outage, natural disaster or human error, are typically less than 5 percent to 10 percent of all downtime. Planned downtime, monthly saves of data, system upgrades and maintenance, account for about 90 percent of all downtime, and the costs can be significant. According to Healthcare Informatics, a study of hospital downtime found that for an average 500-bed hospital, every minute of downtime costs more than $264, and each 1 percent of downtime could cost that same hospital more than $1.4 million per year. The high costs of downtime, coupled with the need for constant data access, are leading facilities toward continuous operating systems.