COMPLIANCE GOALS AND CHALLENGES IN HEALTHCARE

How industry trends -- such as mergers and acquisitions, and digital transformation -- are impacting risk as well as the effectiveness of compliance programs across healthcare organizations according to a survey of 100 compliance leaders.

THE TOP THREE PRIORITIES FOR HEALTHCARE ORGANIZATIONS OVER THE NEXT 3 - 5 YEARS

STANDARDIZATION

(Drag mouse over image to learn more.)

75% of respondents said standardizing policies and processes governing the management, use, security and release of protected health information (PHI) across the organization and/or newly aquired/recently merged facilites was one of their top three priorities.

EMPLOYEE TRAINING

AND EDUCATION

(Drag mouse over image to learn more.)

62% of respondents said employee compliance training and education was one of their top three priorities.

HIPAA COMPLIANCE

(Drag mouse over image to learn more.)

41% of respondents said enabling HIPAA compliace and preparing for OCR audits was one of their top three priorities.

The focus on standardization is not surprising. Given the transition to electronic records and the pace of digital transformation, the scope of ensuring information is protected, used, shared and managed in a compliant manner has grown exponentially. Without a standard and sustainable framework that governs the lifecycle of information regardless of format or location, it will be near impossible to mitigate risks across the healthcare ecosystem.

 

 

BIGGEST BARRIERS TO SUCCESS

33%

said that accelerating employee understanding and acceptance of compliance policies is one of the biggest barriers to success.

29%

said convincing physicians and medical staff to embrace change is one of the biggest barriers to success.

16%

said organizational siloes impeding visibility into facility or department processes is one of the biggest barriers to success.

COMPLIANCE LEADERS CAN EXPECT THE COMPLEXITY OF MANAGING THE PRIVACY AND SECURITY OF ELECTRONIC INFORMATION TO CONTINUE TO INCREASE FOR YEARS TO COME.

Organizations clearly  see standardization as a means of enabling compliance and reducing risk. However, lack of internal buy-in, awareness and adoption, and lack of visibility across the enterprise and in newly acquired facilities are common obstacles that must be addressed.
 
Also, not mentioned, but certainly worth noting, is the rapid growth and mobility of data. As the industry struggles to understand what data they have, address increasingly mobile patient and workforce populations and thwart an ever-expanding variety of cybersecurity threats.

CONSTANT EXPANSION AND EVOLUTION

Challenges are further compounded by the constant expansion and evolution of the healthcare ecosystem.

50%

of hospitals acknowledge that the continued growth through M&A increases the complexity and risk of protecting PHI and other critical information.

59%

of compliance leaders cited "getting arms around sensitive information, where it is and how it's being managed" as the number one challenge adter a M&A event.

79%

of respondents perceive this lack of visibility to significantly increase risk within their organization.