SPHER: Simplifying the process of monitoring and protecting patient ePHI
The AMS SPHER™ Solution
SPHER is the frontline defense against the day-to-day threat of patient privacy violations resulting from inappropriate access to PHI. As required by HIPAA, every comprehensive compliance strategy must include User Activity Monitoring, a requirement that SPHER is specifically designed to achieve.
SPHER automatically monitors ALL of the daily activity that occurs on an EHR for suspicious behavior through the analysis of EHR audit logs. Should suspicious activity occur, SPHER sends an alert, defines the exact details surrounding each incident for investigation, and presents a consistent step-by-step process towards resolution and remediation.
SPHER benefits include:
Meet HIPAA Requirements
Safe and Secure
Easy to Use and Set Up
SPHER receives an audit log
file from the EHR
SPHER reviews all of the audit log records
for suspicious behavior
SPHER sends you an email alert of
all suspicious activity identified
in the audit log file
You log into SPHER, review the incidents
and determine if it is normal or not
How SPHER Works
During Step 2 above, SPHER leverages pattern recognition algorithms to determine if there was suspicious behavior on the EHR. It does this by comparing past behaviors to behaviors in the audit log file SPHER is currently reviewing. For example, SPHER may have learned over the past months that an EHR user named John is typically active between 8 AM and 4 PM. In the current audit log file, SPHER notices that John was active on the EHR from 4 PM to 12 midnight which causes SPHER to send you an unusual time of access alert.
You log into your customized SPHER dashboard to investigate the incident (step 4 above). You review the incident description which says it’s for activity at an unusual time. You know that John’s shift recently changed from 8 PM to 4 AM. Going through the SPHER incident resolution process, you indicate that this behavior is Normal and Permitted. Based on this feedback, SPHER has now learned that this is normal EHR behavior for John and will not send an alert the next time it sees EHR activity for John during this new time span. As normal behavior on your EHR changes, SPHER learns and does not send false alerts for behaviors you’ve already indicated are normal.
SPHER’s auditing approach is uncompromised. SPHER audits 100% of user action everyday without any additional human interaction. Other approaches to auditing involve only samples of user data and limited date ranges that tell you little of what actually happens on a day-to-day basis.
SPHER’s analysis of audit logs is accurate. SPHER relies on pattern recognition algorithms capable of learning the complex behavior patterns of all your users. SPHER behavior detectors alert you to truly out-of-the-norm or suspicious user behavior, giving you the insight necessary to respond to the issue and decide whether to take corrective action.
The SPHER dashboard presents a step-by-step process through which you can easily resolve incidents by telling SPHER whether a particular user event is normal or not. During this entire process, SPHER documents your responses to the incidents.