CrossPoint Perspective: Audit, Quality & Control for Security and Compliance

No comments
By Gregory Lampshire

We were chatting with a few clients recently about CrossPoint. A number of security professionals asked us about how it solves some of their issues. While CrossPoint was designed to solve a variety of thorny issues our clients face, it has a specific model to support the needs of security and other compliance professionals.

Let me recap what CrossPoint is:

  • CrossPoint is managed file collaboration service that makes it easier to securely exchange data and reports with your partners and internal corporate groups while still preserving enterprise-grade, detailed, operational Audit, Quality & Control (AQC) oversight.
  • By creating a single landing pad in your company for all your data, you can save money and simplify operations.
  • CrossPoint has integrated data quality discovery and monitoring, security, workflow, extensive archiving, business rule alerts and  “blueprints and maps” for maintaining the business catalog of your data. Other CrossPoint apps include Change Data Detection to find out what data from which system changed and developer collaboration features to help systems developers create and manage your data intensive environments. You can also create business cross-walks to understand how data in one system is related to another.

Here’s some of the issues that came out of our conversations:

  • How do I use this to manage insight into the use of PHI and other information in my enterprise?
  • How does it help me manage risk?

Part of our philosophy around managing these issues is expressed in the way we created CrossPoint. In order to provide a general mechanism to provide auditability and other aspects of ACQ, we quickly realized that an architecture approach to monitor data and systems would result in a combinatorial explosion of configurations and system adapters that would greatly increase cost and complexity for our clients. Adapters and applications that monitor systems today are typically lower-level infrastructure applications that monitor resource usage like disk space or CPU loads. Some monitoring mechanisms, such as transparent SQL interceptors, can be used for specific needs one layer above the technical architecture. But we were still left with a problem to create something uniform, easy to use, cost-efficient and adaptable to many situations and we required a different, more flexible approach.

We decided that we needed a place to concentrate the data in an enterprise better than it is today. We needed an architecture that would scale to huge sizes but also be cost-efficient at a small scale. We used our Healthcare Analytics Platform as a foundational component.  The platform is already serving the needs of over a dozen clients and has been certified secure by each client for their PHI data.

Then we considered ways to help improve solutions to the security and compliance issues asked above. Certainly there’s no single answer for comprehensive oversight. Our clients must create a “web” of oversight with each piece overlapping and extending that web.  But we realized that a ready-to-go, packaged set of components that combines file collaboration with analytics for data quality monitoring, archival and retrieval did not yet exist in the market.

Many of our healthcare clients have pieces of this solution, but they never get implemented together cohesively. Why?  From our perspective, its is difficult to use applications that are designed to be general purpose tools to concentrate into such a cohesive set of capabilities without great cost. Lets face it, general systems integration is hard.

How does CrossPoint help manage risk? There are a few types of risks.  Here’s the short answer for each:

  • Unknown PHI: Obviously for healthcare you need to know where your PHI is and who is using it. You may not know which systems actually have PHI and our clients have difficulty getting complicated “metadata” systems to help them discover what is in the databases. A manual approach to “watching” systems is usually out-of-date by the time the process is created. You can use CrossPoint to consistently land all of the data from an application into CrossPoint’s landing pad and scan it for PHI using the business rules engine. You may think that landing all the data might be problematic… expensive… or time consuming. CrossPoint is built for scale and with its inexpensive archiving capabilities, you can keep all the data in your enterprise, cheaply, forever.
  • State of the world: CFOs need to attest they know where their claims are at and what status they are in. Wouldn’t it be nice to dump all of the queues — pended claims, for example– out of all the queues in your enterprise? Wouldn’t it be nice to land all your data from your trading partners in one landing pad, snapshot what is going on it, then distribute to everyone in the enterprise? CrossPoint is that landing pad. It has the archiving. It has the analytics and it has the ability to give CFOs line of sight into the operational pulse of a company.
  • Care Delivery Risk: The rise of PCMH and ACOs has also increased the frequency and intensity of exchanging large amounts of information with your partners. The exchange of clinical chart data, not in a HIE/EHR sense, but in the sense of changing clinical chart data for care coordination and analytics means that the flow of information is greater than before. If something happens to a patient/member, you want to be able to track back in time and find the data that may have led you to the wrong conclusion, find the audit trail of data. In many enterprises, it is exceptionally difficult to find that data. CrossPoint uses big-data technology to allow large amounts of data to be landed, scanned and archived so that you can always recreate the trail.

These are just a few ways that CrossPoint’s AQC framework with its integrated archiving, profiling and data management can help your organization manage itself easier internally as well as externally with your partners. Give us a call to discuss.

LaunchPointCrossPoint Perspective: Audit, Quality & Control for Security and Compliance

Related Posts

Leave a Reply