Blogs Home
Tuesday, June 1, 2021 12:00 PM

Spring Exchange Recap: The New Frontier of Patient Privacy Automation

Written by Dawn Dorr, Privacy and Security Customer Success

Patient Privacy Spring Exchange Blog Header

Last month, we hosted the iatricSystems Spring Exchange, where we brought together industry leaders and healthcare organizations to discuss today’s challenges. A big topic of discussion was how today’s hospitals leverage artificial intelligence and automation into their patient privacy monitoring process.

During the session Patient Privacy: New Challenges and Modern Solutions, we spoke with Miranda Brown of WVU Medicine to hear how their team is overcoming today’s privacy challenges.

“We’re always looking at how we can use artificial intelligence with our auditing system to streamline the process,” Melinda said. “We currently review thousands of rows of access daily. We want to get to the point where we can get those rows of access to populated on a list by weight, so we know what’s truly important to review.”

Patient privacy monitoring solutions are getting better and better at reducing false positives to help save privacy teams’ time. However, artificial intelligence is also uncovering more potential breaches that a human wouldn’t have been able to catch. As a result, privacy teams are busier than ever with investigations, and at some point, automation is necessary.

Patient Privacy Automation & The Auto Industry (Yes, you read that correctly)
In the session, Meet AVA – Your Advance Virtual Assistant, Steve Walker shared an interesting analogy to help attendees see patient privacy automation in a new light. He suggested thinking of patient privacy automation like the early auto industry. On the surface, you’re likely thinking, what could these two things have in common? Let’s dive in.

In the beginning, each automobile design was custom. They would learn from the last one, add improvements, and implement those enhancements into the next build. Each car was different, built with unique parts, and took a lot of time.

Similar to patient privacy teams, auditors have to go through all these custom actions during an investigation. No two alerts are exactly the same, with every case requiring someone to track down users for additional information with likely combating schedules and unanswered questions for weeks or months.

Then in 1913, Henry Ford began to implement an assembly line using standardized parts. Suddenly, automobiles could be built in a fraction of a time.

In the case of patient privacy, we’re building investigations — not cars. But similarly, investigations are guided by procedures and policies. The customization comes in both trying to correlate local knowledge, user info, patient names, demographics, etc., in conjunction with when the user makes themselves available to answer these questions. The result is that each of these takes a significant amount of time on the patient privacy team.

Having a tool like AVA can use the classification of an interaction and the list of local procedures to build various questions to ask that user, then actually ask that user those questions and gather the results. This not only streamlines the process, but you’ll gather better insight because the user still remembers why they were looking at that patient information, instead of being questioned a month later when the user is less likely to recall the reasoning behind the interaction. AVA then documents the results and will either close the investigation or escalate it to a manager if needed.

The ultimate goal of artificial intelligence and the mission behind AVA is to lighten the load for privacy teams so they’re not inundated by alert fatigue and review but can now focus on other projects that require true human interaction.

If you’d like to learn more about AVA or want to watch more on-demand sessions from the iatricSystems Spring Exchange, you can email us at