Healthcare Insurance Portability
and Accounting Act of 1996

Orion Governance Use Case

Helping Clients Avoid $50,000 Fines

A 1996 American federal law designed to prevent disclosure of sensitive patient health information without the patient’s consent or knowledge. It allows American workers and families to continue health coverage by transferring their health insurance when they lose or change jobs. It requires confidential handling of Protected Health Information (PHI) and reduces healthcare fraud and abuse. It also establishes the standards for health care information on electronic billing and related processes.

HIPAA Non-Compliance includes penalties and/or enforcement rules (corrective action plans on covered entities who fail to comply), from the Department of Health and Human Services’ Office of Civil Rights (OCR) and the State’s Attorney General. These act as a deterrent to prevent any violations with a 4 tier structure for fines from $100 per violation up to $50,000 per violation (see image below). But fines can reach $1.5M/year!

Hipaa Journal 2018

HIPAA Compliance for the Mainframe

The Project

Orion implemented end-to-end lineage for COBOL/JCL using the Orion Enterprise Information Intelligence Graph (EIIG) to ingest multiple COBOL/JCL systems, show cross-system lineage with SSIS, Informatica, for consumption by both IT and Business users.

Business Problem

Establish enterprise governance program for HIPAA (Health Information Portability and Accountability Act) compliance. Provide traceability of information flow for business critical data elements to auditors.

The Orion Governance Solution

Orion’s Enterprise Information Intelligence Graph (EIIG) ingested the Mainframe code and provided traceability for PHI (Personal Health Information) and PII (Personally Identifiable Information) across 3 large Mainframe systems in less than 30 minutes.

Business Benefits with Orion Governance

The first fundamental step in governing your information assets incl. mainframe is: “know your data”. This engagement provided full visibility of information assets, enabling business users better understand the information available to make informed decisions. The Business was able to provide traceability of HIPAA data elements, when they were audited.

Cost Savings

The ability to generate near real-time traceability saved the customer hundreds of thousands of dollars in resource costs and offset penalties that would have otherwise arisen from non-compliance.

Find Out How Orion Governance Can Help Your Use Case

Connect with an expert to quickly discover how Orion works for you

Send contact message
Back to Use Case page