Enhancing Compliance with Healthcare Insurance Portability
and Accounting Act of 1996

Orion Governance Use Case

Helping Clients Avoid $50,000 Fines

In 1996 the U.S. enacted a federal law designed to prevent the disclosure of sensitive patient health information without the patient’s consent or knowledge. The legislation also allows American workers and families to continue health insurance coverage by transferring it when they lose or change jobs. These provisions require the confidential handling of protected health information (PHI) to reduce healthcare fraud and abuse. They also establish standards for health care information on electronic billing and in related processes.

HIPAA non-compliance will result in penalties or monitored enforcement of corrective action plans. Enforcement may be imposed by the U.S. Department of Health and Human Services Office of Civil Rights or a state attorney general. A four-tier structure of fines from $100 to $50,000 per violation serves as a strong deterrent. But fines can total $1.5M per year!

Hipaa Journal 2018

HIPAA Compliance for the Mainframe

The Project

Orion implemented end-to-end lineage for COBOL/JCL using the Orion Enterprise Information Intelligence Graph (EIIG) to ingest multiple such systems. The implementation yielded cross-system lineages with SSIS and Informatica. This was a huge benefit for the business and IT users.

Business Problem

The client needed to establish an enterprise governance program for HIPAA compliance. Specific requirements included traceability of flows of business-critical data elements needed by auditors.

The Orion Governance Solution

Orion’s Enterprise Information Intelligence Graph (EIIG) ingested the mainframe code and provided traceability for PHI (personal health information) and PII (personally identifiable information) across three large mainframes in less than 30 minutes.

Business Benefits with Orion Governance

The fundamental principle for governing your information assets is, “Know your data”. The EIIG implementation provided full visibility of data assets. In turn, the company’s business users better understand the assets available for making informed decisions. As well, the company was able to provide traceability of HIPAA data elements for auditors.

Cost Savings

Complete real-time traceability saved the customer hundreds of thousands of dollars in resource expenses. In addition, the company avoided expensive penalties resulting from non-compliance.

Find Out How Orion Governance Can Help Your Use Case

Connect with an expert to quickly discover how Orion works for you