At first you had no clue. Then, you had your suspicions. But you couldn’t put a finger on anything specific. You were pretty sure that there was more cash coming in than you were actually seeing. By the time you were certain, thousands of dollars had been stolen by a trusted employee.
Local law enforcement has to build a case against the wayward employee. The problem? Evidence. Or lack thereof. Though you’ve managed to convince cops and local prosecutor that a pattern of theft exists, it’s not enough for a court. In fact, she was so good at the deception – which went on for several years – that even though you thought you were diligent, she simply outsmarted you. She backdated entries, changed dates – whatever she could to make everything appear “normal.”
This is where the right computer system comes in to save the day. First, the software must be truly HIPAA compliant. That means it actually tracks who added, deleted, and accessed PHI (Patient History Information) data – and when they did it. Of course, few systems take any more than a “bare bones” approach because the performance hit is too great. That’s where a system like ECLIPSE comes in. When you use your VISA card, make a call, or make a hotel reservation – and that’s just the top of the iceberg – you interact with the same commercial database technology that’s in ECLIPSE. That technology doesn’t exist in any other chiropractic software… which is funny when you think about it… because Apple, IBM and Microsoft license it too.
The last case I was involved with in PA involved a front desk employee who methodically took advantage of her employer’s trust and eventually stole many thousands of dollars before her thefts were discovered. Prosecution wouldn’t have been possible without the invisible audit features present in ECLIPS. Despite the fact that this employee went
to great lengths to cover her tracks by deleting and back dating entries (she had permission to do so), the prosecution was able to use hidden, embedded information that revealed her attempts to mask the thefts. All this information was available in reports that law enforcement personnel generated directly in ECLIPSE – without any special or additional programming or help from us. Once they knew what to look for, a clear pattern emerged.
They were able to build a case to take to court. Case closed.
Your best shot at minimizing theft and maximizing your chance at a conviction is security. Security is much more than a password. It’s the ability to look back at some point in the future to spy on a computer savvy thief who believes she’s carefully covered all track of her thefts. And the best possible deterrent is the ability to tell employees that your software retains information regarding what they do and when they do it.
Each & every employee should have his or her own passwords and permissions – especially for critical items such as deletion of account data. And if you do grant all-inclusive permission to front desk personnel, it doesn’t hurt to occasionally reprint a daysheet several days or a week later to determine whether or not changes have been made after you reviewed the original printout.
© 2010 Mike Norworth
With degrees in Biology & Chemistry, graduate degrees in Computer Science and over 25 years of experience in health care, Mike is the chief architect of ECLIPSE® Practice Management Software. He also has extensive experience with audits & computer forensics investigations at the local, state, and federal level. Finally, he has advised health care providers, equipment manufacturers, corporations and management consultants for over two decades with regard to business practices, operations and technical issues.