Case Study: Columbus Regional Health achieves enterprise-wide auditing and stronger patient privacy compliance with FairWarning

Enterprise-Wide Auditing with FairWarning

Columbus Regional Hospital (CRH), a 225‑bed, $160M health system, faced a serious privacy auditing gap after a 2005 complaint revealed clinical audit logs were minimal and overwritten daily. Vendors either lacked effective auditing or warned against enabling logs, and adding vendor features would have cost roughly $150,000 per system. Relying on manual processes left CRH exposed to HIPAA and legal risk and made privacy investigations slow and inconsistent.

CRH implemented FairWarning® as an enterprise‑wide auditing solution, integrating its major clinical systems and giving a cross‑functional team automated, fact‑based reports and a global search tool. The platform enabled monthly/quarterly access reviews, supported a new workforce privacy education program for 1,700 employees, produced early detection of incidents, and drastically reduced investigation time (from many system checks to a single report). CRH reports improved monitoring, stronger enforcement through HR escalation, scalable savings as more sources are added, and better compliance readiness for HIPAA/HITECH.

Columbus Regional Health

Audrey Tyree

Security Officer, Columbus Regional Hospital