--000000000000ca9fde0636c0b328 Content-Type: multipart/alternative; boundary="000000000000ca9fdd0636c0b327" --000000000000ca9fdd0636c0b327 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi Nina, Any thoughts on how you want to answer this? Tim, At a high level HIPAA audits include the below: [image: image.png] Thanks , Terrence On Tue, Jun 3, 2025 at 4:07=E2=80=AFPM Timon Page w= rote: > I agree. What is the auditing process for HIPAA? > > Best regards, > * Timon Page * > General Manager, Ontario > *Please note my email address has changed:* > timon.page@thekey.com > Mobile: (437) 223-0841 > TheKey.com > > > > On Tue, Jun 3, 2025 at 3:32=E2=80=AFPM Terrence Vetter > wrote: > >> I have to defer to Nina on this section as these questions are >> specifically talking about PHIPA and my concern is around Clearcare's >> logs and the lack of availability of these logs for us to monitor. >> >> We cannot audit Clearcare logs and there is no process in place to >> monitor and track all access to PHI in Clearcare. >> I am not sure how you would like to answer this? >> If we answer no on these questions I am afraid of the impact of >> submitting this questionnaire. >> >> >> Thanks , Terrence >> >> >> On Tue, Jun 3, 2025 at 9:16=E2=80=AFAM Timon Page wrote: >> >>> Morning Terrence >>> >>> Thanks for this. I have done a deeper dive into section 4: Electronic >>> Audit Logging as it seems that the document I sent over from Tala Barak= at >>> wasn't sufficient enough for you to feel confident on answering the >>> questions. We do not have an electronic audit process in place at the >>> office level. If other offices are performing these, I would very much = like >>> to know the procedure involved. However, as the vast majority of the >>> applications we use are implemented at a corporate level, with admin ac= cess >>> restricted, it seems logical that the electronic auditing would be >>> performed at the corporate level. Is there not IT auditing done to che= ck >>> for network vulnerabilities, adherence to local and federal laws, >>> identify data discrepancies and ensure data integrity? >>> >>> Best regards, >>> * Timon Page * >>> General Manager, Ontario >>> *Please note my email address has changed:* >>> timon.page@thekey.com >>> Mobile: (437) 223-0841 >>> TheKey.com >>> >>> >>> >>> On Mon, Jun 2, 2025 at 5:58=E2=80=AFPM Terrence Vetter >> terrence.vetter@thekey.com> wrote: >>> >>>> Helllo Timon, >>>> >>>> Here are the answers to the questionnaire in column D.. >>>> There are a couple highlighted that I need you to weigh in on and >>>> answer. >>>> Let me know if you have any additional questions please let me know? >>>> >>>> >>>> >>>> Thanks , Terrence >>>> >>>> >>>> On Mon, Jun 2, 2025 at 12:49=E2=80=AFPM Terrence Vetter >>> terrence.vetter@thekey.com> wrote: >>>> >>>>> I'll have the answers back to you today.. >>>>> Thanks , Terrence >>>>> >>>>> >>>>> On Mon, Jun 2, 2025 at 12:27=E2=80=AFPM Timothy Thomas wrote: >>>>>