How is your healthcare organization’s internal audit function evolving?
Healthcare providers are still in the process of converting hard-copy patient files to electronic records. They are exchanging and analyzing more sensitive information in digital form, making it portable and creating a single source of truth accessible via a wide range of mobile devices and through cloud-based third-party service organizations. Life-saving devices – such as pacemakers and infusion pumps, among many others – are increasingly networked and vulnerable to cyberattack, adding patient health risk as another new dimension to previous concerns regarding the protection of health information.
The digitization of the healthcare industry is a transformation on par with the sweeping changes in financial services over the past 20 years. Internal audit functions with healthcare providers are expected not only to keep up with these changes and the associated risks, but also to look ahead and help management and the board identify emerging risks on the horizon.
For the past 10 years, Protiviti has surveyed chief audit executives and internal audit leaders and practitioners across a broad spectrum of industries to document the state of the internal audit profession and the drivers of change. This year, we again partnered with the Association of Healthcare Internal Auditors to glean more targeted insights regarding the industry’s unique internal audit challenges.
Our results show that healthcare internal audit functions view priorities in four key areas, which we review in our report:
- Cybersecurity and the audit process
- Electronic health records, information technology transformation and digitization
- Technology-enabled auditing and managing fraud risk
- Collaboration and communication between internal audit and the organization