We conducted an audit of Broward Addiction Recovery Center’s (BARC) information technology operations. Our objectives were:
- To determine whether information technology (IT) general controls are adequate for the ECHO and medDispense applications;
- To determine whether the applications are in compliance with technology related requirements of the Health Insurance Portability and Accountability Act (HIPAA);
- To determine whether the applications adequately supports BARC’s business processes; and
- To determine whether any opportunities for improvement exist.
We conclude that the information technology general controls are not adequate for the ECHO and medDispense applications. We conclude that the applications do not comply with technology related requirements of the Health Insurance Portability and Accountability Act (HIPAA). We conclude that medDispense system adequately supports BARC’s business processes; however, the ECHO application does not. Opportunities for improvement are included in the report.
We appreciate the cooperation and assistance provided by the Broward Addiction Recovery Center and Enterprise Technology Services Divisions throughout the course of our audit.
|