Category: Editorial

Interoperability and Prior Authorization Are on FHIR

Joe Gagnon

Responses from Joe Gagnon, CEO, 1upHealth.

The recently released CMS Interoperability and Prior Authorization final rule is a pivotal measure to reshape the industry. By laying the groundwork for expanded access to health information and streamlined prior authorization processes by mandating the use of FHIR APIs, this regulation takes a critical step toward using comprehensive, timely data to support value-based care initiatives, reduce costs, and improve outcomes.

As stakeholders navigate the ever-changing interoperability landscape, the first step is tapping FHIR APIs to ensure compliance and adaptation to shifting tides. From there, organizations can look beyond compliance to see how FHIR APIs can open the door to next-level innovation and usher in a future where efficiency, collaboration, and patient-centric care take center stage. 

  1. What are three ways the new CMS interoperability and prior auth rules will impact healthcare organizations?

Overall, the new rules serve as a critical foundation for expanding access to health information and improving the prior auth process in healthcare.

For all stakeholders, the collective FHIR APIs provide the ability to use comprehensive, timely claims and clinical data to support value-based care programs by implementing a common data approach to leverage historical patient data to maximize quality outcomes for patients. These initiatives are critical to reducing healthcare delivery costs while maximizing patient quality in real time. Additionally, as acutely acknowledged by CMS in its rule commentary, while many patients over the course of a year can have a significant number of providers, it is likely that they will only have one or two payers, thus making the making payer the prime hub in a hub-and-spoke style data sharing model.

For payers, if the FHIR APIs are implemented and utilized as advised by CMS, the respective APIs will not only have the ability to materially improve the ability to share relevant data in a more timely manner, it will also significantly reduce the cost and administrative burden of such data sharing. Today, many payers have entire departments that are focused on packaging and sending data to relevant provider partners. By automating the data sharing process with FHIR APIs, not just for CMS compliance but for all other interoperability use cases, payers can ‘kill two birds with one stone’ and meet regulatory requirements while also creating internal efficiency and significantly improving access to data, as outlined above.

For providers, using interoperable data for prior authorization can help make patient care decisions more quickly, improving patient, provider, and payer alignment and ultimately improving outcomes.

Continue Reading

Fortifying Healthcare Email Security: Advanced Solutions and Mitigation Strategies

Usman Choudhary

By Usman Choudhary, general manager, VIPRE Security

Email remains a cornerstone communication tool for healthcare entities, yet the communication channel also presents formidable cybersecurity hurdles. The sensitive nature of patient data and the open nature of email renders it susceptible to data exposure and phishing attempts. Thus, as healthcare continues its technology maturation, the imperative to grasp the gravity of email security intensifies. Advanced email security solutions offer a potent means to tackle these challenges head-on.

Why does this matter now? Isn’t email dying? Not based on the numbers. For example:

In a review of just the fourth quarter of 2023, VIPRE reviewed roughly 7.2 billion emails worldwide that were processed through its systems. Of those, more than 950 million malicious or unwanted emails were detected (~13 percent) and blocked. Most of these were detected using classical signature-based detection of bulk email, known malware, and known malicious links, including 20 million emails with malicious attachments and 41 million emails with malicious links. But there were 500,000 malicious emails that were only detected because of advanced, behavioral simulation of a user actually clicking on the link, i.e. detecting true zero-hour malicious sites, which is a feature built into our VIPRE Email Link Isolation. 

It was interesting to note a rise and fall in favored malicious email types each quarter and throughout the year. In 2023, we noticed the following trends:

Regardless of the slight percentage decrease, phishing emails continue to be tied with scam emails in volume, making them a perennial favorite of hackers and a constant threat to inboxes. Healthcare is in the top three targeted industries, representing 14% of the attacks that we observed across all of our customers.

With this data as a reference point, it’s easy to see that healthcare is chronically at risk regarding its vulnerability to cyberattacks driven by phishing and malicious inclusions in email. While writing this piece, one of the nation’s largest healthcare clearinghouses, Change Healthcare, was affected by a massive ransomware attack.

Change Healthcare is a unit of UnitedHealth Group’s Optum subsidiary, and its products are used by a huge variety of healthcare organizations. According to HHS, Change Healthcare “was impacted by a cybersecurity incident in late February. HHS recognizes the impact this attack has had on healthcare operations across the country.” The Russian-speaking cybercriminal gang known as AlphV and Blackcat claimed responsibility and said on its darkweb site that it exfiltrated 6 TB of data in the attack against Change Healthcare.

This specific attack affected healthcare systems, prescription deliveries, and anyone who processes insurance claims. This should raise red flags for all healthcare organizations regardless of size, particularly for smaller organizations with limited budgets. After all, if companies as massive as Change Healthcare—who undoubtedly had advanced cybersecurity measures in place—can be breached, then smaller organizations with fewer resources should take action to protect themselves.

The attack underscores the critical importance of proactive measures to mitigate the risks of sophisticated cyber threats. Although the attack vector in the Change Healthcare breach has not been identified as of this writing, the same group was responsible for the massive MGM Resorts hack in September 2023, which started on LinkedIn with a social engineering-driven exploit. A form of phishing, this foothold was leveraged to gain access within MGM, and this access was then expanded to target many of MGM’s key business systems.

Continue Reading

The Role of Remote Monitoring In Rural Communities: How Can It Provide Better Patient Care?

Jared Lisenby

By Jared Lisenby, chief sales officer, Azalea Health.

Telehealth services have become more popular, particularly after the COVID-19 pandemic highlighted its importance as a necessary solution for rural health clinics (RHCs).

RHCs face distinct business challenges, including serving patients at higher risk of chronic illnesses, limited resources, workforce shortages, and geographical isolation. These challenges require innovative solutions, and telehealth is one such solution.

Also known as telemedicine, telehealth empowers healthcare providers to care for patients without an office visit, saving time and money and allowing providers to see more patients. Care options require internet access and a computer, tablet, or smartphone, including phone or video consultations, secure messaging, email and file exchange.

Telehealth and the adoption of electronic health records (EHRs) have allowed healthcare to extend beyond clinical settings into patients’ homes.

RPM device use is expected to increase

New solutions and offerings make Remote Patient Monitoring (RPM) possible. This technology allows providers to manage acute and chronic conditions, gather vital signs and inform healthcare providers about a patient’s progress while reducing travel costs and infection risk.

Doing so allows providers to make real-time decisions and course-correct care as needed, potentially reducing patient costs in the long run and leading to better healthcare outcomes.

Remote patient monitoring is useful in conjunction with telehealth, particularly for patients who require consistent monitoring for certain health conditions, including high blood pressure, diabetes, and heart conditions. It can also help prevent complications in patients who have difficulty traveling.

RPM devices can include meters and monitors for glucose, heart rate, and blood oxygen levels. Patients with some of these chronic conditions are usually eligible for RPM devices and services.

According to Insider Intelligence, about 30 million Americans will be using one this year.

Continue Reading

A Short History of Wearables — and What the Future of Wearable Technology in Healthcare Will Look Like

Seth Casden

By Seth Casden, CEO and co-founder, Hologenix.

From its inception as a collection of cumbersome gadgets to its transformation into sleek, almost invisible tech integrations, wearable technology has come a long way. And as wearables have evolved over time — to be more in line with consumers’ needs and wants — they have edged ever closer to the realm of healthcare.

What will be the impact of wearable technology in healthcare today and in the future? Only time will tell, but we can learn a lot from the patterns we’re already witnessing.

A Brief History of Wearable Technology in Healthcare

Wearable technology in healthcare began as simple accessories, devices that could be strapped and attached to the body. The market erupted with tools like the Apple Watch and Fitbit, which were basically extensions of our smartphones and mostly used for telling time and counting steps.

Eventually, the market expanded, and consumers realized that these tools weren’t just handy; they were also health-conscious. Elite athletes and weekend warriors were the first groups to prove wearable devices could truly improve health and fitness by monitoring heart rates and activity levels.

In 2013, Google Glass came on the scene, introducing the concept of more integrated wearable technology. From here, the range of materials and nanomaterials that innovators began using to develop wearable technology expanded. Sensors captured biometric data, such as blood pressure, empowering consumers and healthcare providers to gain control and granular insights into their wellness. Today, devices like the Oura Ring and WHOOP bands can monitor stress, measure blood oxygen levels, help prevent illness, improve sleep on a scientific level, and much more.

Of course, the evolution of wearable technology in healthcare has also been shaped by its challenges. Early hurdles included durability and sustainability. Innovators needed to figure out how to create products that could be washed and worn safely without losing efficacy. Engineers developed methods of transforming existing cloth items into battery-free wearables resistant to laundry. As challenges like these are solved, devices will continue to evolve and have increased use cases.

How Have Wearables Evolved Alongside Consumers?

Consumer preferences and feedback have caused wearable trends to shift over time.

Consumers have shown increasing awareness of their mental and physical health over the last decade, accompanied by an increased desire to practice a healthy lifestyle. Health-conscious consumers are taking control of their wellness and choosing technology products that are personalized to them and can help them stay healthy proactively.

Wearable technologies have responded to these consumer trends. As consumer health awareness has grown — and their expectation for increased function from products — technologies like wearable step counters and infrared-responsive textiles have focused more on delivering data-driven health insights. Companies have also partnered with healthcare manufacturers and providers to ensure the validity of their health claims and help consumers get the most out of their treatment plans.

Wearable technology in healthcare has also evolved according to aesthetics and other preferences. A preference for seamlessness has led to the miniaturization of wearable components, a need for portability has led to advances in battery technology, and a desire for personalization has led to a shift toward variety and customization.

Continue Reading

HHS Statement Regarding the Cyberattack on Change Healthcare

The U.S. Department of Health and Human Services (HHS) is aware that Change Healthcare – a unit of UnitedHealth Group (UHG) – was impacted by a cybersecurity incident in late February. HHS recognizes the impact this attack has had on health care operations across the country. HHS’ first priority is to help coordinate efforts to avoid disruptions to care throughout the health care system.

HHS is in regular contact with UHG leadership, state partners, and with numerous external stakeholders to better understand the nature of the impacts and to ensure the effectiveness of UHG’s response. HHS has made clear its expectation that UHG does everything in its power to ensure continuity of operations for all health care providers impacted and HHS appreciates UHG’s continuous efforts to do so. HHS is also leading interagency coordination of the Federal government’s related activities, including working closely with the Federal Bureau of Investigations (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the White House, and other agencies to provide credible, actionable threat intelligence to industry wherever possible.

HHS refers directly to UHG for updates on their incident response progress and recovery planning. However, numerous hospitals, doctors, pharmacies and other stakeholders have highlighted potential cash flow concerns to HHS stemming from an inability to submit claims and receive payments. HHS has heard these concerns and is taking direct action and working to support the important needs of the health care community.

Today, HHS is announcing immediate steps that the Centers for Medicare & Medicaid Services (CMS) is taking to assist providers to continue to serve patients. CMS will continue to communicate with the health care community and assist, as appropriate. Providers should continue to work with all their payers for the latest updates on how to receive timely payments.

Affected parties should be aware of the following flexibilities in place:

  • Medicare providers needing to change clearinghouses that they use for claims processing during these outages should contact their Medicare Administrative Contractor (MAC) to request a new electronic data interchange (EDI) enrollment for the switch. The MAC will provide instructions based on the specific request to expedite the new EDI enrollment. CMS has instructed the MACs to expedite this process and move all provider and facility requests into production and ready to bill claims quickly. CMS is strongly encouraging other payers, including state Medicaid and Children’s Health Insurance Program (CHIP) agencies and Medicaid and CHIP managed care plans, to waive or expedite solutions for this requirement.
  • CMS will issue guidance to Medicare Advantage (MA) organizations and Part D sponsors encouraging them to remove or relax prior authorization, other utilization management, and timely filing requirements during these system outages. CMS is also encouraging MA plans to offer advance funding to providers most affected by this cyberattack.
  • CMS strongly encourages Medicaid and CHIP managed care plans to adopt the same strategies of removing or relaxing prior authorization and utilization management requirements, and consider offering advance funding to providers, on behalf of Medicaid and CHIP managed care enrollees to the extent permitted by the State.
  • If Medicare providers are having trouble filing claims or other necessary notices or other submissions, they should contact their MAC for details on exceptions, waivers, or extensions, or contact CMS regarding quality reporting programs.
  • CMS has contacted all of the MACs to make sure they are prepared to accept paper claims from providers who need to file them. While we recognize that electronic billing is preferable for everyone, the MACs must accept paper submissions if a provider needs to file claims in that method.

CMS has also heard from providers about the availability of accelerated payments, like those issued during the COVID-19 pandemic. We understand that many payers are making funds available while billing systems are offline, and providers should take advantage of those opportunities. However, CMS recognizes that hospitals may face significant cash flow problems from the unusual circumstances impacting hospitals’ operations, and – during outages arising from this event – facilities may submit accelerated payment requests to their respective servicing MACs for individual consideration. We are working to provide additional information to the MACs about the specific items and information a provider’s request should contain. Specific information will be available from the MACs later this week.

This incident is a reminder of the interconnectedness of the domestic health care ecosystem and of the urgency of strengthening cybersecurity resiliency across the ecosystem. That’s why, in December 2023, HHS released a concept paper that outlines the Department’s cybersecurity strategy for the sector. The concept paper builds on the National Cybersecurity Strategy that President Biden released last year, focusing specifically on strengthening resilience for hospitals, patients, and communities threatened by cyber-attacks. The paper details four pillars for action, including publishing new voluntary health care-specific cybersecurity performance goals, working with Congress to develop supports and incentives for domestic hospitals to improve cybersecurity, increasing accountability within the health care sector, and enhancing coordination through a one-stop shop.

HHS will continue to communicate with the health care sector and encourage continued dialogue among affected parties. We will continue to communicate with UHG, closely monitor their ongoing response to this cyberattack, and promote transparent, robust response while working with the industry to close any gaps that remain.

HHS also takes this opportunity to encourage all providers, technology vendors, and members of the health care ecosystem to double down on cybersecurity, with urgency. The system and the American people can ill afford further disruptions in care. Please visit the HPH Cyber Performance Goals website for more details on steps to stay protected.

Harris Data Integrity Solutions Launches Rapid MPI Cleanup Tool for Fast, Accurate Eradication of Duplicate Patient Records

Harris Data Integrity Solutions has responded to growing demand for faster and more affordable duplicate record cleanup with the launch of its latest innovation, Intelligent MPI Triage Solution.

Leveraging the efficiency of AI-driven logic paired with 20 years of data integrity expertise, Intelligent MPI Triage delivers precise and swift duplicate resolution to lower duplicate rates by easing backlogs created by higher patient volumes and fewer health information management (HIM) resources.

“A perfect storm of razor-thin operating margins, double-digit labor cost increases, and widening staffing gaps have HIM leaders scrambling to find ways to maintain the integrity of their patient data. Our clients reached out for help, and we responded with Intelligent MPI Triage Solution,” says Lora Hefton, Executive Vice President of Harris Data Integrity Solutions. “With it, Harris Data Integrity Solutions can partner with HIM teams and leverage our unique AI-powered ‘assess, treat, and refer’ process to quickly reduce potential duplicate queues, protecting patient records for a fraction of the cost.”

Intelligent MPI Triage increases HIM teams’ effectiveness and productivity by rapidly resolving confirmed duplicates through an automated three-step process that typically takes just two or three weeks and costs 50%-80% less than a full MPI clean-up.

Once Harris Data Integrity Solutions receives the client facility’s potential duplicate data file via an encrypted FTP:

  1. AI-driven algorithms meticulously assess the data set.
  2. Confirmed matches that can be processed with confidence are treated and resolved.
  3. Remaining possible matches are referred to the client’s HIM team for manual review and resolution.

Continue Reading

Holistic Approaches to Chronic Care Management

Chronic conditions can significantly impact an individual’s quality of life, requiring ongoing attention and management. As such, the approach to addressing these conditions should extend beyond mere symptom management to encompass a holistic view of the individual’s health and well-being. In recent years, there has been a growing recognition of the importance of holistic approaches to chronic care management, which prioritize the integration of physical, emotional, and social factors into the treatment and support process.

Understanding Holistic Care

Holistic care recognizes that an individual’s health is influenced by various interconnected factors, including physical, mental, emotional, and social aspects of well-being. Rather than focusing solely on treating specific symptoms or diseases, holistic approaches aim to address the underlying causes of health issues and promote overall wellness. This comprehensive approach acknowledges the interplay between different aspects of health and seeks to empower individuals to take an active role in their own care.

The Role of Chronic Care Management

Effective chronic care management plays a crucial role in implementing holistic approaches to healthcare. By providing personalized support and guidance, chronic care management services can help individuals better understand and manage their conditions, improve medication adherence, and adopt healthier lifestyle habits. Moreover, these services facilitate communication and collaboration between patients, caregivers, and healthcare providers, ensuring that everyone is working together towards shared health goals.

Embracing Patient-Centered Care

Central to holistic approaches to chronic care management is the concept of patient-centered care. This approach prioritizes the individual’s unique needs, preferences, and goals, ensuring that care plans are tailored to meet their specific circumstances. By actively involving patients in decision-making processes and treatment planning, patient-centered care promotes a sense of ownership and empowerment, leading to better health outcomes and higher levels of satisfaction.

Continue Reading

Are There Dangers To AI Taking Such a Prominent Role In Healthcare?

Over the last few years, artificial intelligence has become hugely prominent in society, and when it comes to healthcare that’s no different.

All parts of healthcare are now using it, and there are plenty of positives for it, whether it be personalised addiction treatment plans, spotting trends quicker and more efficiently, or improving diagnostics, there’s so much it’s improving.

However, are there concerns about AI taking such a prominent role in healthcare too?

Well, yes, there are. Mainly because there are some dangers that run alongside the positives too.

Erosion of patient privacy

That primarily lands with the lack of patient privacy. AI systems use huge amounts of sensitive data, which essentially means that the danger of misuse and unauthorised access is higher. While there are major security measures in place, patient records do become more vulnerable to hackers, which can lead to all manner of exploitation of such details.

Bias in algorithms

AI is always learning, but that also means that just like humans, there’s the opportunity of getting it wrong. For example, if the data used reflects existing societal biases then AI systems may inadvertantly discriminate against other groups, potentially leading to further inequality within the system.

Therefore, AI needs to be fed addressing such biases to ensure that how it operates reflects the entirety of society and not just one area.

Who’s accountable?

If AI becomes an increasingly bigger part in decision making, where does that leave accountability? Traditionally, whether it be addiction, cancer treatment, physio or anything else, there’s a clear chain of responsibility, with professionals accountable for their decisions.

While a human will likely still interpret the data given to them from AI, it still blurs the lines much more on accountability for diagnosis or course of treatment.

Misintepretation of data

AI is designed to enhance efficiency and accuracy, but there could be unforeseen circumstances where it doesn’t. Again, that falls into the accountability argument, but also could lead to incorrect diagnoses and courses of treatment that could prove dangerous.

Essentially, AI will benefit all parts of healthcare, but at the same time it needs to be monitored carefully by humans to get the best out of it. Artificial intelligence can’t replace medical professionals, but it can complement the practice of them, creating a much more streamlined process and ensuring patients are treated more efficiently and effectively.