The HIMSS Innovation Center stands as a marquee venue for organizations wishing to build their brands and market their health IT-related services both locally and globally. As a result, less than two years after its opening, 20 organizational collaborators have established a presence at the 30,000-foot facility located on Cleveland’s lakefront.
Attracted also by the HIMSS Innovation Center presence on the 4th floor of the Global Center for Health Innovation, collaborators have dedicated exhibition space, and many other benefits relating to the use of the facility and participation in HIMSS events. Collaborators can join at one of four levels – Founding, Strategic, Industry and Supporting.
“Many organizations are inquiring about reserving space at the HIMSS Innovation Center,” said John Paganini, HIMSS senior manager of interoperability initiatives, noting that HIMSS Pinnacle Corporate members automatically become supporting collaborators of the HIMSS Innovation Center. “There are increasing opportunities to create awareness as events are added and the Global Center for Health Innovation continues to become the premier destination for healthcare professionals.”
Founding collaborator Alego Health leads to way toward innovation
Headquartered in Westlake, Ohio, just outside of Cleveland, Alego Health advocated for the establishment of the HIMSS Innovation Center as a natural fit with the Global Center for Health Innovation next door. Alego Health uses the HIMSS Innovation Center to showcase its products and services during events and through presentations to customers. The company also interviews candidates for employment during recruitment events at the center and conducts training programs for employees and partners there.
Alego Health’s interactive exhibit at the HIMSS Innovation Center includes six iPads and two InTouch screens, through which individuals can learn more about Alego Health and its product and service offerings. “They can contact us directly, if we’re not there as part of a scheduled event, and we can create a Skype connection to the exhibit and have a discussion,” said Jonathan Levoy, Alego Health executive vice president.
As one of the nation’s premier full-service health IT providers, Alego Health sees its presence at the HIMSS Innovation Center as key to its brand and market positioning – to work with healthcare organizations of all sizes to advance the continuum of patient care through the adoption of technology, Levoy said.
Guest post by Tim Cannon, vice president of product management and marketing, HealthITJobs.com.
Tim Cannon
A study, early this year, found that more IT employers are offering their employees flexible work options. But in the wake of security and data breach, is it worth the risk in health IT?
A report published by the Ponemon Institute in September 2014 revealed 43 percent of U.S. companies surveyed experienced a security breach in the past year, up from 33 percent in 2013. Healthcare organizations are a prime target for cyberattacks, according to a report from the Identity Theft Resource Center. Health and medical companies suffered the most breaches in 2014, accounting for 42.5 percent of reported cyberattacks.
Here are some of the biggest risks health organizations face with a virtual health IT workforce, and how to keep patient data safe:
Email risks
Hillary Clinton recently came under fire for using a personal email address for government business during her time as secretary of state. Not only did her exclusive use of personal emails violate federal record-keeping laws and practices, but also put sensitive information at risk. Her actions remind us that employees are using their personal email accounts for work, whether their employers are aware or not.
Health IT professionals who work from different locations and from different devices could be sharing unencrypted data over their personal emails without password protection. They could be sending work emails from a personal account on their phones or home computers because it’s more convenient than connecting to their work accounts.
Solution:
Set clear policies on email use and remind employees of the importance of password protection when sending sensitive information.
Network vulnerabilities
To accommodate the remote workforce, networks and cloud-based data storage systems can be accessed from any location. But more employees using the network and accessing data from different places makes it easier for hackers to access the information as well.
Remote workers usually operate out of their home offices. This means they are using their home network, which is usually much less secure than the office network. Sometimes, they also work out of Starbucks and other public spaces that have unsecure Wi-Fi networks. These places also do not have standard security protocols, which means all the data is unencrypted and easy for hackers to steal.
Solution:
The underlying software of the network needs to be secure, no matter where employees are working from. Securing cloud-based systems is also extremely important. Making sure your servers are up to date with service packs and software updates is critical to close potential holes in your network. Having a strong virtual private network is critical to protect patient information and other sensitive data. Invest in highly protected providers, encrypt sensitive data, and diversify your passwords to avoid security breaches.
Guest post by Crystal Ewing, senior business analyst and manager of regulatory strategy, ZirMed.
Crystal Ewing
Denial management is an industry-wide challenge—and despite traditional approaches intended to reduce denial rates, it’s one that continues to grow. Frankly, this is absurd.
I say that because, despite the recent announcements from CMS regarding changes to how they will process ICD-10-coded claims for the first year, denials will likely still increase under ICD-10—and that’s something healthcare providers don’t need to suffer in full, because it is possible to reduce their denial rates before ICD-10. Ultimately this will be more impactful than any denial management program specifically targeting ICD-10-related denials, because the “everyday” denials will otherwise endure and continue to delay A/R long after whatever disruption ICD-10 causes has long faded into distant memory.
Here are two simple truths:
90 percent of denials are preventable
More than 60 percent of denials are recoverable
So where does this leave healthcare organizations seeking to decrease denials ahead of ICD-10, a change that—despite recent announcements from CMS—is nonetheless likely to bring with it a spike in denials?
Exactly where they’ve always been—in need of straightforward best practices that actually help them drive down everyday denials that create A/R delays, back-office backlogs, and an unreliable revenue cycle.
Step 1: Thoughtful Automation
Let’s step through a common process for working denials, just to clarify why it’s such a headache.
Here are some time-study figures—per each denial, staff spend:
4 minutes identifying the denial and routing it appropriately
+ 10 minutes gathering information
+ 30 minutes compiling and filling out appeal letter and materials
+ 5 minutes just documenting all their activity related to the denial
and visit/log in to the associated payer’s website for 25 percent of denials
That is unacceptable—which is an opinion. But it’s also unnecessary, and that’s a fact. Each of the time-consuming manual processes mentioned above can be eliminated or significantly reduced through thoughtful automation and workflow-focused software development.
Reducing research time and enabling staff to easily resubmit denied claims are two of the biggest denial management time-savers—period.
Guest post by Steve Tolle, chief strategy officer and president of iConnect Network Services, Merge Healthcare.
Steve Tolle
Sooner than later, payers will demand meaningful interoperability to determine the true cost of quality healthcare outcomes. While they may not have a preference for which electronic health record (EHR) platform a doctor or health system uses, they will understand that a platform’s ability to communicate with other EHR platforms will affect the cost and quality of the care provided.
Payers are already implementing bundled payments for some types of costly care, such as full hip replacements. Conventional assumptions aside, physician fees and facility charges are not the leading drivers of joint replacement cost variability. Instead, wide cost disparities frequently seen between Joint Replacement Procedure A and Joint Replacement Procedure B are the product of unpredictable charges for supplies, anesthesia, and medical imaging. When payers start bundling reimbursements for common procedures, risk will shift to providers who will be challenged to closely manage cost fluctuations. In preparation for this transition, healthcare organizations must proactively assess their imaging strategies to keep their business running smoothly, continue providing quality patient care, and ensure they maximize revenue for the services they deliver.
What Providers Must Evaluate
Medical imaging is a $100 billion industry that drives $300 billion in healthcare spending. It accounts for nearly eight percent of U.S. healthcare spending, according to the Journal of the American College of Radiology — a costly component of care that must be effectively addressed as the industry readies itself for the shift from volume to value-based reimbursement.
The U.S. Department of Health and Human Services recently set an ambitious goal that by 2016, 85 percent of healthcare payments will be tied to quality and value of care. Successful healthcare organizations will need to manage two key factors closely — appropriateness and efficiency.
CMS and private payers will increase their vigilance around quality measures such as readmission rates and unnecessary diagnostic imaging. Medically unnecessary or redundant imaging is already on Medicare’s radar, showing up in legislation that mandated decision support for imaging and extended the deadline for ICD-10 conversion. If providers begin to correct course now, downstream risk of lost revenue and decreased patient satisfaction can be mitigated, if not avoided.
Take Stock of Current Assets
To stay ahead of the curve, providers should evaluate all aspects of their image management programs. Many are looking for new solutions that simplify and digitize outdated, paper-based procedures for patient orders, automate insurance payment authorization, and move images from point A to point B in real time, regardless of file format.
Guest post by Ken Perez, vice president of healthcare policy, Omnicell.
Ken Perez
Tracy Morgan, the “30 Rock” and “Saturday Night Live” star, once said, “Bad news travels at the speed of light; good news travels like molasses.” Such is the case with respect to the cost and clinical performance of the U.S. healthcare system.
Steven Brill, founder of Court TV and the American Lawyer, famously pilloried America’s healthcare system in “Bitter Pill: How outrageous pricing and egregious profits are destroying our healthcare,” the cover article in the March 4, 2013 issue of Time and the longest in the history of the magazine. Brill wrote, “In the U.S. people spend almost 20 percent of the gross domestic product on health care, compared with about half that in most developed countries. Yet in every measurable way, the results our health care system produces are no better and often worse than the outcomes in those countries.” In a subsequent article in the Jan. 19, 2015 issue of Time, Brill went on to describe the U.S. as having “a broken-down jalopy of a health care system.”
Brill’s “Bitter Pill” article received generous coverage by CBS, the Commonwealth Club, the Huffington Post, the Los Angeles Times, National Public Radio, the New Yorker, the New York Times, and even Jon Stewart’s “The Daily Show.”
The July 28, 2015 issue of the Journal of the American Medical Association (JAMA) included an article, “Mortality, Hospitalizations, and Expenditures for the Medicare Population Aged 65 Years or Older, 1999-2013,” that shared the findings of a study of over 68 million Medicare fee-for-service and Medicare Advantage beneficiaries by H.M. Krumholz, et al.
This lengthy, detailed, heavily footnoted, and carefully written study reported the following encouraging findings:
Guest post by Donald M. Burt, MD, Chief Medical Officer, PatientKeeper, Inc.
Don Burt
Many physicians and revenue cycle professionals at healthcare provider organizations are suffering acute ICD-10sion as the calendar flips relentlessly toward October 1.
For all the complexity associated with ICD-10, there are some relatively simple things healthcare providers can do to prepare the front-end of their revenue cycle for the change-over. By “front-end” we mean physician charge capture, the origin of much of a practice’s revenue. The key to success is to make physician charge capture as tailored, flexible, and straightforward as possible for physicians, billers and coders.
A system is tailored when it exposes only relevant codes to physicians in a particular specialty or department, and when it provides fine-tuned code edits. It is flexible when it lets physicians enter charges on the device of their choice – a computer in the office or at home, a smartphone in the car, a tablet anywhere – and when it gives physicians the ability to use familiar clinical terminology to look up codes. And a charge capture system is straightforward when it is seamlessly integrated into physicians’ workflow via the EHR, and into the finance staff’s workflow via the billing system, necessitating fewer clicks, taps and swipes by all users.
An organization that knows this firsthand is Stony Brook University Physicians on New York’s Long Island. This academic practice affiliated with Stony Brook University School of Medicine has 17 clinical departments through which patient care services are rendered and billed.
For a variety of business reasons, the group’s administrative arm, called the Clinical Practice Management Plan (CPMP), implemented an electronic charge capture solution 10 years ago. A return-on-investment (ROI) study of several departments showed that, over a six month period, charges increased by $2.5 million ($5 million annualized) and claim volume increased by 29 percent. Overall, these departments saw a 50 percent reduction in lag days. One department with particularly dramatic results saw its number of claims increase by nearly 70 percent, while the number of coding issues actually declined by six percent. Clinicians can now quickly and easily record charges for services they deliver – at the point of care, in the office, or anywhere in between.
Along the way, Stony Brook CPMP gained valuable insight into the critical elements that make up a successful charge capture system.
Guest post by Moshe Ben-Simon, co-founder and vice president of services and research, TrapX Security.
Moshe Ben-Simon
Healthcare is a major market in the United States with annual expenditures that consume almost 17.4 percent of the gross domestic product. Healthcare in the U.S. includes 893,851 physicians, 2,724,570 registered nurses, including physician’s assistants and administrative staff that support them. Additionally, there are approximately 5,686 hospitals that support these professionals directly. The great majority of physician practices now have electronic medical records (EMR/EHR) systems that are all interconnected with the rest of the ecosystem.
The typical hospital is replete with Internet connected systems and medical devices. These devices are also connected to EMR systems that are being deployed at a fast pace across practices and hospitals because of government incentives, such as meaningful use. This creates a highly connected community that brings the most vulnerable devices together with some of the highest value data.
Medical records = big money for organized crime
Healthcare data presents a compelling opportunity for organized crime. Cybersecurity firm Dell Secure Works notes that cyber criminals were getting paid $20 to $40 for health insurance credentials, compared with $1 to $2 for U.S. credit card numbers prior to the Target Breach. The Federal Bureau of Investigation (FBI) issued a private industry notification (PIN) report in April 2014 that noted cyber-attacks will increase against healthcare systems and medical devices because of lax cybersecurity standards and a higher financial payout for medical records in the black market.
As of Mar. 30, 2015, the Identify Theft Resource Center (ITRC) has healthcare breach incidents at 32.7 percent of all listed incidents nationwide. Per ITRC, for the first quarter of 2015, more than 99,335,375 medical records have been exposed and compromised in the United States alone.
As in other industries, the attackers in healthcare may be standalone operators or part of larger organized crime syndicates. The great majority are clearly after valuable healthcare data and economic gain. Health insurance credentials can have a value 20 times that of a credit card on the hacker black market. These attackers know that healthcare networks are more vulnerable and provide greater potential rewards. They have already determined that these vulnerabilities are so extreme as to make healthcare the easiest choice for their attack.
Despite the latest/greatest perimeter network security technology, hackers continue to get in
The risk for ongoing data exfiltration, theft and subsequent HIPAA (Health Insurance Portability and Accountability Act) violations has never been higher. Basic defense-in-depth cyber security products seem to be failing at an increasing rate. The concept of defending a perimeter around hospital networks no longer works against a variety of cyber-attack vectors. Recent studies suggest that most hospitals are unaware of active attackers likely hiding within their medical devices inside their networks already.
These medical devices have become the key pivot points for attackers within healthcare networks. They are visible points of vulnerability in the healthcare enterprise and the hardest area to remediate even when attacker compromise is identified. These persistent cyber-attacks threaten overall hospital operations and the security of patient data.
Most hospital information technology teams are managing a very heavy workload. They must deal with a multitude of vendors and supporting a diverse set of networks across the hospital. Further, they must work to be compliant with HIPAA security rules and other compliance requirements. Cyber security products issue a multitude of alerts and can overwhelm these hospital teams while real cyber security event alerts are perhaps hidden or missed.
It has only been about two generations since traveling medicine shows were common forums for medical information. Phony research and medical claims were used to back up the sale of all kinds of dubious medicines. Potential patients had no real method to determine what was true or false, let alone know what their real medical issues were.
Healthcare has come a long way since those times, but similar to the lack of knowing the compositions of past medical concoctions and what ailed them, today’s digital age patients still don’t know what is in their medical records. They need transparency, not secret hospital –vendor contracts and data blocking, like the practices being questioned by the New York Times. One patient, Regina Holliday resorts to using art to bring awareness to the lack of patient’s access to their own medical records.
There are many reasons patients want access. Second opinions, convenience, instant access in a medical emergency and right of ownership—I paid for them, I own them. Other reasons patients need to view their records is for accuracy and validity. Inaccurate record keeping has even caused the EHRI Institute to cite incorrect or missing data in EHRs and other health IT systems as the second highest safety concern in its annual survey, outlining the Top Ten Safety Concerns for Healthcare Organizations in 2015.
Healthcare system executives, from CIOs to CEOs are very aware of the increasing requirements from patients asking for their records and the various state and federal laws that come into play. However, they are also aware that by making it too easy for patients to access records they risk liability and HIPAA issues. They also don’t want to provide documents that can easily enable cost comparisons or raise questions about charges.
Consumers Uniting
Riding the wave of interest in accessing personal medical records are organizations like Get My Health Data. Org. The organization was founded in June 2015 as a collaborative effort among leading consumer organizations, healthcare experts, former policy makers and technology organizations that believe consumer access to digital health information is an essential cornerstone for better health and better care, coordinated by the National Partnership for Women & Families, a non-profit consumer organization. On July 4 it launched #DataIndependenceDay to create awareness for the HIPAA law which states that patients must be granted access to their health information with very few exceptions. An update to those laws that was finalized in 2013 extends these rights to electronic health records.
Despite the introduction of personal health records (PHRs), Blue Button technology and product introductions from blue chip technology leaders, such as Microsoft and Google, there has been no significant, unifying technology to ignite pent up demand for their medical records by consumers. This lack luster interest and ongoing interoperability issues might be the unifying force to drive many consumers to consider Personal Health Information Exchanges (PHIEs) as an alternative to EHRs and Health Information Exchanges (HIEs) that unnecessarily duplicate data and risk HIPAA violations.
Will PHIEs Ignite the Patient Record Access Movement?
Frost & Sullivan, in its research report, “Moving beyond the Limitations of Fragmented Solutions Empowering Patients with Integrated, Mobile On-Demand Access to the Health Information Continuum”, identifies personal health information exchange (PHIEs). They are described as providing individual patients, physicians, and the full spectrum of ancillary providers with immediate, real-time access to medical records regardless of where they are stored by using an open API.
The PHIE can provide access to the entirety of an individual patient record, regardless of the number of sources or EHR systems in which the patient data resides. This technology is made possible through fully interoperable integration servers that can access any EHR system with available APIs and portray the integrated data in a viewable, secure and encrypted format on a mobile device.
By leveraging the powerful simplicity of open APIs, PHIE technology can also access medical records in a way that is much more comprehensive than the closed EMR portals commonly used by doctors’ offices. Despite their pervasive use, these portals are cumbersome and expensive for patient’s use. The portals also include the same lack of interoperability that plagues hospital EHR systems.
