Guest post by Chris Strammiello, Vice President of Global Alliances & Strategic Marketing, Nuance.
The growing use of smart devices at the point of care exacerbates the dual, yet contradictory, challenges confronting hospital IT directors and compliance officers: Making patients’ health information easier to access and share, while at the same time keeping it more secure.
A major problem is that there are just too many touch points that can create risk when sharing protected health information (PHI) inside and outside of the hospital. In addition to securing communications on cell phones, tablets and laptops, these tools can send output to smart multi-function printers (MFPs) that not only print, but allow walk-up users to copy, scan, fax and email documents. This functionality is why the Office of the National Coordinator for Health Information Technology now defines MFPs as workstations where PHI must be protected. These protections need to include administrative, physical and technical safeguards that authenticate users, control access to workflows, encrypt data handled on the device and maintain an audit trail of all activity.
Accurate, Effective and Secure Use of Patient Information at Point of Care
Hospitals need to adopt an approach that automatically provides security and control at the smart MFP from which patient information is shared and distributed. This approach must also support the use of mobile computing technologies, which are helping to bring access to patient information and electronic health records (EHR) to the point of care. Advanced secure information technology and output management solutions can help hospitals protect patient health information as part of achieving HIPAA-compliant use of PHI with software by adding a layer of automated security and control to both electronic and paper-based processes. These solutions can minimize the manual work and decisions that invite human error, mitigate the risk of non-compliance and help hospitals avoid the fines, reputation damage and other costs of HIPAA violations and privacy breaches.
With this approach, vulnerabilities with capturing and sharing PHI are reduced with a process that ensures:
Authorization — only authorized staff can access specific devices, network applications and resources with password or smartcard based authentication. Network authentication is seamlessly integrated with the document workflow and to ensure optimal auditing and security, the documents containing PHI are captured and routed to various destinations such as email, folders, fax and EHR systems.
Authentication — user credentials must be verified at the device, by PIN/PIC code, proximity (ID), or by swiping a smart card access documents containing PHI. Once authenticated, the solution controls what users can and cannot do. It enables or restricts email or faxing and prohibits documents with PHI from being printed, faxed or emailed.
Encryption — communications between smart MFP’s and mobile terminals, the server and destinations, such as the EHR, are encrypted to ensure documents are only visible to those with proper authorization.
File destination control — simultaneously monitors and audits the patient information in documents, ensuring PHI is controlled before it is ever gets to its intended destination.
Content filtering — automatically enforces security policies to proactively prevent PHI from leaving the hospital by filtering outbound communications and intercepting documents – rendering misdirected or intercepted information unreadable to unauthorized users.
Guest post by Tom Giannulli, MD, MS, chief medical information officer, Kareo
Quality assurance (QA) in healthcare is exactly what the name implies — the process of implementing programs to improve and assure quality care for patients. In a hospital, these programs are often quite robust and monitored closely, but in a small practice, the picture can be quite different.
Smaller practices have limited resources and staff. There is already a huge burden to stay compliant in so many areas while keeping up changes to reimbursement and other programs like meaningful use. Often, there isn’t much time left over for QA.
Unfortunately, measuring and monitoring patient satisfaction and outcomes is becoming more important as reimbursement shifts to a more value-based model and patient expectations change. Whereas patients once stayed with the same doctor forever, now the majority would change providers for a wide range of reasons. While 80 percent of healthcare providers think that patients depart because of relocation or change in insurance, the reality is far different. Nearly 60 percent of patients switch physicians because of better service or treatment from a new provider.
For practices that are stretched for time, dollars and staff, technology can play a valuable role in improving the patient experience, compliance, and outcomes. Ultimately as the industry shifts to value-based reimbursement it can also help the practice improve revenue. Here’s how:
It’s obvious from the varying responses below that there are a plethora of health IT issues affecting a number of areas in and throughout hospitals. In reviewing a number of healthcare issues, the following thought leaders offer what they feel are the top IT issues in healthcare.
As is often the case in profiles such as this, the responses are diverse and varied. Do you agree with their assessments?
I work with hospitals nationwide and I find that the top issues facing the hospital are:
1. How to align the interests of the physician with the hospital in a world where the hospital takes risk? Physicians used to get paid by “time and material” in the old world and the hospital got paid by “contracted costs.” The new reality has both the physician and the hospital getting paid a fixed amount to then manage the cost of healthcare on a “fixed price” for lack of a better word. IT challenges: The tools in the “time and material” world are unsuitable to manage the new reality in a “fixed price” world. This is a top challenge.
2. Real-time P & L — If you ask a hospital CFO what the profitability of the current patients in Unit 10, they would give you a blank stare. This is because the do not know what they are going to get paid (the DRG or diagnosis-related group reimbursement) much less what their current costs are. Thus, the lack of visibility into managing costs creates havoc. IT challenges: Systems that can develop a view into costs and projected revenue require a lot of specialized people to provide the information even in hospitals that have a partial solution. Most hospitals do not know where to turn for new ways of thinking. This is a big IT challenge.
Doug Nebeker, owner and technical expert, Power Admin LLC Staying on top of compliance and auditing tasks is a top issue facing hospital IT departments today. As more and more data moves into the digital space, IT departments can easily become overwhelmed as staff gets bogged down with the tedious task of trying to keep track of what’s happening where in the system. Network monitoring software is seeing a boom as a result, quickly becoming an IT necessity for managing increasingly complex network auditing and compliance processes. Technology is meant to help, not hinder, and so as we continue to utilize it in new ways we must ensure our process management keeps pace.
Hospitals and other healthcare organizations will always have the need to exchange “unstructured” data. While there is a large focus on meaningful use, ICD and other mandates, many hospitals and organizations are not taking into account the need to quickly, affordably and securely transmit unstructured data while also staying HIPAA compliant. One of the main issues is that public cloud services are not HIPAA compliant. Healthcare organizations can work around this by extending their existing fax server solutions to the hybrid cloud, allowing both custom and popular EHR applications to communicate with each other via a private secure network, guaranteeing delivery with military grade end-to-end encryption. By eliminating the need for costly and cumbersome network fax systems, such as fax boards and recurring telephony fees, hospitals can leverage the hybrid cloud to swiftly manage all business-critical fax communications while staying HIPAA compliant.
David S. Finn, CISA, CISM, CRISC, ISACA professional influence and advocacy committee member, health IT officer, Symantec
Healthcare is undergoing fundamental changes in reimbursement, care delivery models and the technology required to make these changes. Technology and information is no longer an adjunct to the business of healthcare — it is a strategic imperative. This information, however, is among the most regulated and protected information under the law. The data must be shared more widely with more people and organizations, all the while with stricter security and privacy controls. At a high level, the most critical issues facing health IT are:
1. Security and Privacy
Healthcare, historically, has not invested in nor staffed appropriately in terms in of Privacy and Security. Providers and business associates need to catch up with other regulated industries and those targeted for the value of their data.
2. Data Management
The digitization of healthcare has led to the massive collection of data. As healthcare becomes more dependent on this data, the storage, protection, back-up and recovery of the data is critical. It must include disaster recovery/business Continuity.
3. Interoperability and Information Exchange
Affordable Care Organizations (ACO), health information exchanges (HIE) and new care delivery models (home care, remote monitoring and other requirements) will drive information exchange.
It should come as little surprise to me that no matter the healthcare sector — long-term care, ambulatory or in patient, for example – most of the worries faced are the same or very similar. Many of the same levels of attention is given to many of the highly complex usual suspects – interoperability, health information exchange, accountable care, HIPAA and even mandates like meaningful use. The murmurs of those working here are often similar and there is a fairly deep collective holding of the breath in regard to advancements or developments in these areas regarding the blowing winds of how these and other issues sway constituents throughout the marketplace.
The general sentiment of individuals, those leading large hospitals and multi-location care facilities, who express their opinions and concerns to organizations like HIMSS, to name one, are the same as the concerns voiced by many of the attendees at PointClickCare’s annual user meeting, to name one, in Orlando Nov. 2-5, 2014. These same sentiments also are expressed at variety of other meetings of the minds throughout the US in similar constituent groups or with vendor and other allegiances.
Educational and work sessions held at these gatherings always have the same look and feel; the same as those expressed at PointClickCare’s Summit 2014. Engagement, connection, care; ACOs, HIEs, and managing their relationships; EHRs, interoperability, and managing this relationship and the flow of information (or doing so when the information does begin to flow); and change management strategies that provide guidance and advice for … managing change.
The information exchanged in venues such as these and the sessions themselves are valuable, of course, and needed to fill an enormous information void. Most importantly, these healthcare education sessions draw together folks seeking guidance and those needing insight, as well as provide a dash of leadership at times when much seems to be lacking. Finally, these educational sessions – quick and concise as many of these sessions may be – alleviate fear during a scary and tumultuous time in healthcare.
I’m a huge fan of infographics. I think they provide simple and very easy to understand explanations of often difficult to comprehend subjects, like health IT. The following health IT infographic shows the evolution of the electronic health record since 2009 when they really started to gain attention. One of the things I particularly like about this image is that it defines the difference between EMRs and EHRs, something that is often confused, which is a huge pet peeve of mine.
What’s somewhat interesting about the information here, too, is that large, teaching hospitals utilize EHRs more than other organizations. Ironically, in the past, it’s been reported and much discussed that teaching hospitals don’t actually spend much time teaching student how the use the electronic health records.
Also, the bigger the practice, the more likely they are to have an EHR. This suggests that size does matter.
There’s some other good info buried in the following piece. Take a look; I look forward to your feedback.
Reports state that only 39 percent of physicians share data using a health information exchange (HIE). There is even a lower number of only 14 percent who electronically share data with ambulatory care providers or hospitals outside their organization. While these numbers may seem astounding to some with Stage 2 fast approaching — the reason is clear. Because even though providers want to share health information electronically they are hindered by EHRs that can’t communicate with one another, lack information-exchange infrastructure, and the high expense of setting up electronic interfaces and health information exchanges.
Below are the top reasons why EHR sharing remains low for adoption:
Lack of Interoperability. The majority of providers and physicians have acknowledged lack of EHR interoperability and exchange infrastructure as major barriers to health information exchange. They have also identified the cost of creating and maintaining interfaces and exchanges as a major barrier.
Lack of Advanced Technology. Over the last few years, various HIE systems have been developed, but many have failed for technological and organizational reasons. High-level issues must be addressed to implement an HIE successfully, including disparate EHR and HIS systems. Most previous HIE research focused on high-level issues and evaluating impact on healthcare delivery, ROI, Syndromic Surveillance, etc.
Lack of Security and Streamlining. Quantitative measures are crucial to the long-term sustainability of HIEs. Interoperability of patient data doesn’t effectively address concerns on privacy, productivity, workflow and costs. Streamlining HIE access through integration with electronic health records to minimize workflow interruption, and keeping costs reasonably low for providers, may increase participation.
Lack of Affordability and Productivity. The cost and loss of productivity are major barriers to HIE adoption. While there are many compliant products on the market, not all of them provide cost savings and lead to efficiency or increased productivity.
The purpose of EHR and HIE is to make patient specific information available at the point of care to improve the delivery and quality of care. Interoperability of patient data no doubt has many advantages, including improved care coordination, elimination of paperwork, reduction in duplicate tests and reduction of medical errors. It is imperative to develop a long-term plan for standards and interoperability that will support competing public and private-sector Interoperability efforts. We should also encourage clear regulation on compliance with federal privacy and security laws. There should also be national benchmarking to share best practices and lessons learned. There should be significant cooperation among primary-care providers, medical specialists, long term care providers and hospitals to outline common information sharing needs promoting a value-based care.
Implementation of electronic health records is considered a national priority in this era of healthcare reform. However if EHRs are not implemented correctly they can be painful.
EHRs that are not implemented effectively can affect productivity and revenue. The extra documentation requirements and intricate workflows create distance between physicians and their patients. Physicians have reported that they spend too much time on EHRs and that they don’t get enough time to interact with their patients. But physicians often communicate that spending time on EHRs is crucial to creating a trusted set of structured data that can guide their business. Every click that providers make creates important data points that can be used to inform the efficient delivery of their practice.
Every EHR saves a large amount of data inside it regarding patient health, effectiveness of treatments, system efficiency and provider tendencies. Despite the extra time and effort that is dedicated to electronic documentation, many practices and physicians do not make full use of this precious data set that they have produced.
If a practice can get its EHR adoption right they can make a number of positive results, some of which are mentioned below:
Revenue Gains
By overcoming the difficulties providers can see more patients and will be able to generate more billed revenue using its existing staff. Furthermore, if a provider is using its EHR efficiently then the improved documentation produces billing at higher rates, combined with increased patient flow. This represents significant potential revenue.
Quick Cash Flow
Many of the practices work on revenue cycle management, but few make it flawless. With increased charge accuracy and reduced time for denials, there will be an increase in the yield with timely reimbursements by the payers.
Guest post Kathleen Myers, MD, FACEP, is an emergency physician and founder/chief medical officer of Essia Health.
A few years ago, JAMA published a drawing by a 7-year-old girl after a recent visit to the doctor. It showed the girl on the examination table. Her older sister was seated nearby in a chair, as was her mother, who was cradling her baby sister. The doctor sat staring at the computer, his back to everyone – including the patient. The picture was carefully drawn with beautiful colors and details, and you couldn’t miss the message: Technology is making us physicians less human.
This powerful picture paints the role of the medical scribe in re-humanizing healthcare: If a medical scribe had been there, the doctor would have been able to focus 100 percent on the little girl while the scribe entered the necessary documentation into the computer.
Medical scribes specialize in charting physician-patient encounters in real-time in the electronic health record (EHR) during medical exams, freeing physicians from the data entry burden. They are typically bright, tech-savvy college students or recent graduates interested in pursuing a career in medicine and other healthcare disciplines. Many of them go onto medical school and become physicians themselves, having gained invaluable experience and insights into real-world medicine through scribing.
When I first started using an EHR, I realized that I didn’t want to be the doctor depicted in that drawing. And I was sure other doctors felt likewise. So I started a medical scribe program in my emergency department physician group as a way to integrate EHRs while re-humanizing healthcare – helping physicians maintain a more personal relationship with their patients, helping hospital customers ensure high-quality care for their patients and helping create a meaningful place for people to work. It wasn’t long before I realized that the model I started to solve our needs internally had significant potential in the marketplace, so I turned our program into a company that could serve the medical scribe needs of other healthcare providers.
In the nearly 10 years I’ve personally been using a scribe, I have observed how they are improving the practice, as well as the business, of healthcare. And our customers have confirmed these benefits time and time again.
First, patient satisfaction increases when they receive a physician’s full and focused attention. In fact, studies show improvement of 40 percent to 45 percent in Press Ganey patient satisfaction scores to overall levels 90 percent and higher when scribes are used.