© Copyright 2011 Axis Technology, LLC HIE & ACO Interoperability Testing – Test Quickly and Securely know your data • protect your data • share your data
© Copyright 2011 Axis Technology, LLC
HIE & ACO Interoperability Testing – Test Quickly and Securely
know your data • protect your data • share your data
855.85HIPAA www.compliancygroup.com
Compliance Simplified – Achieve , Illustrate, Maintain
Industry leading Education
Certified Partner Program
Todays Webinar
• Please ask questions via questions or chat
• Todays slides are available
http://compliancy-group.com/slides023/
• Past webinars and recordings
http://compliancy-group.com/webinar/
Agenda Interoperability
MU 2
HIE’s
ACO’s
Standards Models of Interaction
Testing
3
INTEROPERABILITY
4
Definition
Interoperability allows disparate information systems … to readily work together and exchange data. *
*Microsoft (http://www.microsoft.com/about/legal/en/us/interoperability/default.aspx) 5
MEANINGFUL USE
6
Definition
The Medicare and Medicaid EHR Incentive Programs provide incentive payments … as they adopt, implement, upgrade or demonstrate meaningful use of certified EHR technology.*
*CMS (http://www.cms.gov/Regulations-and-
Guidance/Legislation/EHRIncentivePrograms/index.html?redirect=/ehrincentiveprograms/) 7
Components of MU
Stage 1 - Use of certified EHR in a meaningful manner
Stage 2 - Use of certified EHR technology for electronic exchange of health information to improve quality of health care
Stage 3 - ……. 8
MU Stage 1 80% of patients must have records in EHR Common Objectives - Individuals & Institutions: Computerized provider order entry (CPOE) Report clinical quality measures to CMS/States Implement one clinical decision support rule Provide patients with electronic copy of health information Record demographics Up-to-date problem list of current and active diagnoses Maintain active medication list Maintain active medication allergy list Record and chart changes in vital signs Record smoking status for patients 13 years or older Exchange key clinical information among providers of care and patient-
authorized entities electronically
Protect electronic health information
9
MU Stage 2 Common Objectives - Individuals & Institutions: CPOE - For more than 60% of medication, 30% of laboratory, & 30% of radiology Demographics / Vital Signs / Smoking Status – Record for more than 80% Interventions - 5 clinical decision support interventions + drug/drug and drug/allergy Labs - Incorporate lab results for more than 55% Patient List - Generate patient list by specific condition Patient Access - Provide online access to health information for more than 50% with
more than 5% actually accessing Education Resources - EHR to identify and provide education resources more than 10% Rx Reconciliation - Medication reconciliation at more than 50% of transitions of care
Summary of Care - Summary of care document for more than 50% of transitions of care with 10% sent electronically and one sent to a recipient with a different EHR vendor or successfully testing with CMS test EHR
Immunizations - Successful ongoing transmission of immunization data
Security Analysis - Conduct or review security analysis and incorporate in risk management process
10
Audit Failure
“If CMS determines during the audits that
the provider has failed to meet any one of the reporting requirements, it plans to take steps to recoup incentive payments.”*
*GAO (http://gao.gov/assets/600/590538.pdf/) 11
HEALTH INFORMATION EXCHANGES
12
Health Information Exchange (HIE) Reliable and interoperable electronic health-related
information sharing
Conducted in a manner that protects the confidentiality, privacy, and security of the information.
Create a standardized interoperable model that is trusted, scalable and reliable.
Public HIE - Community-based and are open to, and governed by, participants from multiple organizations.
Private HIE - Operate under the governance of an Integrated Delivery Network (IDN) or a single healthcare system.
13
ACO
14
Accountable Care Organizations (ACO) Groups of doctors, hospitals, and other health care
providers, who come together to give coordinated care to Medicare patients.
The goal is to ensure that patients get the right care and avoid unnecessary duplication of services and medical errors.
When an ACO succeeds both in both delivering high-quality care and spending health care dollars more wisely, it will share in the savings it achieves for the Medicare program.
15
Types of ACOs Medicare Shared Savings Program—a program that
helps a Medicare fee-for-service program providers become an ACO.
Advance Payment Initiative —a supplementary incentive program for selected participants in the Shared Savings Program.
Pioneer ACO Model —a program designed for early adopters of coordinated care.
16
STANDARDS
17
Health Information Organizations (HIO) Organizations that oversee HIE
Employ nationally recognized standards to enable
interoperability, security and confidentiality
Ensure authorization of those who access the information.
Effort to improve the way systems in healthcare share critical information.
Develop integration profiles to facilitate health information passing seamlessly from one system to another.
18
Integrating the Healthcare Enterprise (IHE) The Healthcare Information Management & Systems
Society (HIMSS) provides leadership for the optimal use of information technology and management systems for the betterment of healthcare.
Healthcare Information Technology Standards Panel (HITSP) purpose of achieving a widely accepted and useful set of standards specifically to enable and support widespread interoperability among healthcare software applications.
19
MODELS OF INTERACTION
20
Major Models
Federated
Centralized
Hybrid
21
Federated Model
Each participating organization retains control of their healthcare information and responds to queries when information is requested.
Participant
Participant
Participant
Participant
22
Centralized Model
Participant
Participant
Participant
Participant
Information Exchange
A central organization collects information from participating organizations and stores the information in a centralized place to provide access.
23
Hybrid Model
Participant
Participant
Participant
Participant
Information Exchange
Some information is stored centrally and other information is stored at participating organizations.
24
TESTING
25
Issues Individual participants can prepare all they want, but
bad data can snarl the exchange.
Normalization of data across multiple independent organizations leaves data more vulnerable to contamination, duplication and mix-ups.
Medicare collection of extensive data, raising privacy
concerns and administrative costs.
Aggregating, analyzing and managing Utilization and Total Medical Cost (of a patient) across organizations.
26
Obstacles
Ownership
Normalization
Analytics
Privacy
27
TESTING – OWNERSHIP
28
Testing - Ownership
Each participant must concede a certain amount of ownership of resources and timelines for projects to the “Greater Good”.
29
TESTING – NORMALIZATION
30
Normalization - Federated Model
Each participating must maintain a cross reference table of Patient Master ID’s and other data that needs to be shared.
Participant
Participant
Participant
Participant
31
Normalization - Centralized / Hybrid
Participant
Participant
Participant
Participant
Information Exchange
A Master Patient Reference and other Cross Reference is maintained by the Information Exchange and accessed by participants.
32
TESTING – ANALYTICS
33
Testing - Analytics
Participant
Participant
Participant
Participant
Information Exchange
Calculation and understanding of Utilization and Total Cost of Expenses
Reporting for Individual Participants
Government reporting
Proper Entitlements to view reporting.
Pre-Processor
Data Warehouse
Analytics
Participant Participant
Participant
Participant
34
TESTING – PRIVACY
35
Testing - Federated Model One participant
organization has the De-Identification Hub.
Sensitive Data Discovery is automated for each participant.
The Hub maintains the complete sensitive data inventory from all participants.
The other participants have remote agents which process discovery and de-identification on their own network so that no PHI data leaves their network.
Participant
Participant
Participant
Participant
Hub
Agent
Agent
Agent
36
Testing - Centralized / Hybrid
Participant
Participant
Participant
Participant
Information Exchange Hub
Agent
Agent
Agent
Agent
The Information Exchange has the De-Identification Hub.
Sensitive Data Discovery is automated for the Information Exchange as well as each participant.
The Hub maintains the complete sensitive data inventory including that of all participants.
Each participant has a remote agent which process discovery and de-identification on their own network so that no PHI data leaves their network.
37
…. A WORD FROM OUR SPONSOR
38
Risk Based Solutions
Enterprise Governance, Risk and
Compliance
Strategic Business Processes / Goals
Enterprise Architecture
Reference Models, Business Architecture, Application Architecture
Information Security Architecture
Regulatory & Corporate Requirements, Environment Maturity Assessment
Operational Environment
Data Masking
(De-Identification)
Identity / Access
Management
Data
Management
Drives
Drives Drives
Drives
Information
Security
DMsuiteTMEntitlements
Management
Data
Governance
Sensitive Data
Assessment
• Axis has created a set of eGRC related solutions that leverage our overall consulting expertise as well as our DMsuiteTM and product implementation capabilities
39
Data De-Identification - DMsuiteTM
DMsuite™ - A robust,
proprietary tool that has been
deployed at clients for over
8 years with:
Sensitive Data Discovery - HIPAA
Ready Out of the Box,
Data De-Identification and
Auditing functionality.
40
Questions or Further Discussions
Contact: Joe Santangelo
Email: [email protected]
Phone: (646) 596-2670
Twitter: @DataPrivacyDude
41
855.85HIPAA www.compliancygroup.com
Compliance Simplified – Achieve , Illustrate, Maintain
Compliance Simplified!
Maintain
Illustrate
Achieve
Free Demo and 15 Day Evaluation 855.85HIPAA http://compliancy-group.com/ New & Past Webinars http://compliancy-group.com/webinar/
HIPAA Compliance HITECH Attestation Meaningful Use core measure 15
© Copyright 2011 Axis Technology, LLC
www.AxisTechnologyLLC.com
Thank You!
185 Devonshire Street
Boston, MA 02110
(857) 445-0110
know your data • protect your data • share your data
43