NetDirector Continues to Provide Best in Class Automation to Improve Compliance in Default Servicing Firms

TAMPA, Fla.Oct. 5, 2017 /PRNewswire/ — NetDirector, a cloud-based data exchange and integration platform, provides several data/document automation options for default servicing firms to promote increased compliance throughout the industry. Additionally, NetDirector has maintained and standardized the SOC 2 Type II security procedures in-house to ensure compliance at all points in the flow of data.

With the ever-changing atmosphere of the default servicing industry, it is important for firms to maintain the quality and compliance of the work they do while focusing on efficiency and their bottom line. Among the services available to improve compliance through automation are:

SCRA Military Search

The Service members Civil Relief Act (SCRA) requires foreclosure attorneys/trustees check whether borrowers are active duty military members. NetDirector’s Military Search interface streamlines this process and allows subscribers to check active duty status without leaving their case management systems (CMS), alleviating data keying errors and improving timelines.

Firms are required to perform this search on a regular basis to maintain compliance – the most common solution is simply to dedicate employee hours to performing the searches and logging the information. This is an expensive and inefficient solution, that only mitigates the compliance risks to a certain degree – the human element of this solution leaves room for compliance errors that foreclosure firms simply cannot afford.

“NetDirector has allowed us to focus on our core competencies by managing our data & document integration needs. Our firms are seeing the benefits of eliminating data entry and manual business processes for military search, document uploads, and milestone events,” said Ron Llewellyn, Associate Director of Application Services at Barrett Daffin Frappier Turner & Engel L.L.P.

Additionally, the NetDirector automated military search is fully compatible with the recent DoD website enhancements – many firms are already utilizing NetDirector to solve the challenges of integrating with the new website without increasing dedicated labor and resources to an ongoing concern. For more detailed information on PACER automation, click here to visit our website.

PACER Bankruptcy Search

The Federal court has several bankruptcy court district and divisions upon which bankruptcy dockets are available for verifying bankruptcy filings. NetDirector’s Bankruptcy PACER integration suite alleviates the manual need to log in to multiple court sites (both National and Regional) and/or manually search for the bankruptcy filing -thereby reducing timelines.

The round-trip data interface allows NetDirector subscribers to send requests to the PACER Case Locator site to search for current and prior bankruptcy filings. The automated response can include information on cases filed in other districts/divisions and links to current and prior case dockets and documents. More importantly, returned searches and dockets have live hyperlinks within the PDF documents – saving time by eliminating the need to re-key search information and providing a direct link to cases and docket information for future retrievals. This directly increases a firm’s compliance while automating and simplifying the amount of work required for this mandatory step in the foreclosure process.  For more detailed information on PACER automation, click here to visit our website.

“NetDirector has played a key role in increasing system and workflow efficiency across multiple departments,” said a representative of Rubin Lublin, LLC. “With the processes and checks they have in place we can feel assured that the integration is working and accurate. I have worked in the foreclosure industry over 17 years, and NetDirector is by far the best thing to come along for firms in the past decade.”

Industry Leading Security Standards for Compliance

The SOC 2, or Service Organization Controls 2, is an examination under AICPA standards designed for technology service companies to demonstrate controls around data security and processing integrity. The SOC 2 reports are intended to meet the needs of a broad range of users that need to understand internal controls at a service organization as it relates to security, availability, process integrity, confidentiality and privacy. The Type II report is a report on management’s description of a service organization’s system and the suitability of the design and operating effectiveness of controls.

“NetDirector displayed the necessary controls in their SOC 2 Type II attestation report,” said Scott Price of A-LIGN, the company that performed the SOC 2 analysis. “Their security and management teams were great to work with throughout the process. There is a strong attention to detail in the organization.”

In addition to the in-house attestations, the data centers utilized by NetDirector through Peak10 maintain the same security standards or higher in all aspects of their company. Many technology companies have recently been brought to light as claiming true “compliance” in their organization, when they really mean that their data center has gone through the rigorous examination. At NetDirector, the belief is in transparency and clear communication regarding security so that the boost in compliance and efficiency is ultimately passed along to the firms and servicers participating in the integration network.

Company Bio:

NetDirector provides a secure cloud-based data and document exchange solution for the healthcare and mortgage banking industries to deliver seamless data integration between parties. NetDirector bridges gaps created by disparate systems & technologies by allowing companies at any location to share data & documents securely over a single internet connection with any other member of the ecosystem. Our approach allows trading partners to collaborate and exchange data in a seamless, bi-directional, real-time manner. With security and longevity as a focus, NetDirector is a certified SOC 2 Type II and HIPAA Compliant company, a 6-year member of the prominent Inc. 5000, and currently, processes more than 9 million transactions per month.

Security in Data Migration, and When Not to Migrate

There’s no turning back on the cloud computing revolution. By 2020, more than 90 percent of data center traffic will be cloud traffic, according to Cisco’s Global Cloud Index forecast.

Separate analysis from 451 Research finds enterprise spending on hosting and cloud services up by 26 percent in 2017 over 2016, outpacing a 12 percent increase in total IT budgets during the same span. “Hosting and cloud services are becoming a focus of IT investment, via both new projects and the migration of existing workloads,” observes Liam Eagle, research manager at the firm.

In healthcare, 76 percent of new or existing workloads are moving to the cloud, in areas such as data archiving, backups/disaster recovery, back-office applications and server virtualization.

Some might even say the transition to cloud is happening too quickly. In fact, the simplicity of initiating cloud projects has raised eyebrows among industry observers — especially since protected health information (PHI) is at stake. “The ease of spinning up a cloud application can create, in and of itself, a risk,” says Shane Whitlatch, enterprise vice president at data security firm FairWarning. “Because cloud projects are easy to start, it’s also easy to just leave them there and not monitor them.”

Does he have a point?

Setting the record straight

Without a doubt, companies across all industries have made some missteps in migrating data to the cloud. In certain cases, organizations have viewed data migration as a one-time event rather a process that will likely be repeated over the years. Therefore, it’s important to analyze whether an IT infrastructure can hold up to the demands of a full-scale migration, reports HealthITInfrastructure.

Closer to home in healthcare, organizations often fail to assess data-quality issues before embarking on a migration. This might come into play, for example, when moving data from a legacy electronic health record (EHR) system to a new EHR application.

And while it’s certainly possible for a healthcare provider to fall victim to the scenario Whitlatch envisions (e.g., gathering PHI for research purposes and later abandoning that data outside established controls on a cloud-based platform), most organizations would avoid that type of vulnerability through due diligence. They recognize that cybersecurity is a shared responsibility between cloud provider and customer. HIPAA’s Security Rule, for instance, applies in equal force to data protection whether the data resides in on-premise systems or in the cloud.

Additionally, above all other factors, healthcare organizations are concerned about adherence to regulatory requirements such as HIPAA when selecting a cloud services provider, according to a 2016 study conducted by HIMSS Analytics.

NetDirector’s HealthData Exchange, a cloud-based platform for exchanging data between healthcare entities, has been certified as HIPAA-compliant under audit by a third-party security and compliance solutions provider. This certification “strengthens the trust that our clients place in us to safely integrate their platforms and transform their data,” explains NetDirector CEO Harry Beisswenger.

For more information on the HealthData Exchange platform, please contact us or request a free demo.

New Healthcare Developments from HIMSS17

The massive meet-up known as HIMSS17 drew more than 42,000 healthcare IT professionals to Orlando during the last full week of February. Attendees learned the latest on artificial intelligence (AI) and blockchain technologies — and how they may impact the sector — along with crucial updates on information security and electronic health records (EHRs).

The non-profit host organization, the Healthcare Information and Management Systems Society, released a study showing that 56 percent of providers expect increases in their IT budgets this year. They’re also in sync with vendors and consultants on the top priorities for leveraging clinical IT, including privacy/security, care coordination, and population health, according to the research. At the same time, providers continue to struggle with how to get the most out of their existing EHR systems.

A ‘year of action’ in AI, cloud computing, and consumerism

IBM CEO Ginni Rometty’s opening keynote highlighted growth in the company’s Watson Health consultancy, which launched in 2015 and now employs more than 7,000 people. Watson Health has large “cognitive computing” projects underway at Memorial Sloan Kettering and Cleveland Clinic. Rometty said healthcare decision-makers elsewhere are in the midst of due diligence regarding cloud, data architecture and AI platforms.

Ed McCallister, CIO at University of Pittsburgh Medical Center, told Healthcare Informatics during the conference that 2017 will be “a year of action” rather than concept. “In the past, we talked about ‘to cloud or not to cloud,’ and now we’re hearing about approaches,” he explained.

Intermountain Healthcare CIO Marc Probst added, “Where we need to up our game is thinking about how to engage with the consumer and [how to] modify our overall operations and become a digital healthcare delivery system.”

Blockchain breaks through

Aside from those practical discussions, HIMSS17 also served up substantial buzz related to blockchain technology, which creates a permanent record of online transactions. A distributed database manages the records, secured by cryptography. Blockchain could be used in population health, for instance, to aggregate the patient and financial data that formerly would have been available only from separate sources such as health information exchanges and claims databases. A summary from Surescripts, which runs a nationwide network of healthcare entities, noted that the technology “has the potential to increase IT and organizational efficiencies, keep data secure, and streamline patients’ access to medical data.”

Security remains a top concern

Information security has been a constant worry in healthcare for many years, as the sector strives to match measures already in place in more advanced industries such as banking and finance.

Symantec released a report conducted by HIMSS Analytics showing growth in the number of IT employees dedicated to security. However, healthcare organizations devote just 6 percent of their overall IT budget to security, while over one-third have implemented only basic security controls.

More than 700 healthcare CIOs attending the concurrent CHIME Forum got a firsthand look at potential vulnerabilities from Kevin Mitnick, a former hacker once on the FBI’s Most Wanted list. Mitnick, now a “white hat” security consultant to Fortune 500 companies, provided a live demonstration of how easily organizational networks could be penetrated.

“You can always mature your security processes,” Mitnick advised, pointing out efforts to segment networks and use two-factor authentication. “You can take the steps necessary to make [your organization] a harder target so that the bad guys go to another company that doesn’t use rigorous security controls.”

Open EHRs evolve

EHR giant Cerner is focusing on making their software open and interoperable. “We’re going to do anything possible to move forward on interoperability,” commented company president Zane Burke. “We view it as a moral obligation in our industry.” Cerner will collaborate with partners to develop needed solutions that can plug into its EHR platform via application programming interfaces.

Meanwhile, EHR rivals Epic and Allscripts are also working on ways to extend their reach. Epic announced progress on two scaled-back versions of its flagship EHR — at lower price points. And Allscripts CEO Paul Black said, “When people talk about ‘open,’ our definition has to do with being vendor-agnostic, [allowing] a very deep level of integration.” Allscripts’ interoperability suite can pull out data from different EHRs and put it into a single community record, yielding one view of multiple subsystems.

But experts were quick to emphasize that the ultimate success of emerging EHRs depends on embedding physicians in the shaping of products. “Anything that takes too much time and detracts from patients will lead to a lack of interest in the technology,” observed Richard Deem, senior vice president of advocacy for the American Medical Association. Doctors become frustrated when poorly designed interfaces don’t match their workflow or fail to deliver patient information efficiently.

From all indications at HIMSS17, healthcare IT continues to transform in bold, interconnected dimensions. Click here to learn more about how NetDirector’s HealthData Exchange helps providers and vendors reach their goals by electronically moving clinical and financial data among disparate systems.

New Transaction Type: Invoice Status Request/Response

Transaction Spotlight: Fees and Costs Request

Additional Events for a Variety of Servicers

Update – Ocwen/Equator Transition

We have additional updates regarding the Ocwen/Equator transition, as the transition from Ocwen to Equator continues to move forward.

The process of creating the data integration is well underway with NetDirector and Equator. Currently, we are providing the integration with foreclosure files only.

Due to the upcoming and current changes, this integration piece should replace the previous Intelligent Data Agents (IDA) method used for the cut over. If your firm is still using the IDA method, contact your integration analyst about how to transition to the new integration.

Available integrations and specific updates include:

  • Bankruptcy Referrals (IDA Process)
    • Bankruptcy Orders, Motion for Relief, Proof of Claim, Notice of Payment Claim, Notice of Final Cure, Reorganization Plan, Supplmemental Proof of Claim
  • Foreclosure Referrals (Data Integration)
    • Finalizing the implementation process
  • Standard Events/Deliverables (Data Integration)
    • Will be for Foreclosure Orders only
    • These events will require documents to be uploaded as part of deliverable
  • Document Uploads (IDA Process, planning to move to data integration)
    • Done through Equator (formerly ResWare®)
  • Invoice Import (IDA Process)
    • Still done through REALRemit®

If you have any questions about the transition, please contact your integration analyst.

HIPAA Incidents Highlight Need for Adherent Technology Approach

It’s been a busy summer for the Department of Health and Human Services’ HIPAA-compliance body, the Office for Civil Rights (OCR). Between late June and early August, OCR reached settlements totaling $11.65 million in four cases of HIPAA violations and vulnerabilities.

In chronological order:

A $650,000 settlement announced June 29 stated that Catholic Health Care Services (CHCS), which provided management and IT services as an HIPAA business associate to six skilled nursing facilities in the Philadelphia area, failed to safeguard residents’ electronic protected health information (ePHI). Theft of a CHCS-issued iPhone — unencrypted and not password-protected — compromised the ePHI of 412 residents. OCR determined that CHCS had no risk analysis or risk management plan in place for handling PHI, as required under HIPAA’s Security Rule.

OCR announced on July 18 a $2.7 million settlement with Oregon Health & Science University (OHSU) over “widespread and diverse problems” that will be addressed through a three-year corrective action plan. OCR’s investigation started after OHSU submitted breach reports involving unencrypted laptops and a stolen unencrypted thumb drive containing ePHI. Although OHSU performed risk analyses in six years between 2003 and 2013, the processes did not cover all ePHI in OHSU’s enterprise. “While the analyses identified vulnerabilities and risks to ePHI located in many areas of the organization, OHSU did not act in a timely manner to implement measures to address these documented risks and vulnerabilities to a reasonable and appropriate level,” according to OCR.

A statement released July 21 detailed multiple alleged HIPAA violations at the University of Mississippi Medical Center (UMMC) settled by a $2.75 resolution amount and corrective action plan. OCR found that ePHI stored on a UMMC network drive was vulnerable to unauthorized access via the organization’s wireless network. Users could access files in an active directory after entering a generic username and password. The directory included 328 files with the ePHI of an estimated 10,000 patients dating back to 2008. OCR determined that UMMC was aware of risks and vulnerabilities to its systems as early as 2005, but failed to take risk-management action until after the breach. The agency cited “organizational deficiencies and insufficient institutional oversight.”

Advocate Health Care Network agreed to settle potential HIPAA penalties for $5.5 million and by implementing a corrective action plan, OCR announced on Aug. 4. The settlement amount was the largest to date against a single entity, according to OCR, reflecting “the extent and duration of the alleged non-compliance.” The investigation began in 2013 after Advocate submitted three breach notification reports pertaining to separate incidents involving a subsidiary, Advocate Medical Group. The combined breaches affected the ePHI of approximately 4 million individuals, the agency reported. The incidents included the theft of four desktop computers from an administrative office building, unauthorized access to a billing service’s network, and theft from an employee vehicle of an unencrypted laptop — exposing ePHI in each case.

HIPAA audits also a consideration

OCR’s recent actions stemmed from investigations following breach notifications. However, healthcare organizations should also be prepared for the agency’s stepped-up HIPAA audit activity. Every HIPAA covered entity and business associate is eligible for an audit. So-called remote “desk audits” are currently underway and will be completed by the end of 2016. Onsite audits will follow, covering a broader scope of requirements from HIPAA’s rules.

As indicated, the stakes have never been higher for healthcare providers and vendors when handling ePHI. Technology such as NetDirector’s HealthData Exchange electronically moves data among disparate systems while adhering to HIPAA security standards. While helping to ensure compliance, the cloud-based solution frees up time that can be allocated to optimizing the patient care experience.

For more information on how to ease regulatory burdens, contact NetDirector or request a free demo.

 

 

NetDirector makes Inc. 5000 for 6th Consecutive Year

TAMPA, Fla., Aug. 23, 2016 /PRNewswire/ — NetDirector, a leading cloud-based integration and data exchange provider, has been named as a member of the prestigious Inc. 5000 list for the 6th consecutive year, a recipient of the GrowFL “Companies to Watch” award, and a member of the Gulf Coast 500 by Business Observer FL.

Companies like NetDirector that are included on the Inc. 5000 list are among the top companies in the nation, having demonstrated the highest growth in revenue over the last three years. The companies with the highest percentage growth and who meet the other qualifications are then published by Inc. as the Inc. 5000. It is an honor for NetDirector to be included in this list for the 6th consecutive year. With only 4.6 percent of the companies on this year’s list making it on for six consecutive years, it is a very rare accomplishment. NetDirector intends to continue the trend in the coming years with their expansion of integration offerings in the healthcare market.

Florida Companies to WatchSM chooses the 50 companies statewide that are expected to see significant growth over the next several years. NetDirector was among more than 500 nominees for Florida Companies to WatchSM, which is a statewide program managed by economic development group GrowFL, in association with the Edward Lowe Foundation. This is the first year NetDirector has been named as one of the Florida Companies to WatchSM.

The Gulf Coast 500, published by Business Observer FL, is awarded to the Top 500 ranked companies in nine counties along the gulf coast, as decided by total revenue. NetDirector earned a spot in the Gulf Coast 500 for the fourth consecutive year thanks to their steadily increasing client base and revenue.

By linking disparate systems with “plug-and-play” style connectivity, NetDirector eases the operations of companies in the mortgage banking and healthcare industries by allowing data to flow seamlessly from one party to another. Maintaining security and data integrity has been another key focus of NetDirector from the beginning. GrowFL, Business Observer FL, and Inc. recognize the importance of these key factors in today’s evolving mortgage and healthcare technology environments.

“To be included on these lists and receive these awards really tells us that we’re doing things right,” said NetDirector CEO Harry Beisswenger. “NetDirector is committed to the success of a variety of organizations in healthcare and mortgage banking, and we know the secret to that lies with seamless integration workflow.  We owe all of our achievements to the NetDirector team, our customers, and our strategic partners/vendors.”

For more information on connecting to NetDirector’s ecosystem contact us at 813-749-7131 or info@netdirector.biz to explore how NetDirector fits in your organization.

Saving Money for Patients and Providers in Healthcare

Economists and actuaries at the Centers for Medicare and Medicaid Services project U.S health spending to increase an average of 5.8 percent for the period of 2015-2025. That rate will outstrip growth in the gross domestic product by 1.3 percentage points, with health spending representing 20 percent of the total economy by the forecast period’s end.

Higher medical costs and an aging population afflicted with chronic disease will continue to drive spending, while policymakers and providers look to new care/payment models and information technology (IT) as counteracting forces. “Every single strategy needed to fix what’s wrong with U.S. healthcare will require intensive IT facilitation, data analytics and process management,” observed Mark Hagland, editor-in-chief of Healthcare Informatics, in a recent commentary.

On medical frontlines, technology costs at physician-owned multispecialty practices have spiked more than 40 percent since 2009, according to newly released data from the Medical Group Management Association (MGMA). While acknowledging technology’s “crucial” role in helping healthcare organizations move away from traditional fee-for-service structures, MGMA CEO Halee Fischer-Wright, MD, added: “We remain concerned that far too much of a practice’s IT investment is tied directly to complying with the ever-increasing number of federal requirements, rather than to providing better patient care.”

Nonetheless, practices have made headway in patient-facing technology implementation, notably portals that present an interface for patients to view personal health information and carry out transactions online. More than 50 percent of 850 respondents to an MGMA poll said patients were able to set up appointments through their practice portal.

What’s more, portals could play a role in retaining patients over time, concludes a report from athenahealth, which supplies cloud-based EHR and revenue cycle management technology to nearly 80,000 providers. The research shows that after an initial visit to a primary care practice, 80 percent of patients with portal accounts returned for a second visit within 18 months (compared to patients without portal accounts returning 67 percent of the time).

On a broader scale, integrated IT makes possible the sharing of patient information among healthcare’s complex network of stakeholders. For example, radiology service provider EmCare Rays uses a data and document exchange solution from NetDirector to replace point-to-point HL7 integrations with each of its customers. “We believe that we can improve client integration turnaround time and reduce ongoing support overhead,” noted Ivo Yueh, director of IT software development at EmCare Rays.

So while technology such as NetDirector’s HealthData Exchange enables seamless communication among providers, billers, labs, radiology services and others, it also achieves interoperability across the board and improves communication and patient outcomes — potentially at lower costs.

That’s important not only for its immediate impact but moving forward as well. Policy-makers want to see more digital health technologies tailored for use by patients who formerly would have fallen through the healthcare system’s safety net. Timely outreach and interconnection to people likely have to have a chronic disease is a clear path to cutting treatment costs, they say.

 

For more information about technology that’s bending the healthcare cost curve, contact NetDirector or request a free demo.