Posts

NetDirector Exceeds Demanding Security Standards with SOC2 and HIPAA Certifications

TAMPA, Fla., March 1, 2017 /PRNewswire/ — NetDirector, a cloud-based data exchange and integration platform, has recently completed work with A-LIGN to undergo rigorous and valuable security certifications. NetDirector was recently awarded attestations in compliance with HIPAA and SOC2 Type II standards, the leading security standards in Healthcare and Mortgage Banking, respectively.

The SOC 2, or Service Organization Controls 2, is an examination under AICPA standards designed for technology service companies to demonstrate controls around data security and processing integrity. The SOC 2 reports are intended to meet the needs of a broad range of users that need to understand internal controls at a service organization as it relates to security, availability, process integrity, confidentiality and privacy. The Type II report is a report on management’s description of a service organization’s system and the suitability of the design and operating effectiveness of controls.

The Health Insurance Portability and Accountability Act, or HIPAA, defines policies and procedures, as well as processes, which are required of companies that store, process, or handle electronic health information that is considered “protected” (ePHI). HIPAA compliance is increasingly valuable to both technology service providers and integrators like NetDirector, as well as providers, electronic health records systems, billing platforms, and others integrating and utilizing healthcare data.

Both the SOC 2 and the HIPAA audit were performed by Tampa-headquartered nationwide security and compliance solutions provider A-LIGN. A-LIGN specializes in helping businesses across a variety of industries navigate the complexities of specific audits and security assessments, and both the SOC 2 and HIPAA reports of A-LIGN’s findings can be made available to prospective or current customers.

“NetDirector displayed the necessary controls in their HIPAA and SOC 2 attestation reports,” said Scott Price of A-LIGN. “Their security and management teams were great to work with throughout the process. There is a strong attention to detail in the organization.”

In addition to the in-house attestations, the data centers utilized by NetDirector through Peak10 maintain the same security standards or higher in all aspects of their company. Many technology companies have recently been brought to light as claiming true “compliance” in their organization, when they really mean that their data center has gone through the rigorous examination. At NetDirector, the belief is in transparency and clear communication regarding security, including compliance audits at all ends of the process.

“I am very proud of our team for successfully completing these important 3rd party audits,” said Harry Beisswenger, NetDirector CEO. “Both the mortgage default servicing industry and the health data environment come with very unique security and compliance requirements, and these certifications and reports strengthen the trust that our clients place in us to safely integrate their platforms and transform their data.”

Company Bio:

NetDirector provides a secure cloud-based data and document exchange solution for the healthcare and mortgage banking industries to deliver seamless data integration between parties. NetDirector bridges gaps created by disparate systems & technologies by allowing companies at any location to share data & documents securely over a single internet connection with any other member of the ecosystem. Our approach allows trading partners to collaborate and exchange data in a seamless, bi-directional, real-time manner. NetDirector currently processes more than 8 million transactions per month.

Improving Data Usage in the Healthcare Environment

HealthcareDataUsage2016At University of Colorado Health (UCHealth), continuous process improvement relies upon effective data usage and integration with the enterprise EHR system. Over the past year, UCHealth has leveraged data science to significantly improve resource utilization in cancer treatment. Now the health system is taking a comparable approach to operating room (OR) scheduling in a project that will roll out through the latter part of next year.

At a cancer treatment infusion facility, UCHealth optimizes scheduling to “level load” patients throughout the day and maximize chair usage. Daily reports, shared during staff huddles, indicate where unexpected patients can be added and when to expect peak loads. Additional performance reports include historic data and highlight areas for further improvement.

This merging of Lean production practices with data analytics has yielded 15 percent lower waiting times for cancer treatment patients — 33 percent lower at peak hours — amid a 16 percent increase in patient volume. What’s more, staff overtime dropped by 28 percent due to optimized scheduling.

The OR project will similarly mine data to maximize surgical resources across five hospitals.

And the forward thrust will lead to new opportunities, according to CIO Steve Hess: “So, inpatient is the natural next place to go after OR. But don’t stop there, think about radiology and imaging, think about lab tests, pharmacy needs, ambulatory clinics … Frankly, the canvas is blank in terms of what you can do with machine learning combined with process improvement philosophies.”

Areas of improvement

Sue Schade, recently identified as one of the “most powerful women in healthcare IT” by Health Data Management and currently interim CIO at University Hospitals in Cleveland, is a strong believer in “visual management” techniques that can help identify systems’ priorities. Her Lean-rooted philosophy takes aim at areas such as reducing cycle times, eliminating preventable incidents, decreasing variation, and increasing coordination and communication between teams.

Data derived from tracking systems helps hospital leadership zero in on the causes of major incidents to prevent reoccurrence and provides performance metrics that can be shared across departments.

Schade quotes from the book The Lean IT Field Guide, “If a picture is worth a thousand words, information made visible in the workplace is priceless.”

Simplifying healthcare data integration

However promising any improvement strategy may be, it would not be possible without properly formatted and integrated data. NetDirector’s HealthData Exchange meets this challenge by moving clinical and financial data among disparate systems within the healthcare ecosystem.

HealthData Exchange uses a “map once, use many” method — as opposed to custom point-to-point interfaces — to enable the sending and receiving of data to/from all of an organization’s providers and vendors. Connected hospitals and physician practices instantly have access to dozens (and potentially hundreds) of providers and vendors through pre-defined integrations.

And because it’s built and optimized for cloud deployment, HealthData Exchange incorporates redundancy and security at every level. The network currently processes more than 10 million data and document transactions per month, while enabling individual users with the means to proactively monitor all connections.

For more information, contact NetDirector or request a free demo.

NetDirector’s Roadmap to 2020 Part 1

We recently held our annual Strategic Planning meeting. This year, instead of doing the same old SWOT analysis (Strengths, Weaknesses, Opportunities, and Threats) we tried a new approach called SOAR (Strengths, Opportunities, Aspirations, and Results).

Drawing - Dare to DreamThe SWOT method has worked for many years, and is still a valid way to make a business plan and set goals. However, we were looking for a way to get more employees involved and to take a more positive approach to the overall process.

One of NetDirector’s owners and their daughter have been utilizing the SOAR method with other companies with much success and suggested that we try it too.

Drawing - Design Part 1 & 2The strategic planning meeting was open to the entire company, which over half were able to attend. It was a full day event and held off-site so that there were no major work distractions.

The main goal of this meeting was to get as many new ideas as possible with the underlying theme that no idea is bad, which kept the meeting on a positive note throughout the entire day.

Read more