Interoperability Captures Spotlight at HIMSS19
HIMSS19, health IT’s most expansive conference, kicked off on Feb. 11 with the release of a new Centers for Medicare and Medicaid Services (CMS) proposed policy rule detailing the agency’s vision for advancing industry-wide interoperability and patient access to health information.
“We believe patients should have the ability to move from health plan to health plan, provider to provider, and have both their clinical and administrative information travel with them throughout their journey,” according to the rule’s statement of purpose.
CMS Administrator Seema Verma’s public comments during the meeting added depth and clarity: “We are promoting scalable data sharing, not just an individual patient record from hospital-to-hospital, but a model that supports the flow of information across the entire healthcare system. We encourage industry to align in this direction because this is the future.”
The CMS proposed rule would give patients access to their health information electronically through an application programming interface (API). At the same time, providers could obtain their patients’ health information, regardless of previous sites of care. On the flip side, providers would not be able to restrict information flow to other providers and payers. Additionally, CMS expects payers and third parties to develop software that would ensure seamless data availability when patients change providers, health plans or issuers.
The rule’s timeline is aggressive. CMS stipulated that Medicaid, the Children’s Health Insurance Program, Medicare Advantage plans and Qualified Health Plans in federally facilitated insurance exchanges must be equipped to give enrollees immediate electronic access to claims and other health information by 2020.
Concurrent with the CMS rulemaking, the Office of the National Coordinator for Health Information Technology (ONC), which guides national efforts on health IT implementation/ usage and electronic information exchange, unveiled its own rule on data blocking. The ONC rule implements provisions spelled out by law in the 21st Century Cures Act, which Congress passed in 2016. The rule also provides exceptions to the law’s definition of information blocking. Aside from potential fines (up to $1 million per instance) applicable to health information exchanges, providers or hospitals that block information would be publicly named by CMS.
ONC National Coordinator Donald Rucker, MD, a closing speaker at HIMSS19, told attendees that, in the final analysis, patients should be empowered to access their health data “through a [smartphone] app of their choice, at no additional cost.” Rucker added, “Patients should be able to attach their smartphone to the provider’s endpoint and get their medical data … That’s what modern technology allows.”
Open APIs required for deployment of data sharing under the proposed rules would be based on HL7’s FHIR standard.
While early reaction to the CMS/ONC rulemaking has been mostly positive, the American Hospital Association (AHA) opposes a requirement that providers electronically notify other providers when a patient is discharged or moved to another hospital. “We cannot support including electronic event notification as a condition for participation for Medicare and Medicaid,” according to a prepared AHA statement. “We believe that CMS already has better levers to ensure the exchange of appropriate health information for patients. We recommend the agency focus on building this exchange infrastructure rather than layering additional requirements on hospitals,” the statement concluded.
Privacy and security considerations should also be factored into the mix during the 60-day public-comment period for the CMS and ONC rules. Cybersecurity executive Mac McMillan noted, “[The agencies] said, ‘We want you to be more open, but you still have to protect the data.’ Typically, those two things don’t go hand-in-hand … Folks are going to be very concerned they are on the hook for any downstream incidents that occur as a result of openness they have with third-party developers.”
Ahead of the Curve
NetDirector’s HealthData Exchange platform aligns well with the regulatory landscape inherent in the CMS and ONC rulemaking. In short, interoperability’s focus should be on the patient.
HealthData Exchange allows providers and vendors to electronically move clinical and financial data among disparate information systems while adhering to HIPAA and HL7 compliance standards. Less time spent on technology and inputting data frees up providers to deliver an improved patient experience by integrating information flow throughout the continuum of care.
Monitoring that’s a cut above!
NetDirector is excited to announce an advanced VPN networking monitoring service that provides alerts and deep insight to help healthcare clients quickly identify and troubleshoot VPN issues and to ensure systems are running smoothly. This service provides:
Continuous Monitoring – NetDirector’s advanced VPN monitoring solution runs 24/7/365 gathering critical data about transactional and network performance that provides a quick insight into current & potential network and transactional anomalies.
The Complete Picture – Proactive alerts and insights are available when transactions are not being received or acknowledged by a targeted facility. Our VPN monitoring can help pinpoint where the issues are occurring, from NetDirector to the facility, including network layer.
Choose your Alert Delivery – Alerts can be delivered via email, text, or both.
Please contact your integration analyst if you’re interested!
As the U.S. Department of Veterans Affairs (VA) moves toward replacement of its decades-old VistA electronic health record (EHR) system, a tumultuous first half of 2018 seems to have settled into a period of practicality.
President Trump fired VA Secretary David Shulkin from his post on March 28 after an inspector general report asserted violations of federal ethics rules and procedures related to an overseas trip by Shulkin. The agency’s acting CIO, Scott Blackburn, then resigned on April 17, leaving in limbo a $10 billion contract for VA to adopt the same Cerner EHR platform being pilot-tested by the Department of Defense (DoD).
The proposed VA-Cerner deal had already triggered concern in Congress that the project’s price tag wouldn’t cover an additional 50 to 60 percent in costs to upgrade supporting infrastructure as well as ongoing maintenance for the new EHR.
Nonetheless, VA announced on May 17 that a contract with Cerner had indeed been signed, capping out at $10 billion over 10 years, and stipulating that VA would adopt the same EHR platform as DoD. Acting VA Secretary Robert Wilkie, Shulkin’s successor, said the new system, when fully deployed, would represent “a monumental advance in veterans’ healthcare” and build on DoD’s experiences in rolling out its EHR.
Operating the VA’s and DoD’s EHR systems on the same platform would improve interoperability and health data exchange, which in turn would simplify and facilitate care coordination for VA providers, Wilkie explained.
While striving to meet high expectations for its new EHR, the VA will undoubtedly learn from DoD’s Cerner-based MHS Genesis EHR implementations at Fairchild Air Force Base, Naval Health Clinic Oak Harbor and Naval Hospital Bremerton — all located in Washington state — from September through December 2017. A DoD memo dated April 30, 2018, concluded that system rollouts at those three sites “[did] not demonstrate enough workable functionality to manage and document patient care.” The report said MHS Genesis “is not operationally suitable because of poor system usability, insufficient training and inadequate help desk support.”
Other specifics cited in the DoD memo included “poorly defined user roles and workflows, [which] resulted in an increase in the time required for healthcare providers to complete daily tasks.” Some providers complained that they needed to work overtime and saw fewer patients per day due to delays caused by defects in the EHR system.
In response, Cerner President Zane Burke told shareholders in May that the company was aware of certain issues upfront at the three test sites, but DoD’s delivery on the project had gone “incredibly well overall.” Cerner plans to evaluate and remediate as necessary at the pilot MHS Genesis sites, Burke added.
In doing so, Cerner will need to address the workflow issue in particular, according to Navy Vice Admiral Raquel Bono, director of DoD’s Defense Health Agency. “Workflow adoption is the crux of the change management that’s needed to successfully deploy an EHR system, Bono said during a panel discussion at the HIMSS18 healthcare IT conference in March. Bono noted that DoD would be working in concert with VA to ensure proper identification and “unanimity of workflows.”
Meeting Challenges Through Integration
Although the DoD and VA EHR implementations may be unprecedented in size and scope, the inherent obstacles translate to smaller but similar-in-concept projects underway at healthcare stakeholder facilities across the country. In many cases, cloud-based integration and strong data management are critical factors for success.
A single cloud-based platform, such as NetDirector’s HealthData Exchange, enables hospitals and physician practices to reduce the time, cost and effort associated with EHR integration. By streamlining clinical workflow and communications with trading partners, facilities can support automated processes in place of paper-based workarounds, thereby reducing administrative costs and complementing existing IT investments. And, in the end, that frees up providers for their primary task — taking care of patients.
Take a look at our eRecording Data Sheet to learn more about what this new data transaction could do for you. Reduce or eliminate travel, mail, check writing, and labor expenses with NetDirector’s eRecording automation.
Health Data is a Prime Target: How to Minimize Risk
More than 60 percent of healthcare organizations suffered a data breach in the past 12 months, according to information security researcher Ponemon Institute. In total, over 5 million healthcare records were exposed or stolen among entities studied by Ponemon.
Recent incidents show no abatement in cybercriminals’ attraction to healthcare data. For example, Florida Hospital reported earlier this month that patient information on 12,724 individuals might have been exposed through a malware infection on three of the organization’s websites. Three months earlier, St. Peter’s Surgery & Endoscopy Center in New York disclosed that hackers had potentially gained access to server-based medical records of nearly 135,000 patients.
Healthcare in the Crosshairs
Approximately 7 million patients will have their data compromised by hacks in 2019, estimates consulting firm Accenture, racking up billions of dollars in costs to hospitals and health systems.
What makes the healthcare particularly vulnerable?
A Computerworld report explains that healthcare data, which includes personal identifiers and medical histories, can be sold virtually unchallenged over time on the black market. In contrast, financial data often becomes useless once a breach has been discovered and passcodes changed. Cybercriminals, aware of the premium value of healthcare records, focus their attacks in pursuit of the greatest possible returns.
Other factors contributing to healthcare’s data security liability include:
- increasing access to medical records as entities share information across integrated sites of care;
- legal requirements to store medical records for extended periods of time;
- efforts to connect electronic health record systems, often relying on unsecured patches that can open the door to unauthorized entry; and
- inadequate education of employees about modes of cyberattacks.
On a broader scale, but not to be discounted, foreign governments’ so called “state actors” may attempt to accumulate healthcare data that could help in social engineering of future attacks. Such a tactic might deploy emails to individuals who have a specific medical condition — with malware linked to prompts for more information.
Big data sets in healthcare, despite ever-increasing volume, can be managed through ongoing risk assessments and implementation of preventative security controls, such as continuous monitoring programs. However, those measures come at a cost that must be weighed against the uncertainty of threat protection.
“Each organization needs to evaluate risk and its security needs in the context of its organizational and business requirements to determine where it makes the most sense to invest their people, time and financial resources,” advises Christine Sublett, a member of the Department of Health and Human Services’ Healthcare Industry Cybersecurity Task Force.
NetDirector’s HealthData Exchange platform deserves consideration as healthcare organizations work through their cybersecurity evaluations. The system combines HIPAA-based security and HL7 standard interfacing compliance — with attestations available upon request. Additionally, NetDirector uses a physically secure Peak10 facility for hosting customer data. This approach ensures data integrity without the need for additional IT investment and the associated risk of self-managing connection points among exchange partners.
Last month in larger-than-life Las Vegas, nearly 50,000 healthcare IT professionals and vendors convened for HIMSS18, the industry’s yearly focal point. Attendees sought common ground in improving care and business operations through the use of technology.
Reports from the conference yielded a wealth of new information from more than 1,000 exhibitors and scores of expert presenters. And — indicative of a setting where anything could happen — Jared Kushner and Magic Johnson stopped by to share their respective insights on better access to patient data and health, leadership and community-building.
But at the heart of the event, discussion of challenges and pursuit of new ideas revealed common themes among those serving at healthcare organizations and their counterparts on the developer side. The infographic below summarizes key aspects of health IT’s ongoing quest to support better patient outcomes in a fiscally sustainable ecosystem.
NetDirector’s cloud-based HealthData Exchange addresses these points of emphasis through low-cost, high-speed, secure data and document sharing capabilities among hospitals, physician practices, nursing facilities, pharmacies, labs, imaging centers, vendors, government agencies and insurance providers. The format- and transport-agnostic technology eliminates the need to maintain multiple interfaces while ensuring data consistency and integrity.
The year ahead will usher in an imposing financial squeeze for hospitals across the country. Moody’s Investor Service expects the healthcare sector’s operating cash flow to contract by 2 to 4 percent through 2018 as facilities grapple with lower insurance reimbursements and higher expense growth. Accordingly, hospitals and health systems must leverage information technology (IT) to optimize operations, sustain strategic initiatives and drive disruptive innovations.
Leading organizations will move beyond using IT to automate formerly manual processes. Instead, they’ll build IT-powered business models to align with predictive/ proactive care delivery while empowering patients to take charge of their own health.
As in recent years, healthcare executives remain rightfully concerned about enhancing cybersecurity, countering potential attacks and preparing for response by moving more of their IT infrastructure to the cloud.
They also see competitive opportunities to scale up IT in areas such as consumer-facing technology, data analytics, and virtual care. As such, integration will be key to merging patient-generated data with health records, exploring genomic testing as part of a move toward personalized medicine, and providing reimbursable care or monitoring for remote patients.
Many industry observers point to cloud-based systems when explaining attempts to “future-proof” technology investments. “[Cloud computing] can offer a dramatically lower total cost of ownership than traditional on-premises solutions by eliminating maintenance fees and upgrade costs, and by requiring much less effort to install and operate,” says Mark LaRow, CEO of patient-matching technology vendor Verato.
At the same time, healthcare organizations stand to benefit from enhancing existing IT platforms, especially where revenue-driving processes and workflows overlap. In particular, providers are looking for ways to facilitate operations through automated insurance eligibility processes, mobile/ online payment applications, and cost estimation tools.
Additionally, advanced hospitals and health systems recognize that increasingly accepted value-based payment models require ongoing patient engagement measures. Advisory firm PricewaterhouseCoopers (PwC) notes that providers need to obtain a comprehensive view of patient interactions. “An ability to derive meaningful information from linking disparate data about patients becomes a differentiator for an organization in a competitive market,” comments Winjie Miao, chief experience officer at Texas Health Resources.
Meanwhile, 88 percent of insurers plan investments in technology to improve the healthcare experience for their members. With providers and payers moving toward shared goals in data aggregation and analysis, “2018 could be the year [that] health sectors rally around the patient experience,” according to PwC.
A Platform Built for Integration
NetDirector’s subscription-model integration services fall squarely in line with healthcare organizations’ IT needs in the coming year. From a broad perspective, NetDirector’s HealthData Exchange normalizes data to standard HL7 or other formats, enabling systems to seamlessly share clinical and billing data. While complementing existing IT investments, the platform streamlines clinical workflow and communications while reducing administrative costs.
NetDirector also remains adaptive to changes in the healthcare ecosystem, such as those anticipated for 2018. New integrations can be configured based on evolving customer needs — and on standards and protocols defined by healthcare’s governing bodies.
TAMPA, Fla., Oct. 5, 2017 /PRNewswire/ — NetDirector, a cloud-based data exchange and integration platform, provides several data/document automation options for default servicing firms to promote increased compliance throughout the industry. Additionally, NetDirector has maintained and standardized the SOC 2 Type II security procedures in-house to ensure compliance at all points in the flow of data.
With the ever-changing atmosphere of the default servicing industry, it is important for firms to maintain the quality and compliance of the work they do while focusing on efficiency and their bottom line. Among the services available to improve compliance through automation are:
SCRA Military Search
The Service members Civil Relief Act (SCRA) requires foreclosure attorneys/trustees check whether borrowers are active duty military members. NetDirector’s Military Search interface streamlines this process and allows subscribers to check active duty status without leaving their case management systems (CMS), alleviating data keying errors and improving timelines.
Firms are required to perform this search on a regular basis to maintain compliance – the most common solution is simply to dedicate employee hours to performing the searches and logging the information. This is an expensive and inefficient solution, that only mitigates the compliance risks to a certain degree – the human element of this solution leaves room for compliance errors that foreclosure firms simply cannot afford.
“NetDirector has allowed us to focus on our core competencies by managing our data & document integration needs. Our firms are seeing the benefits of eliminating data entry and manual business processes for military search, document uploads, and milestone events,” said Ron Llewellyn, Associate Director of Application Services at Barrett Daffin Frappier Turner & Engel L.L.P.
Additionally, the NetDirector automated military search is fully compatible with the recent DoD website enhancements – many firms are already utilizing NetDirector to solve the challenges of integrating with the new website without increasing dedicated labor and resources to an ongoing concern. For more detailed information on PACER automation, click here to visit our website.
PACER Bankruptcy Search
The Federal court has several bankruptcy court district and divisions upon which bankruptcy dockets are available for verifying bankruptcy filings. NetDirector’s Bankruptcy PACER integration suite alleviates the manual need to log in to multiple court sites (both National and Regional) and/or manually search for the bankruptcy filing -thereby reducing timelines.
The round-trip data interface allows NetDirector subscribers to send requests to the PACER Case Locator site to search for current and prior bankruptcy filings. The automated response can include information on cases filed in other districts/divisions and links to current and prior case dockets and documents. More importantly, returned searches and dockets have live hyperlinks within the PDF documents – saving time by eliminating the need to re-key search information and providing a direct link to cases and docket information for future retrievals. This directly increases a firm’s compliance while automating and simplifying the amount of work required for this mandatory step in the foreclosure process. For more detailed information on PACER automation, click here to visit our website.
“NetDirector has played a key role in increasing system and workflow efficiency across multiple departments,” said a representative of Rubin Lublin, LLC. “With the processes and checks they have in place we can feel assured that the integration is working and accurate. I have worked in the foreclosure industry over 17 years, and NetDirector is by far the best thing to come along for firms in the past decade.”
Industry Leading Security Standards for Compliance
The SOC 2, or Service Organization Controls 2, is an examination under AICPA standards designed for technology service companies to demonstrate controls around data security and processing integrity. The SOC 2 reports are intended to meet the needs of a broad range of users that need to understand internal controls at a service organization as it relates to security, availability, process integrity, confidentiality and privacy. The Type II report is a report on management’s description of a service organization’s system and the suitability of the design and operating effectiveness of controls.
“NetDirector displayed the necessary controls in their SOC 2 Type II attestation report,” said Scott Price of A-LIGN, the company that performed the SOC 2 analysis. “Their security and management teams were great to work with throughout the process. There is a strong attention to detail in the organization.”
In addition to the in-house attestations, the data centers utilized by NetDirector through Peak10 maintain the same security standards or higher in all aspects of their company. Many technology companies have recently been brought to light as claiming true “compliance” in their organization, when they really mean that their data center has gone through the rigorous examination. At NetDirector, the belief is in transparency and clear communication regarding security so that the boost in compliance and efficiency is ultimately passed along to the firms and servicers participating in the integration network.
NetDirector provides a secure cloud-based data and document exchange solution for the healthcare and mortgage banking industries to deliver seamless data integration between parties. NetDirector bridges gaps created by disparate systems & technologies by allowing companies at any location to share data & documents securely over a single internet connection with any other member of the ecosystem. Our approach allows trading partners to collaborate and exchange data in a seamless, bi-directional, real-time manner. With security and longevity as a focus, NetDirector is a certified SOC 2 Type II and HIPAA Compliant company, a 6-year member of the prominent Inc. 5000, and currently, processes more than 9 million transactions per month.
TAMPA, Fla., Sept. 28, 2017 /PRNewswire/ — NetDirector, a cloud-based data exchange and integration platform, has expanded their Integration-Platform-as-a-Service (iPaaS) offerings once again. A strong partnership has been forged with My Constant Care, LLC to provide them with a cloud based integration suite for the already cloud-centric company.
My Constant Care (MCC) provides a unified cloud-based platform for integration and delivery of preventive services such as Annual Wellness Visits, Chronic Care Management, Advanced Care Planning, and Preventative Screenings. Their turnkey delivery model provides patients with the full spectrum of preventive services to enhance overall care delivery without disrupting day-to-day operations of the practice. My Constant Care focuses on maximizing value to both providers and patients. They do this with expert coordination of preventive care options available today while strategically shaping these services to meet performance requirements expected of their future providers in the future. They offer a no-financial-risk solution to the physicians, providing the staff, software, and technology to perform their services.
Utilizing the cloud for integration was a clear next step to elevate the services offered by MCC. NetDirector’s One-to-Many style integration allows MCC to connect to NetDirector once and exchange data seamlessly with EHR systems, billing platforms, and more as the hub expands. Now, MCC’s services can integrate with existing provider platforms as well as future additions to a provider’s suite of technology solutions without relying on internal resources to bridge the gap between solutions.
“My Constant Care helps primary care physicians provide a level of service to their Medicare population previously not achievable by small practices,” says Kellie Privette, the Director of Sales and Business Development at MCC. Privette added that “NetDirector’s integration expertise and technology allows MCC to seamless transfer patient data into their customer’s EHR and billing systems, without double entry of a substantial amount of information.”
This integration also increases a provider’s compliance, allowing even small practices to provide the quality and timeliness of service of a larger provider while maintaining and exceeding compliance standards for the healthcare technology industry. By eliminating data entry steps and automating the exchange of patient information securely, the integration allows for providers utilizing My Constant Care to focus more on the patients, and less on the technology behind the scenes.
“We’re very enthusiastic about our partnership with My Constant Care,” said Harry Beisswenger, CEO of NetDirector. “Their services fill a gap in the healthcare industry, and we’re looking forward to helping them achieve their goals of seamless preventive care for everyone.”
NetDirector provides a secure cloud-based data and document exchange solution for the healthcare and mortgage banking industries to deliver seamless data integration between parties. NetDirector bridges gaps created by disparate systems & technologies by allowing companies at any location to share data & documents securely over a single internet connection with any other member of the ecosystem. Our approach allows trading partners to collaborate and exchange data in a seamless, bi-directional, real-time manner. With security and longevity as a focus, NetDirector is a certified HIPAA Compliant and SOC II Type 2 certified company, a 6-year member of the prominent Inc. 5000, and currently processes more than 8 million transactions per month.