Interoperability testing - Test Quickly and Securely


Published on

go to to join our webinars
or go to to download these and other past webinar slides!

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Interoperability testing - Test Quickly and Securely

  1. 1. HIE & ACO Interoperability Testing – Test Quickly and Securely know your data • protect your data • share your data © Copyright 2011 Axis Technology, LLC
  2. 2. Compliance Simplified – Achieve , Illustrate, MaintainIndustry leading Education Todays Webinar • Please ask questions via questions or chat • Todays slides are availableCertified Partner Program • Past webinars and recordings 855.85HIPAA
  3. 3. Agenda Interoperability MU 2 HIE’s ACO’s Standards Models of Interaction Testing 3
  5. 5. Definition Interoperability allows disparate information systems … to readily work together and exchange data. * 5*Microsoft (
  7. 7. Definition The Medicare and Medicaid EHR Incentive Programs provide incentive payments … as they adopt, implement, upgrade or demonstrate meaningful use of certified EHR technology.**CMS ( 7Guidance/Legislation/EHRIncentivePrograms/index.html?redirect=/ehrincentiveprograms/)
  8. 8. Components of MUStage 1 - Use of certified EHR in a meaningful mannerStage 2 - Use of certified EHR technology for electronic exchange of health information to improve quality of health careStage 3 - ……. 8
  9. 9. MU Stage 180% of patients must have records in EHRCommon Objectives - Individuals & Institutions:  Computerized provider order entry (CPOE)  Report clinical quality measures to CMS/States  Implement one clinical decision support rule  Provide patients with electronic copy of health information  Record demographics  Up-to-date problem list of current and active diagnoses  Maintain active medication list  Maintain active medication allergy list  Record and chart changes in vital signs  Record smoking status for patients 13 years or older  Exchange key clinical information among providers of care and patient- authorized entities electronically Protect electronic health information 9
  10. 10. MU Stage 2Common Objectives - Individuals & Institutions: CPOE - For more than 60% of medication, 30% of laboratory, & 30% of radiology Demographics / Vital Signs / Smoking Status – Record for more than 80% Interventions - 5 clinical decision support interventions + drug/drug and drug/allergy Labs - Incorporate lab results for more than 55% Patient List - Generate patient list by specific condition Patient Access - Provide online access to health information for more than 50% with more than 5% actually accessing Education Resources - EHR to identify and provide education resources more than 10% Rx Reconciliation - Medication reconciliation at more than 50% of transitions of care Summary of Care - Summary of care document for more than 50% of transitions of care with 10% sent electronically and one sent to a recipient with a different EHR vendor or successfully testing with CMS test EHR Immunizations - Successful ongoing transmission of immunization data Security Analysis - Conduct or review security analysis and incorporate in risk management process 10
  11. 11. Audit Failure “If CMS determines during the audits that the provider has failed to meet any one of the reporting requirements, it plans to take steps to recoup incentive payments.”**GAO ( 11
  13. 13. Health Information Exchange (HIE) Reliable and interoperable electronic health-related information sharing Conducted in a manner that protects the confidentiality, privacy, and security of the information. Create a standardized interoperable model that is trusted, scalable and reliable. Public HIE - Community-based and are open to, and governed by, participants from multiple organizations. Private HIE - Operate under the governance of an Integrated Delivery Network (IDN) or a single healthcare system. 13
  14. 14. ACO 14
  15. 15. Accountable Care Organizations (ACO)Groups of doctors, hospitals, and other health care providers, who come together to give coordinated care to Medicare patients.The goal is to ensure that patients get the right care and avoid unnecessary duplication of services and medical errors.When an ACO succeeds both in both delivering high- quality care and spending health care dollars more wisely, it will share in the savings it achieves for the Medicare program. 15
  16. 16. Types of ACOsMedicare Shared Savings Program—a program that helps a Medicare fee-for-service program providers become an ACO.Advance Payment Initiative —a supplementary incentive program for selected participants in the Shared Savings Program.Pioneer ACO Model —a program designed for early adopters of coordinated care. 16
  17. 17. STANDARDS 17
  18. 18. Health Information Organizations (HIO) Organizations that oversee HIE Employ nationally recognized standards to enable interoperability, security and confidentiality Ensure authorization of those who access the information. Effort to improve the way systems in healthcare share critical information. Develop integration profiles to facilitate health information passing seamlessly from one system to another. 18
  19. 19. Integrating the Healthcare Enterprise (IHE) The Healthcare Information Management & Systems Society (HIMSS) provides leadership for the optimal use of information technology and management systems for the betterment of healthcare. Healthcare Information Technology Standards Panel (HITSP) purpose of achieving a widely accepted and useful set of standards specifically to enable and support widespread interoperability among healthcare software applications. 19
  21. 21. Major ModelsFederatedCentralizedHybrid 21
  22. 22. Federated Model  Each participating Participant organization retains control of their healthcareParticipant Participant information and responds to queries when information is requested. Participant 22
  23. 23. Centralized Model Participant  A central organization collects information from participatingParticipant Information Participant Exchange organizations and stores the information in a centralized place to provide access. Participant 23
  24. 24. Hybrid Model Participant Some information is stored centrally and other information isParticipant Information Participant Exchange stored at participating organizations. Participant 24
  25. 25. TESTING 25
  26. 26. IssuesIndividual participants can prepare all they want, but bad data can snarl the exchange.Normalization of data across multiple independent organizations leaves data more vulnerable to contamination, duplication and mix-ups.Medicare collection of extensive data, raising privacy concerns and administrative costs.Aggregating, analyzing and managing Utilization and Total Medical Cost (of a patient) across organizations. 26
  27. 27. ObstaclesOwnershipNormalizationAnalyticsPrivacy 27
  29. 29. Testing - Ownership Each participant must concede a certain amount of ownership of resources and timelines for projects to the “Greater Good”. 29
  31. 31. Normalization - Federated Model  Each participating Participant must maintain a cross reference table of Patient Participant Participant Master ID’s and other data that needs to be shared. Participant 31
  32. 32. Normalization - Centralized / Hybrid Participant  A Master Patient Reference and other Cross Reference is Participant Information Participant Exchange maintained by the Information Exchange and accessed by participants. Participant 32
  33. 33. TESTING – ANALYTICS 33
  34. 34. Testing - Analytics Data Analytics Warehouse  Calculation and understanding of Participant Utilization and Total Cost of Expenses Participant Participant Participant Participant Participant  Reporting for Individual Participants Participant Pre-  Government reporting Processor Participant  Proper Entitlements to view reporting.Information Exchange 34
  35. 35. TESTING – PRIVACY 35
  36. 36. Testing - Federated Model  One participant organization has the De- Identification Hub. Agent Participant  Sensitive Data Discovery is automated for each participant.Hub Agent  The Hub maintains the Participant Participant complete sensitive data inventory from all participants.  The other participants have remote agents Participant which process discovery Agent and de-identification on their own network so that no PHI data leaves their network. 36
  37. 37. Testing - Centralized / Hybrid Agent  The Information Participant Exchange has the De- Identification Hub.  Sensitive Data Discovery is automated for the Agent Information Exchange as well as each participant. Information  The Hub maintains the Participant Participant Exchange Hub complete sensitive dataAgent inventory including that of all participants.  Each participant has a Participant remote agent which process discovery and Agent de-identification on their own network so that no PHI data leaves their network. 37
  38. 38. …. A WORD FROM OUR SPONSOR 38
  39. 39. Risk Based Solutions • Axis has created a set of eGRC related solutions that leverage our overall consulting expertise as well as our DMsuiteTM and product implementation capabilities Enterprise Governance, Risk and Compliance Strategic Business Processes / Goals Enterprise Architecture Reference Models, Business Architecture, Application Architecture Drives Drives Information Security Architecture Regulatory & Corporate Requirements, Environment Maturity Assessment Data Masking Identity / Access Data Information (De-Identification) Management Management Security Drives Entitlements Data Sensitive Data Drives DMsuiteTM Management Governance Assessment Operational Environment 39
  40. 40. Data De-Identification - DMsuiteTMDMsuite™ - A robust, proprietary tool that has been deployed at clients for over 8 years with: Sensitive Data Discovery - HIPAA Ready Out of the Box, Data De-Identification and Auditing functionality. 40
  41. 41. Questions or Further DiscussionsContact: Joe SantangeloEmail: jsantangelo@axistechnologyllc.comPhone: (646) 596-2670Twitter: @DataPrivacyDude 41
  42. 42. Compliance Simplified – Achieve , Illustrate, Maintain Compliance Simplified!  HIPAA Compliance Achieve  HITECH Attestation  Meaningful Use core measure 15Illustrate Free Demo and 15 Day Evaluation 855.85HIPAA Maintain New & Past Webinars 855.85HIPAA
  43. 43. Thank You! 185 Devonshire Street Boston, MA 02110 (857) 445-0110 know your data • protect your data • share your data © Copyright 2011 Axis Technology, LLC 43