Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

RACs’ Limited Restart and Partial Payment Window Opens

Posted on September 15, 2014 I Written By

The following is a guest blog post by Dawn Crump, VP of Audit Management Solutions at HealthPort.
Dawn Crump - HealthPort
The RACs are back and they’re offering acute care and critical access hospitals a sweet deal—at least for now.

The Recovery Audit Contractor (RAC) program had been on hold due to the reassigning and re-contracting of regions. In addition, there was a lawsuit pending between Centers for Medicare and Medicaid Services (CMS) and CGI over RAC reimbursement rates, models and approaches. The lawsuit was resolved in August. But CGI quickly appealed causing further delay in full resumption of the RAC program.

So while everyone awaits another court decision and green light from CMS, two important RAC announcements were made by CMS.

  • A “limited” restart of the RAC program began in August, 2014, including a restricted number of claim reviews and service targets.
  • Some claims currently pending appeals of inpatient-status claim denials by RACs, may be eligible for a partial payment settlement between now.

Limited Restart Underway

Until the RAC program is 100 percent back in session, some reviews will be conducted. These will be mostly automated reviews, but there will be some records requests and a limited number of complex reviews in certain select areas. During the restart, RACs will not review claims to determine whether the care was delivered in the appropriate setting. CMS said it hopes that the new RAC contracts will be awarded later this year.

From the Aug. 5 edition of the American Hospital Association’s News Now: “CMS will allow current RACs to restart a limited number of claim reviews beginning this month. The agency said most reviews will be done on an automated basis. However, a limited number will be complex reviews on certain claims, including spinal fusions, outpatient therapy services, durable medical equipment, prosthetics, orthotics and supplies, and Medicare-approved cosmetic procedures.

One example of the latter is blepharoplasty, also known as an eyelid lift. The number of claims for this procedure has tripled in recent years, so I expect the RACs will make this procedure a hot target. To be covered under Medicare, vision must be impaired. What’s needed? Physician documentation of the reasons for surgery (e.g., eyelid droop interfering with vision).

Here are three specific steps to take with regard to the limited RAC restart:

  • Stay abreast of all RAC news and announcements and remain diligent in communicating with your regional peers regarding new RAC region assignments, contacts and educational opportunities.
  • Conduct an internal probe to ensure you’re following all of Medicare’s National Coverage Determinations (NCDs) and Local Coverage Determinations (LCDs).
  • Educate coders, billers and physicians around documentation, coding and billing for specific targets as mentioned above.

But the limited restart wasn’t the only important news.

Partial Repayment Deal Announced

In their September 9th, 2014 inpatient hospital reviews announcement, CMS announced an administrative agreement for acute care and critical access hospitals.  To reduce the backlog of cases in appeal status and overall administrative costs, these hospitals now have the option to withdraw their pending appeals in “exchange for timely partial payment (68% of the allowable amount)”, according to the CMS administrative agreement.

Of course there are parameters to understand and details to sort out regarding the settlement opportunity. Here is what we know so far:

  • Only acute care and critical access hospital claims are eligible.
  • Claims must already be in the appeals process for inpatient-status claims with an admission date prior to October 1, 2013.
  • Services might have been found reasonable and necessary by the Medicare contractor, but treatment as an inpatient was not.
  • Hospitals may choose to settle some claims and continue to appeal others.
  • Hospitals should send their request for settlement to CMS by October 31, 2014.

Many more details are available on the CMS.gov website.

Settle….Or Not?

Eligible hospitals must determine if requesting a settlement offer makes sense for cases in appeal that meet the specified parameters. For some cases, it will make sense to take the 68 percent settlement and cut your losses. For other denials, waiting out the appeal process may be a better choice.

Each denial will be different and each case unique. Time, money and resources must be balanced against the potential revenue retained or returned potential. Audit management directors, in conjunction with their revenue cycle and finance teams, must analyze RAC data for each eligible case.  It’s a complicated equation. And with a deadline of October 31, 2014, there is no time to lose.

About Dawn Crump

Dawn Crump, MA, SSBB, CHC, has been in the healthcare compliance industry for more than 18 years and joined HealthPort in 2013 as Vice President of Audit Management Solutions. Prior to joining HealthPort, Ms. Crump was the Network Director of Compliance for SSM. She is a former board director of the Greater St. Louis Healthcare Finance Management Association chapter and currently serves as the networking chair.

Modeling Health Data Architecture After DNS

Posted on September 12, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 6000 articles with John having written over 3000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 13 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I was absolutely intrigued by the idea of structuring the healthcare data architecture after DNS. As a techguy, I’m quite familiar with the structure of DNS and it has a lot of advantages (Check out the Wikipedia for DNS if you’re not familiar with it).

There are a lot of really great advantages to a system like DNS. How beautiful would it be for your data to be sent to your home base versus our current system which requires the patient to go out and try and collect the data from all of their health care providers. Plus, the data they get from each provider is never in the same format (unless you consider paper a format).

One challenge with the idea of structuring the healthcare data architecture like DNS is getting everyone a DNS entry. How do you handle the use case where a patient doesn’t have a “home” on the internet for their healthcare data? Will the first provider that you see, sign you up for a home on the internet? What if you forget your previous healthcare data home and the next provider provides you a new home. I guess the solution is to have really amazing merging and transfer tools between the various healthcare data homes.

I imagine that some people involved in Direct Project might suggest that a direct address could serve as the “home” for a patient’s health data. While Direct has mostly been focused on doctors sharing patient data with other doctors and healthcare providers, patients can have a direct address as well. Could that direct address by your home on the internet?

This will certainly take some more thought and consideration, but I’m fascinated by the distributed DNS system. I think we healthcare data interoperability can learn something from how DNS works.

How Does a Practice Deal with All These High Deductible Plans?

Posted on September 11, 2014 I Written By

The following is a guest post by Vishal Gandhi, CEO of ClinicSpectrum as part of the Cost Effective Healthcare Workflow Series of blog posts. Follow and engage with them on Twitter @ClinicSpectrum and @csvishal2222.
Vishal Gandhi
One of the biggest trends we’re seeing in healthcare today is a shift towards high deductible plans. This shift first started as more and more employers stopped offering insurance or cut the type of health insurance they offered. This started the trend towards individuals purchasing high deductible insurance plans.

While the shift to high deductible insurance plans started well before the Affordable Care Act (ACA), the government mandated health insurance and associated health insurance exchanges (HIX) have thrown gas on the already flaming fire. What most patients didn’t realize when they signed up for insurance on the government’s HIX is that a large majority of the plans were high deductible insurance plans. This has led to a huge influx in high deductible plans entering medical offices.

What does this increase in high deductible plans mean?
This change is one of the most significant changes in healthcare reimbursement we’ve seen. High deductible plans mean a major shift in who will be paying the bill. Instead of collecting most of your money from insurance companies, your clinic will need to become expert at collecting money from patients as well. Yes, that’s right. You’re still going to have to collect from the insurance companies like before, but you’re going to have to build additional expertise around collecting payments from patients too.

While it’s true that clinics have been collecting payments from patients forever, that doesn’t mean that clinics have been doing a good job of actually collecting the money. In fact, I find practice after practice who hasn’t stayed on top of their patient collections. In the end, they often send their patient collections to a collections agency which frustrates the patients and tarnishes their name or they just write off the patient pay portion completely.

Suggestions to Improve Patient Collections
The first step to improving patient collections is to really understand the details of your patient’s insurance plan. This starts with doing an insurance eligibility check and verifying your patient’s plan details. We wrote about ways to streamline your insurance eligibility checks previously. Doing it right takes time, but with the right workflow automation solutions you can make sure that those working in your practice have the right insurance information. Once they have the right payment information, you’re much more likely to collect the payment from the patient while they’re standing in front of you at the office.

While collecting the patient payment from the patient while their in your office is ideal, there are dozens of reasons why this won’t happen. Some don’t have the money on them. Some walk out before you can collect. Etc etc etc. How then do you engage the patient in the payment process once they’ve left your office? In the past, the best solution was to send out bill after bill through the US postal service or possibly call the patient directly. This is an extremely time consuming and costly process that can take 60 to 90 days to obtain results.Plus, it costs several hours of man power and postage.

In the electronic world we live in, the first thing you can do to improve your patient collection process is to implement an online patient payment portal. This online payment process increases patient collections dramatically. The next generation patient is so unfamiliar with writing checks and sending snail mail, that those payments often get delayed. However, by offering the online patient payment option, you remove this barrier to payment.

The other way to improve patient collections is to use an automated messaging and collection process. This approach uses a collection of text, secure text, email, secure email and even smart phone notifications and automated calls in order to ensure the patient knows about their bill and has the opportunity to pay the bill. Plus, these customized decision rules provide a much more seamless and consistent approach to patient collections.

Conclusion
This movement to the empowered patient with a high deductible insurance plan is not likely to go away. Employers are happily getting out of the health insurance business and many want patients to have more responsibility over the healthcare they receive. Being sure that you have a well thought out patient collection workflow is going to be critical to the ongoing success of any medical practice.

The Cost Effective Healthcare Workflow Series of blog posts is sponsored by ClinicSpectrum, a leading provider of workflow automation solutions for healthcare. Their Invoice Spectrum and Auto Collect Spectrum products are a great way to handle the increase in high deductible plans that are entering medical offices.

Proving HIPAA Compliance

Posted on September 9, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 6000 articles with John having written over 3000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 13 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

Given the name of this blog, I get a lot of people asking me about HIPAA compliance. Many of them that are new to the industry are looking for some sort of regulating or certifying body that they can go to in order to be HIPAA compliant.

Unfortunately, there is no body that can audit you and basically certify that you’re HIPAA compliant. HIPAA is basically a self certification, so you can just claim “compliance.” However, if a real audit happens, you better make sure your ducks are all in a row and that you are actually complying. While there is no body that certifies HIPAA compliance, there are pretty specific guidelines on what you need to do to be HIPAA compliant.

When companies and organizations ask me what they need to do to be HIPAA compliant, I usually suggest they start with these HIPAA trainings from one of my partner companies, 4MedApproved: http://bit.ly/191zR9N (20% discount if you use the code healthcare20 since I’m a partner). The HIPAA compliance officer training will teach you what you need to do and it includes HIPAA documentation templates you can use along with business associate agreement forms. Then, the HIPAA workforce trainings are good to train the rest of your staff. With this training and documentation, you’ll feel much more comfortable saying you’re HIPAA compliant and having something to show for it. You’ll also learn what other places you might be lacking when it comes to HIPAA compliance.

I had someone on a LinkedIn discussion about a breach suggest that organization should regularly train their staff on HIPAA. Turns out that doing so isn’t just a good idea, but is also a HIPAA requirement. Having some sort of proven HIPAA training that you’ve completed is one step in the right direction of proving your HIPAA compliance.

The other major step an organization should take is doing a full HIPAA risk assessment. Many organizations are doing this since they’ve had to in order to get meaningful use money. However, even those organization who aren’t asking for the EHR incentive handout are still required to do a HIPAA risk assessment.

What are you doing in your organization or company to prove HIPAA compliance?

Aligning Incentives Across Disparate P&Ls

Posted on September 8, 2014 I Written By

Kyle is Founder and CEO of Pristine, a company in Austin, TX that develops telehealth communication tools optimized for Google Glass in healthcare environments. Prior to founding Pristine, Kyle spent years developing, selling, and implementing electronic medical records (EMRs) into hospitals. He also writes for EMR and HIPAA, TechZulu, and Svbtle about the intersections of healthcare, technology, and business. All of his writing is reproduced at kylesamani.com

My company sells solutions that typically span multiple avenues of care. We’ve encountered a unique problem: incentives to improve care coordination rarely align when disparate P&Ls accrue to different players across the continuum of care. In other words, split P&Ls pose a destructive risk to care coordination and ultimately outcomes.

How does this play out in the real world?

Ambulances

Most health systems do not own or operate their own ambulances (Atlantic Health System and NS-LIJ being notable exceptions). Instead, ambulances are typically run by local governments or private companies. Why is this a problem? Many of the most critically ill patients arrive to hospitals via ambulance. Many of these patients are are in time-critical conditions. Ambulances should have the best tools to help save those patients and improve outcomes and suffering. All of the care that ambulances provide should be coordinated with the receiving hospital.

However, ambulances, especially publicly-operated ambulances, run on extremely tight margins; they can’t afford to invest in many new technologies. Hospitals won’t invest in tools for ambulances – even for at-risk patients – since hospitals won’t actually control the deployment of the technology to ensure they impact outcomes for at-risk patients.

But what if hospitals owned the ambulances that fed the hospitals? In this model, as hospitals move towards risk-based care-delivery models, incentives will be aligned to deploy mobile technologies into ambulances to improve time-to-care, diagnostics, and even triage patients to avoid hospitalizations entirely. Specifically, what if every ambulance was equipped with a mobile X ray, CT, EKG, ultrasound, and a suite of standard diagnostic tools (blood pressure, thermometer, stethoscope, etc? Upon arriving at a non-emergent patient’s home, the paramedics could locally diagnose and triage the patient with a virtual physician’s input and avoid non-essential ER admissions.

But that can only happen if incentives – specifically P&Ls – are aligned across the continuum of care.

Outsourced physician Management Services (e.g., EmCare)

Many hospitals contract with physician groups to staff service lines in the hospital. Although these groups provide real value – e.g., more flexible hours and operational processes – than employed physicians these groups also break up how P&Ls are accrued.

For example, many anesthesiologists align as a group to contract with hospitals. Within their practice, these MDs may find a new automated anesthesia monitor that enables more effective management of residents and CRNAs across multiple ORs. In turn, anesthesiologists should be able to extend the MD:mid-level ratio, drive improvement in patient safety, and make more money. But, concerns about damage, theft, and losing the hospital contract render these same anesthesiologists unlikely to ever buy the equipment themselves. Hospitals will also be reluctant to invest since they won’t accrue the financial benefits of improved labor productivity since the financial benefits accrue to the anesthesiologist group, not the hospital.

But Modularization Works In Other Industries

Indeed, most value-chain centric industries are highly modular. Each layer of the value chain can independently optimize itself and control how it interacts with the layers of the value chain above and below it. A few examples:

In the movie value chain, movie production studios don’t own and operate theaters; theaters are independent

In the retail value chain, retailers usually don’t act as distributors, and distributors don’t usually act as producers

With the exception of Apple (who by no means control the entire value chain), most of the computing value chain is modular; retailers like Best Buy have no hand in chipset design, chipset manufacturing, OEM design, OEM manufacturing, operating systems, Internet infrastructure, internet service providers, or cloud services.

Modularization In Healthcare Delivery: Can it work?

Healthcare delivery is not a linear value chain. Each player in the healthcare delivery system doesn’t build incremental, linear value on top of its suppliers. Rather, healthcare delivery involves the coordination of a breadth of disparate resources to A) diagnose, B) treat, and, C) manage chronic conditions / maintain wellness (these are the three different businesses that Clayton Christensen astutely observes in his excellent book, The Innovator’s Prescription).

Healthcare could perhaps be modularized if a certain set of providers acted to diagnose a patient, then handed off the patient to another set of providers for treatment, who in turn would transfer the patient to another set of providers whose job it was to manage ongoing chronic care. However, this arrangement is only tenable if: 1) the boundaries between these three different businesses are clear and distinct, and 2) the providers in each have a high degree of confidence in the “output” from their “suppliers” (e.g., an accurate diagnosis).

What are your thoughts? Have you seen other scenarios where disparate P&Ls lead to mis-aligned incentives? Have you seen risk-based payment models that successfully bridge disparate P&Ls?

Dishonesty Ruins So Many Things

Posted on September 5, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 6000 articles with John having written over 3000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 13 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I’m always struck by this simple concept: Dishonesty make so many things more difficult than they should be.

We see this all over healthcare. Look for example at patient privacy and security. If people were just honest and thoughtful with patient data, our privacy and security challenges would be so much simpler. Imagine how much time and heartache we’d save if people were just honest when it comes to privacy and security. Yes, I’m looking at the million of hackers that are trying to take people’s personal information. Imagine if we could focus all the money and time we spend securing applications and apply it to improving healthcare. What a difference that would make.

The same could be said for reimbursement. Our reimbursement system would look drastically different if people were just honest. Yes, I’m talking about the billions of dollars of Medicare and other insurance fraud that’s out there. What a sad expense on our current healthcare system as dishonest people try and make a quick buck. While that expense is large, the even larger cost to our healthcare system is the toll that fraud adds to the honest actors.

Look at our current model of reimbursement for healthcare. So much of our insane documentation efforts are tied to the fact that insurance companies are trying to combat fraud. They don’t and can’t trust providers billing levels and so they’ve created layer and layer of requirements that makes the healthcare documentation process miserable. If you don’t agree with me, then you aren’t someone that’s involved in healthcare reimbursement.

This expense gets passed on to the employer and patients as well. Have you ever tried to make sense of the bill or statement of benefits coming from your doctor or insurance company? It’s like trying to make sense of a new language. It doesn’t make sense since you as a patient don’t know that language. Are they screwing you over in what they’re billing you or not? You don’t know either way and good luck trying to find out the answer. The person on the other end of the phone likely isn’t sure either because it’s so complex.

I first learned this principle in the credit card world. Why on earth do we pay 3+% of every transaction we do on our credit card. The answer is simple. Credit card fraud (otherwise known as dishonesty) is rampant and why credit card transactions cost so much. Imagine a world where the doctor wasn’t giving 3% of their business to process a credit card transaction since the cost to change digital digits should be nothing.

Unfortunately, the reality is we do live in a world with a lot of dishonest people who try and game anything and everything. We have to pay attention to security and privacy with these dishonest people in mind. We have to deal with insane reimbursement requirements as these payers try and combat fraud. We have to deal with credit card fraud and pay for it in the process.

It’s unfortunate, because dishonesty almost always catches up with people. Even when we think it doesn’t, dishonesty pays its own toll on a person as they can never be comfortable. Having a clear, honest conscious is one of the most beautiful things in life.

Is The Future of Smart Clothing Modular or Integrated?

Posted on September 4, 2014 I Written By

Kyle is Founder and CEO of Pristine, a company in Austin, TX that develops telehealth communication tools optimized for Google Glass in healthcare environments. Prior to founding Pristine, Kyle spent years developing, selling, and implementing electronic medical records (EMRs) into hospitals. He also writes for EMR and HIPAA, TechZulu, and Svbtle about the intersections of healthcare, technology, and business. All of his writing is reproduced at kylesamani.com

OMSignal recently raised $10M to build sensors into smart clothes. Sensoria recently raised $5M in pursuit of the same mission, albeit using different tactics. Meanwhile, Apple hired the former CEO of Burberry, Angela Ahrendts, to lead its retail efforts.

And Google is pushing Android Wear in a major way, with significant adoption and uptake by OEMs.

There’re two distinct approaches that are evolving in the smart clothing space. OMSignal, Sensoria, and Apple are taking a full-stack, vertical approach. OMSignal and Sensoria are building sensors into clothing and selling their own clothes directly to consumers. Although Apple hasn’t announced anything to compete with OMSignal or Sensoria, it’s clear they’re heading into the smart clothing space in traditional Apple fashion with the launch of Health, the impending launch of the iWatch, and the hiring of Angela Ahrendts.

Google, on the other hand, is licensing Android Wear to OEM vendors in traditional Google fashion: by providing the operating system and relevant Google Services to OEMs who can customize and configure and compete on retail and marketing. Although Google is yet to announce partnerships with any more traditional clothing vendors, it’s inevitable that they’ll license Android Wear to more traditional fashion brands that want to produce smart, sensor-laden clothing.

Apple’s vertically-integrated model is powerful because it allows Apple to pioneer new markets that require novel implementations utilizing intertwined software and hardware. Pioneering a new factor is especially difficult when dealing with separate hardware and software vendors and all of the associated challenges: disparate P&Ls, different visions, and unaligned managerial mandates. However, once the new form factor is understood, modular hardware and software companies can quickly optimize each component to drive down costs and create new choices for consumers. This approached has been successfully played out in the PC, smartphone, and tablet form factors.

Apple’s model is not well-suited to being the market leader in terms of raw volume. Indeed, Apple optimizes towards the high end, not the masses and this strategy has served them well. But it will be interesting to see how they, along with other vertically integrated smart-clothing vendors, approach the clothing market. Fashion is already an established industry that is predicated on variety, choice, and personalization; these traits are the antithesis of the Apple model. There’s no way that 20% or even 10% of the population will wear t- shirts, polos, tank tops, dresses, business clothes, etc., (which I’ll collectively call the “t-shirt market”) made by a single company. No one company can so single-handedly dominate the t-shirt market. People simply desire too many choices for that to happen.

OMSignal and Sensoria don’t need to worry about this problem as much as Apple since they’re targeting niche use cases in fitness and health. However, as they scale and set their sites on the mass consumer market, they will need to figure out a strategy to drive massive personalization. Apple, given its scale and brand, will need to address the personalization problem in the t- shirt market before they enter it.

The t-shirt market is going to be exciting to watch over the coming decades. There are enormous opportunities to be had. Let the best companies win!

Feel free to a drop a comment with how you think the market will play out. Will the startups open up their sensors to 3rd party clothing companies? Will Apple? How will Google counteract?

If You Can’t Beat Them, Fund Them!

Posted on September 2, 2014 I Written By

Kyle is Founder and CEO of Pristine, a company in Austin, TX that develops telehealth communication tools optimized for Google Glass in healthcare environments. Prior to founding Pristine, Kyle spent years developing, selling, and implementing electronic medical records (EMRs) into hospitals. He also writes for EMR and HIPAA, TechZulu, and Svbtle about the intersections of healthcare, technology, and business. All of his writing is reproduced at kylesamani.com

In Where Does It Hurt, Athenahealth CEO Jonathan Bush explicitly calls out a number of businesses that are disrupting hospitals. Specifically, these businesses are performing a single function – e.g. labs, imaging, birthing, urgent care – at a much lower cost with higher quality than general-purpose hospitals. These modular businesses are disrupting hospitals by ruthlessly focusing all of their operations around a single service line to optimize quality and reduce costs. This stands in stark contrast to hospitals, which generally try to be all things to all people (the antithesis of entrepreneurship and general business practices).

I’ve previously outlined how healthcare providers are struggling as they shift to risk-bearing reimbursement models. They’re straddling two dramatically different business models as they try to transform their businesses from fee-for-service to risk-bearing. Inverting a business with thousands of employees and billions of dollars worth of assets and processes is nearly impossible. This is even more challenging in a highly uncertain and fast-changing regulatory environment.

But what if there was a better way?

In the Innovator’s Solution, author Clayton Christensen describes how multi-billion dollar companies such as Apple, IBM, Johnson and Johnson, and Intuit have disrupted themselves. When faced with disruptive changes in their respective businesses, these incumbents disrupted themselves by:

  • Funding a separate operating division with its own P&L
  • In physically removed location
  • With dedicated employees who have no responsibilities to the old business model.

This formula by no means guarantees success, but it creates an environment in which the disruptive division can potentially save the business as a whole, so long as the disrupting business has the operating freedom to disrupt the parent. Employees shouldn’t be bound to the processes, assets, and values of the old business model.

How can providers disrupt themselves?

How can providers, in particular large hospitals and health systems, adopt Christensen’s disruption framework? By funding their disruptors! This strategy drives value across a number of dimensions:

1) Hospital management will have the opportunity to learn about the operational expertise necessary to modularize their existing operations at a lower cost

2) Hospital management will have access to insider information about their own disruption that they would otherwise lack. They can in turn use this information to make smarter decisions about their own businesses, and potentially buy out the disruptees if they become too disruptive.

3) Drive inbound referrals from the periphery to the hubs

4) Generate a financial return

A practical example

My company, Pristine, recently spent some time learning about urgent care centers. We wanted to sell urgent care centers a lightweight telehealth platform so they could beam specialists and hospitalists into the urgent care center. This would allow the urgent care center to generate more revenue by avoiding “leakage” while also generating more revenue for the consulting specialist, guaranteeing more referral traffic to the host hospital, and providing the patient a more convenient experience. All parties would win. The idea was perfect in theory, except…

We discovered that non-hospital owned urgent care centers generally dislike hospitals, and are in fact too proud of the quality of care they provide to patients at much lower cost. These urgent care centers know that they’re disrupting hospitals, but are holding that against the hospitals as a reason not to align interests. Similarly, the hospitals view the urgent care centers as a competitive threat and have no desire to do business with them.

The more I think about this situation, the more I’m convinced that hospitals should invest in their disruptors. A financial tie will massage the hard feelings that exist and create an opportunity in which community resources can be most effectively coordinated across the continuum of care. As we move towards risk-based models, hospitals will need to drive patients to the most capitally efficient cost center that can diagnose and treat the patient.

What are your thoughts? Do you know of any major health systems investing in their disruptors? Or of any health systems that are outright trying to disrupt themselves by establishing modular service lines themselves? (Banner Health and University of Arizona are doing this to some extent!)

4 Health IT and EHR Blogs

Posted on August 29, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 6000 articles with John having written over 3000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 13 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

As most of you know, I’ve been regularly trying to feature other Health IT and EHR bloggers out there. A lot of them are creating some really great content and I’m always happy when there are more smart people joining in on the healthcare IT conversation. I hope you enjoy discovering some new blogs that might help you in your work.

Meaningful Health IT News – This is Neil Versel’s healthcare IT blog. Neil is the most prolific healthcare IT journalist out there having written for pretty much every healthcare IT publication over the past couple decades. I’ve mentioned before that Neil’s blog was one of the first ones I looked to when I started writing a blog. I modeled some of the things I do after him. I figured he was a real journalist and I wasn’t, so I should learn from him. I should disclose that Neil’s blog is part of the Healthcare Scene network of blogs. I’m lucky to be able to work with someone like Neil. I only wish he had more time to write on his blog.

Data 4 U – This is a new health IT blog by Lynn Zahner, a former obstetrician/gynecologist, who’s transforming into a health IT professional. Looking at even just the first 3 posts I’m excited to see what Lynn will bring next. It’s always great to have a clinician’s perspective on healthcare IT. I hope Lynn’s able to keep it up.

Kat’s Space – Kat’s blog is a new find for me. She’s a RN and digital marketing interested in tech and social media. It’s too bad I hadn’t found her before now. Sounds like we’d get along really well. She’s also a Google Glass explorer and so she provides some really interesting insights into the Glass and wearable technology space.

Accountable Health – I think we can all use a great accountable health blog. In fact, we can likely use more than one to try and figure out what’s happening with ACOs and other accountable care programs that are in the works. This blog is written by Fred Goldstein. Fred has a unique view of the accountable care world since he’s the Founder of the Population Health Alliance. I think Fred’s blog is one to watch if you care about where healthcare reimbursement is headed.

OCR Fines Are the Least of Your Worries in a HIPAA Related Breach

Posted on August 27, 2014 I Written By

The following is a guest blog post by Art Gross, Founder of HIPAA Secure Now!.
Art Gross Headshot
Ask any medical professional about their biggest concern for protecting patient information and they will probably tell you about the threat of a random audit conducted by the Office of Civil Rights (OCR). OCR is tasked with enforcing HIPAA regulations and has the ability to hand out fines up to $1.5 million per violation for a HIPAA breach and failing to comply with HIPAA regulations.

With recent fines of $4.8 million handed out to New York and Presbyterian Hospital and $1.7 million fine to Concentra Health Services, physicians have good reason to worry.  These massive fines were levied not as the result of a random audit, but for the mandatory reporting of patient data breaches to the Department of Health and Human Services (HHS), and the investigation that followed.  So physicians need to reconsider where their real concerns should lie.

Ponemon Study

The 2013 Cost of a Data Breach Study by the Ponemon Institute calculated lost or stolen patient records at $233 per record. Let’s take a look at how quickly the cost of a HIPAA breach can add up:

# of Records Breached Cost
1 $233
10 $2,330
100 $23,300
1,000 $233,000
10,000

100,000

$2,330,000

$23,330,000

The cost of the recent Community Health Systems 4.5 million patient records breach could cost more than $1 billion!

Whether a medical provider loses 1,000 or 10,000 patient records the financial impact could easily set back the organization or even put it out of business.  But the “hidden cost” of a HIPAA breach that shouldn’t be overlooked is the damage to the provider’s reputation, lost trust from patients and the resulting sharp decline in revenues.

Lost patient records sparks negative publicity.  Take Phoenix Cardiac Surgery (PCS) for example. The Arizona medical practice with five physicians got slapped with a $100,000 fine for a HIPAA breach in 2012. A current search on Google returns the practice’s website plus 28 links to negative news stories related to the HIPAA fine. The consequences? A patient searching a referred cardiac surgeon from PCS finds the negative publicity and decides to continue searching for another surgeon. Or, an existing patient of PCS decides to look for another medical practice that takes every measure to safeguard his privacy.

Other Cost Factors

Beyond revenue loss and a damaged reputation are the direct overhead costs associated with a breach. The cost of discovering and stopping a breach may involve IT services, forensic investigative services to determine which systems and patients were affected, and legal counsel if patients file a lawsuit. There are also hard costs associated with notifying patients affected by the breach, including time spent to pull together their contact information, mailing out notifications and providing toll-free inbound phone numbers to handle complaints. Most organizations also provide identity and credit monitoring services for affected patients. All of these expenses add up, not to mention the cost of lost productivity due to the diverted attention of employees tasked with managing these processes.

Today it’s not uncommon for laptops, tablets and USB drives with patient records to disappear.  Or, for crime rings to hack into EHR systems to steal patient information and commit tax fraud, and for meth dealers to steal patient identities to obtain prescriptions.  If a large hospital system can lose 4.5 million patient records think how easy it is for a hacker to grab thousands of patient records from smaller medical practices and turn them into cash. The threat of a HIPAA breach has never been greater and all organizations should take heed.

Risk Assessment as a First Step

Healthcare organizations, particularly smaller medical practices, should perform a HIPAA risk assessment to look at where patient information is stored and accessed, and how the organization protects that information. It examines the risks of a breach and recommends steps to lower them. Without performing a risk assessment an organization may be lulled into a false sense of security, mistakenly believing they won’t suffer the consequences of a HIPAA breach.  At $233 per lost or stolen record that could be a costly miscalculation.

About Art Gross

Art Gross co-founded Entegration, Inc. in 2000 and serves as President and CEO. As Entegration’s medical clients adopted EHR technology Gross recognized the need to help them protect patient data and comply with complex HIPAA security regulations. Leveraging his experience supporting medical practices, in-depth knowledge of HIPAA compliance and security, and IT technology, Gross started his second company HIPAA Secure Now! to focus on the unique IT requirements of medical practices.  Email Art at artg@hippasecurenow.com.

Full Disclosure: HIPAA Secure Now! is an advertiser on EMR and HIPAA.