Health IT and Electronic Health Activate your FREE membership today |  Log-in

Community Blog

Oct 1 2012   10:50AM GMT

Turning meaningful use stage 2 into a core capability

Posted by: Jenny Laurello
EHR Adoption, EMR adoption, HIPAA, HIPAA risk assessment, meaningful use stage 1, meaningful use stage 2, MU stage 2, MUS2

Guest post by Ruby Raley, Director, Healthcare Solutions, Axway

Now that meaningful use stage 2 (MUS2) requirements have been published, we can stop and applaud the success of meaningful use stage 1 (MUS1). In particular, the ambitious goal of getting 100,000 health care providers to adopt or meaningfully use EHRs by the end of 2012, set by CMS Acting Administrator Marilyn Tavenner and National Coordinator for Health Information Technology Farzad Mostashari, M.D., Sc.M., was met six months earlier than expected. Approximately 120,000 physicians and 3,000 hospitals have attested to MUS1.

As we catch our breath and begin the charge toward MUS2, we need to anticipate possible system upgrades, which mean more change management, education and coordination. With MUS2, though, there is also significant focus on how we work with those outside our organization, and that’s the focus of this post. It’s time to move away from using clearing houses for moving claims data and paper records for communicating with patients. It’s time to do more electronically and in real-time, rather than through slower batch-based processes.

First, MUS2 requires patients to have online access to their health information, and secure electronic messaging between patient and provider. Though this is only required for five percent of your patients at first, it forces us to think about how we communicate with our patients; to determine how we provide governance, traceability and security of exchanges; and to take into account the wide variety of email solutions and devices they’ll be using to communicate.

Second, you need to exchange with those outside your communities. Another requirement of MUS2 is that you exchange electronic coordination of care records with at least one provider using EHR technology from a different vendor than the ones you use. This will involve perhaps going outside your comfort zone, exchanging with providers that don’t speak exactly the same health language as you.

MUS2 also requires HIPAA risk assessments. We are supposed to be conducting them already, and maybe it has seemed too arduous a task up to now. But if you look at all that’s facing us – upgrading systems, communicating with patients electronically, finding organizations using different vendors to communicate summary-of-care information, managing that community and providing structural governance on top of it – now is the perfect time to look at efficiency and effectiveness through the lens of HIPAA risk assessment. I cannot stress enough – get those risk assessments scheduled so you can truly see how information moves through your organization. And, if you still have FTP servers, manual portals and a variety of clearing houses to exchange information, you should think about modernization.

What does a modern exchange look like? Imagine: you have one portal for exchanging files and one for exchanging messages, and all your traffic and all your health care information goes through these two well-governed, monitored, and tracked portals. You know what goes where, you can provide accounting for disclosure, you have proof that information is encrypted so that it can’t be breached and you have proof of delivery through non-repudiation at the endpoint.

Making these external connections manually costs doctors approximately $15,000 per connection, and hospitals $40,000 per connection. If you’re a doctor that refers patients to just 20 other organizations or a hospital that communicates with 100 doctors, clinics and labs, your IT budget will disappear pretty quickly. Instead, use the HIPAA risk assessment as the impetus to develop standardized gateways for information exchange, and to begin the process to acquire the gateways from your EMR vendor or from a best-of-breed vendor, and get it in place now. Note: Having one governed gateway will reduce or eliminate the need to conduct a new risk assessment for each new connection, and will enable centralized governance, management and monitoring.

If your goal is to exchange information electronically, manage your community, test your exchange, and be in production to get MUS2 — and to do all of this in less than 18 months – it’s time to get started.

If you tackle all of this not by checking each menu item off separately, but by creating a core capability that you can build upon and reuse over and over again, you’ll not only get to MUS2 much faster, you’ll do it at a much lower price point and with greater confidence for long-term success.

Comment on this Post

Leave a comment:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: