July 14, 2010 10:51 PM
Posted by: RedaChouffani
After over 2,000 public comments received on the initially proposed meaningful use ruling released back in January of 2010, the Department of Health and Human Services delivered the final regulations that will govern the initial 2 years of the Medicare/Medicaid incentive program during 2011/2012.
This ruling and the recently released certification criteria represent the final pieces that eligible professionals needed to follow in order to receive the 44,000 to 63,750 incentives from Medicare/Medicaid incentive programs.
A press release and comments made by Blumenthal clearly indicated that the final ruling reduced significantly the number of requirements. This was welcomed by many vendors, physicians and health organizations.
As part of the first stage in meaningful use there are 15 objectives for eligible professionals (EPs) and 14 for eligible hospitals and critical access hospitals. Some of the core measures are as follows:
– Implement drug to drug and drug allergy interaction checks
– E-Prescribing (EP only)
– Record demographics
– Maintain an up-to-date problem list
– Maintain active medication list
– Maintain active medication allergy list
– Record and chart changes in vital signs
– Record smoking status
– Implement one clinical decision support rule
– Report CQM as specified by the Secretary
– Electronically exchange key clinical information
– Provide patients with an electronic copy of their health information
– Provide patients with an electronic copy of their discharge instructions (Eligible
– Provide clinical summaries for patients for each office visit (EP Only)
– Protect electronic health information created or maintained by certified HER
The following table is part 1 of a series of the analysis of each measure:
Part 1 of core set measures
July 10, 2010 6:00 PM
Posted by: RedaChouffani
With the increased activities around Health Information Exchange and over $547,703,438 awarded to different states. HHS recognized that more health information will be digitized and captured. The risks of data theft and breach become more eminent. In an effort to ensure privacy, the HHS decided to Strengthen Health Information Privacy by modifying some of the existing HIPAA rules available today.
On July the 14th, 2010 the Human and Health Services HHS will release the official version of proposed rule making modifications to the 1996 HIPAA privacy rules. The current proposed changes which have been published Click Here
In a news release from July 8th, 2010, HHS announced the following:Here
“The proposed rule announced today would strengthen and expand enforcement of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy, Security, and Enforcement Rules by:
* expanding individuals’ rights to access their information and to restrict certain types of disclosures of protected health information to health plans.
* requiring business associates of HIPAA-covered entities to be under most of the same rules as the covered entities;
* setting new limitations on the use and disclosure of protected health information for marketing and fundraising; and
* prohibiting the sale of protected health information without patient authorization.
Many of the new regulatory and compliance changes are driving practices to reevaluate their security protocol, policies and procedures. These organizations are updating their business agreements and ensuring all the business associates have signed the new contracts. Some are also performing HIPAA technical audits and reviewing internal policies and procedures for access to medical records.
The updated document also contains information that will affect health organizations and patient’s right to access their electronic health records. In the proposed modified ruling the following section outlines See The HIPAA Privacy Rule’s Right of Access and Health Information Technology (providing guidance with respect to how § 164.524 applies in an electronic environment and how health information technology can facilitate providing individuals with this important privacy right), available at: Here for additional details.
While these changes are intended to ensure the privacy, and protection of all health records. It is critical for health organizations to be familiar with the ruling regardless of the size. In some organizations the operational budget does allow for a dedicated HIPAA compliance officer, however, in the case of a small medical practice, the administrator would take on that responsibility. In this case, they should most likely request some outside assistance to review their compliance standing. Keeping in mind that in the case of an unfortunate incident or HIPAA violation, organizations will face penalties (financial and criminal). Unfortunately there has been many cases of HIPAA violations. They are currently being posted in the wall of Shame site as part of the HHS. The site can be viewed here: click here
July 7, 2010 10:43 PM
Posted by: RedaChouffani
In a recent report by Garther, Inc, in regards to the worldwide market share report, DELL is the number 1 healthcare information technology service provider. In addition a recent report released on July 1st, 2010 from KLAS has ranked them number 1 as well for Extended Business Office (EBO) services in the “Revenue Cycle Services: From the Extended Business Office to Transformational Services”, This was credited to “Perot Systems” who as of late September of last year was acquired by DELL for an amount of $3.9 Billion. It did not come as a surprise when DELL announced their acquisition; in fact this was probably the right move. This comes after pressures from other competing entities such as HP and IBM.
Since the enactment of the ARRA in 2009, and our nation’s goal to modernize healthcare across the name, healthcare has become the new hot market to service, and with federal incentives around the corner, hospitals and physicians are shopping for vendors to help service their specific needs. Clearly this was another important motive for DELL to seek the expansion of their IT services portfolio and encourage their client base to review their healthcare offerings.
Most successful healthcare technology vendors focus on four critical needs to fulfill for their clients:
· Hardware selection and purchase
· Technical support of the current system
· Healthcare specific consulting, project management, vendor management
· Solution development (interfacing, customizations, new solutions, etc..)
DELL seems to have the right ingredient to succeed in its healthcare specific services branch, and they will continue to face fears competition from already established Global powerhouses. But with the low margins in hardware sales, DELL seems not to have much choice. So strategically speaking complementing those products with services ranging from Healthcare IT informatics, Software solutions, Consulting, large installs, possible HIE (Health Information Exchange) and others is a must to stay competitive.
July 4, 2010 9:44 PM
Posted by: RedaChouffani
In recent months things have started to take shape and health care leaders are more than ever perfectly aware of all the requirements of the ARRA.
While only recently we had the final ruling on the certification process for the EHR products, The center for Medicare & Medicaid Services (CMS) release recently a site that contains details information on EHR Incentive Programs.
This web site contains several sections:
Eligibility information and definition of the eligible professionals (EPs) for both the Medicare and Medicaid program.
Certification of the EHR products which must be certified bu an office of the National Coordinator for Health Information Technology Authorized Testing and Certification Bodies (ONC-ATCBs)
Meaningful Use and its requirements including the details based on specialties and such.
Registration: This has not been defined yet, but will everyone is awaiting patiently its release
Fact sheets for Medicare & Medicaid Eligible professionals with payment estimates
This site is definitely welcomed among many, despite the delay, it is a great resource to have access to.
July 3, 2010 1:59 PM
Posted by: RedaChouffani
, EHR PM
, project manager
So, here you are looking at implementing the EHR solution that you have spent many years deciding on. On one side the vendor has provided you with a an implementation specialist and they have a check list for everything from
With the deadlines nearing for stage 1 for meaningful use, implementations of electronic health records have seen an increase. While in most cases the attention has been on which packages claim their guaranteed certification, the main challenge that health organizations will face is the overwhelming process of implementing the EHR.
In many cases the vendors provide great resources to assist. This is a great value for any health organization, as this resource would have experienced many EHR implementations.
However, the practice must still have an internal project manager that will lead the core group and work with the vendors, staff and IT to ensure all the milestones are completed. In order for the practice to identify the candidate for taking this role, one must look for several qualities that will be critical to ensure the success of this person.
The first step is to identify the landscape that this project manager will be working in:
· Strict deadlines due to the ARRA
· Additional hardware software requirements
· New technical Acronyms (HL7 for lab interfacing, X12 835,837 for claim transactions, DICOM, PACS, CPOE.)
· Regulatory requirements (Meaningful use measures)
· Backlog scanning for older charts
· Multiple stakeholders and vendors for different functions (IT vendors, EHR vendors, Lab Companies, prescribing, Clearing house for billing, State/federal entities, calling systems..)
· Some staff resistance for change (workflow change, or software change)
· Data conversions between systems
With the ever changing conditions, and the complexity of the project the EHR project manage must possess some key traits that will ensure the success of the implementation:
Leadership and soft Skills
· A good understanding of the practices goals, processes and limitations
· Good time management skills
· Effective communication skills
· The ability to motivate the team during the transition
· Strong work ethic
· Good time management skills
· A positive attitude that will ensure that there is a good energy around the project
· Listening skills
· Flexibility, adaptability and problem solving skills
· A medical background and good understanding of some of the practice workflows
· An understanding of some of the medical acronyms and terminologies
· A high level understanding of some of the technologies that will be utilized
· Familiar with the application or able to quickly learn the EHR application
· An high level understanding of what integrations and interfaces will be implemented
· Some knowledge on what technologies available to the group to enhance and maximize the use of the infrastructure / EHR.
The complexity of the EHR project manager role stems from the diverse environment in which they work in. Their functions are ranging from day to day interactions with the teams, coordinating with vendors, to ensuring that the project objectives, schedules and budgets are on track. So when making your selection from within your team who will a good candidate, one must consider all the above criteria when making that selection.
June 27, 2010 4:03 PM
Posted by: RedaChouffani
, healthcare mobile
, mobile apps
In the past few months, I have been assisting several health organizations with the selection of healthcare specific mobile solutions. Ranging from mobile surgery scheduling tools, surgery charge capture and the delivery of health summary records to Smartphone. The challenge I kept facing is that in most organizations unless there is a strict policy on single device model, it was very difficult to identify products that are developed for more than one mobile platforms and that can retain the same experience throughout the different phones.
This was a reminder of a similar challenge that many software companies faced years ago. Several packages that were developed many years back such as medical manager, CPSI, Misys and others elected to use cobalt, Unix and AIX environments. While some continues with a much more user friendly environment that was found in windows such as: Practice partners, EPIC, GE and more.
Still many of these solutions co-exist today facing severe competition from web based solutions that are accessible via a web browser regardless of the platform in use.
So the question they all faced prior to their design was: “Which platform will this package be developed for? What development language will we use and Why?”
While most software developers would agree that Java was the preferred development language since it is capable of running on most platforms, but it has not been as popular in the healthcare field as many of windows and Mac based software.
If it was not for the success of the internet and the prolific results of web 2.0, none of the software vendors would have considered a web based delivery system. Now that many have ventured to have web based capabilities, we must all ask the question of “why can’t mobile applications have the same ability?” It‘s true that all smart phones have web browsing capability, however, it does not look like anyone is interested in using the mobile web browser to read the news, lookup information and even review medical imaging. But clearly there is a wider interest in the Apps that can be installed on these devices.
This creates a challenge for many software companies. They are now faced with the same old question “Which platform will this package be developed for? What development language will we use and Why?” With choices ranging from Android, the upcoming windows phone 7, Palm, iPhone and few others, it is difficult to cater to a single manufacturer since there is not one that has a majority share in the market place as Microsoft did with in the past with their operating system windows.
So, would there be an opportunity in the future for Smartphone users to have the ability to switch vendors and still have access to their favorite apps for personal or business use? would they be able to have the same functionality and experience with it?
So far all almost all mobile devices have the social network apps available with almost the exact same functionality across the board. But when we discuss platforms that have been used in the past to deliver more complex content there has been some lagging. Example: Adobe Flash made attempts to continue to deliver rich media content to the end users, but clearly most of those dreams faced some serious obstacles from vendors such as iPhone and even Android who did providing immediate an immediate plug in.
However, far in the horizon, one giant technology vendor is attempting the impossible. Microsoft in the last several years has been developing a web application framework called Silverlight. What’s interesting about this platform is that Microsoft has been working with Novell on a project by the name of “Mono” to provide support for Linux and other Unix/X11 based operating systems. This of course would most likely mean that Android will have support as well since it has a Linux Kernel.
If you are not familiar with this platform be sure to visit the patient journey demonstrator to get a first hand experience with Silverlight capabilities. This can potentially ensure the existence of a single web application platform that be used in all most mobile phones and ensure the continuity of the same experience of one app regardless of the platform.
So, if a hospital, mid size medical practice or an IDN decides on a mobile solution, they may not have to force a certain Smartphone brand on their clinicians, while still ensuring that all devices are protecting the information they are using in the cloud.
June 23, 2010 10:37 PM
Posted by: RedaChouffani
, IT Audit
, medical Audit
, technology EHR audit
With many medical organizations seeking to implement EHR systems and become paperless, they have become increasingly dependent on their computerized information systems to provide care to their patients, maintain the medical records and carry out their operations.
As a consequence, the reliability of the technology infrastructure and systems must be reviewed periodically, whether it is prior to implementing their new EHR or post implementation. This process a critical step as it will assist in ensuring that the current infrastructure can support the selected solution, ensure data integrity, system performance, safeguard assets, and scalability for the organization to allow for future growth.
There are two approaches to the IT audits for a medical organization. One that is at the initial stages of EHR product assessment, and the other is an on going system review.
The first audit would focus on the current state of organization from a hardware, networking and peripherals stand point. Some of the focus would be on:
Evaluating the compliance requirements that are part of the new electronic medical records
Evaluating the network backbone (wireless/ wired)
Evaluate the current storage capability and forecast future storage needs (taking into consideration added electronic documents as part of chart scanning)
Review current servers and their capabilities
Evaluate Workstations, mobile devices and peripherals to ensure they meet the minimum requirements of selected EHR
Evaluate the current disaster recovery plan (DRP) and business continuity plan (BCP) and review any adjustments that will be required
Review all required data interfacing/integration needs
The second audit would be a quarterly or yearly event for the Information system. Whether it is performed by in-house IT, or a third party vendor, it would most likely cover a spectrum of audits. Some of which are:
A compliance audit ( covering all HIPAA mandatory and optional requirements, red flag rules, etc.)
IT systems best-practice implementation such as ITIL
System overall availability (EHR, HIS, LIS. etc.) that focuses on the system overall uptime, fault tolerance, business continuity plan and restore drills.
System security and confidentiality that would focus on ensuring proper authorization processes. From employee biometric to physician’s prescribing password protection
Data integrity audit which would focus on ensuring that there are no reported system failures that cause data loss or corruption
There has been many laws established that regulate the information technology audit. Some examples: the Sarbanes-Oxley Act and The Health Insurance Portability and Accountability Act. While in some cases an Audit may seem unnecessary, it is important to recognize the value of oversight to IT. This ensures that a governance program is implemented that maintains the infrastructure stability, security, and integrity in check and that IT continues to be in-line with the organizational goals.
June 19, 2010 1:59 PM
Posted by: RedaChouffani
, stimulus certification
The Office of National Coordinator has officially issued the final rule for the temporary program that will certify electronic records systems required for the practices engaging in the Stimulus.
Since the release of the two certification processes available under the previously proposed ruling in March, now EHR vendors can be certified by designated organizations that will test and certify them.
For many hospitals and organizations that have “self-developed” solutions, the ONC-ATCB has responded to the many commenter to allow many of these complete EHR or EHR modules to be tested remotely in the development sites or even deployment sites.
In addition, it has been noted that all certified EHR must maintain their certified status. It is has been proposed that any certified product would loose its certification upon the Secretary of HHS adopting new or modified certification criteria.
The final ruling also notes that if the temporary certification sunsets on December 31, 2011 and when the permanent certification program is fully implemented, all applications certified EHRs for the period of 2011/2012 would not be required to be re-certified again under the permanent certification.
As software vendors continue to provide their clients with routine maintenance,fixes for product bugs and new features, the ONC-approved testing and certification body (ONC-ATCB) is requiring at minimum for these certified EHR vendors to submit an attestation that would indicate all changes made, the reasons for the adjustments and other supporting information that will help the ONC-ATCB assess the potential effects of the new updated version.
June 14, 2010 11:47 PM
Posted by: RedaChouffani
, healthcare smartphones
, medical apps
Smartphones have significantly changed the way we interact and use data. But despite the wide use of Microsoft previous Windows Mobile operation system in the manufacturing and enterprise settings, there seems to be a larger demand for Apple and Google devices in the healthcare arena.
However with the existence of complex standards representing health records ranging from Lab results, immunization records, imaging, prescription, billing and EKGs which require different interoperability standards such as (HL7, XML, DICOM, X12, and aECG) , most existing mobile app developers are facing difficulties in identifying which direction to take.
While it is clear that the app store and android market have seen tremendous success in downloads of instant reference apps, medical calculators, and diagnostics tools, vendors must still continue to push toward mobile solutions that are more meaningful.
A recent release of an iPhone App “MyIR” is a great example of usable application that can benefit for interoperability standards. This solution is designed to assist patients or parents with tracking immunization records effectively. In most cases this information is kept at the primary physician or pediatrician. By having this app downloaded, all the information can be added during or after the visit to keep an up to date record. But many states Immunization registries do provide the functionality to export immunization records available for download using the HL7 format, this app can benefit from connecting directly with these state registries and download near real time information, thus eliminating data entry all together.
With the assistance of groups such as HITSP and the work of the HIT Committee, we are moving closers to completing standards and services that will empower software vendors to deliver simple, direct, secure mobile solutions that can deliver meaningful data to participants.