By JAY BAKER
Data breaches continue to burden health plans and providers at an alarming rate. While healthcare providers' sites, such as hospitals and physician offices, are the largest target, health care plans account for the greatest number of health plan member records stolen over the past several years.
Centralized databases offer a wealth of health records that can be used to improve healthcare, but it's critically important for all stakeholders to balance the risks of being hacked against the benefits.
Breaches represent one area where providers and health plans must focus their attention, while also navigating the increasingly complex regulatory and risk management environment -- especially for those striving to adopt value-based models of care. Toward that end, a fully equipped health information management solution has become essential for organizations seeking to improve care, member outcomes and ROI.
Mitigating the Risks of Data-Sharing
While better policies and procedures and the use of encryption have helped reduce easily preventable breaches, more should be done to protect patient/member privacy and mitigate associated costs.
Therefore, healthcare organizations should seek a technology-enabled platform that optimizes operational viability, helps to improve member outcomes at reduced costs, and ensures data security and privacy. The first step is to look for a vendor that has earned the Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) certification.
Key HITRUST Advantages
As healthcare data shifts from local infrastructure to the cloud, the ability to control and secure data weakens, creating substantial challenges for health plans and hospitals that need to assess third-party vendors and ensure that data complies with HIPAA and other regulations.
HITRUST was founded on the belief that information security should be the core pillar of the broad adoption of health information systems and exchanges.
HITRUST CSF certification can be used by all organizations to guide them in selecting and implementing the appropriate controls to protect the systems that create, access, store or exchange personal health and financial information. Certification gives organizations detail and clarity related to information security controls tailored to the healthcare industry.
Certification carries key advantages:
- Ensures a level of consistency from one assessment to another
- Offers a gap analysis to help further assess a vendor's security posture, which saves substantial resources
- Cross references the requirements from legislative, regulatory, HIPAA, NIST, ISO, state laws and others for one comprehensive framework
- Provides a framework that prepares organizations for new regulations and security risks once introduced
- Ensures compliance and security protection to clients
- Assures payers working with vendors that the platform is compliant, private and secure and meets the necessary requirements of HITRUST CSF certification
Bottom line: Certification means a third-party assessed the platform and attests to its compliance with globally recognized standards, regulations and business requirements, ensuring data security, privacy and compliance.
Full-spectrum, End-to-end Solution
Healthcare organizations should look for an integrated risk adjustment optimization and quality improvement solution that has HITRUST CSF certification as validation of a commitment to improving the health of healthcare and providing innovative solutions for health plans across the country.
It should also provide a comprehensive risk adjustment solution that plays an integral role in helping health plans and risk-bearing entities improve measured quality. Furthermore, the solution should combine risk adjustment and quality improvement services and provide real-time visibility and reporting for risk adjustment analytics, medical record retrieval, HEDIS abstraction, risk adjustment coding, claims and data validation, prospective health assessments, clinical abstraction, member engagement/outreach and provider education. It should also be designed to integrate risk adjustment and quality services to deliver fully transparent insights.
Success in value-based approaches pivots around delivering on total member health, cost, and quality rather than relying on the traditional model of maximizing relative value units, revenue and downstream referrals. Ultimately, patients reap the greatest benefit by being guided toward more preventive care and self-management early in the care process while their information and privacy remain protected.
Jay Baker is the senior vice president of product management for Advantmed, LLC, providing risk adjustment and quality improvement solutions for health plans, provider groups and ACOs. Visit Advantmed.com