ACO Accountable Care Organizations Cooperative Healthcare Requires Cooperative Security It s a Team Sport.

Size: px

Start display at page:

Download "ACO Accountable Care Organizations Cooperative Healthcare Requires Cooperative Security It s a Team Sport."

Maude Logan
8 years ago
Views:

1 ACO Accountable Care Organizations Cooperative Healthcare Requires Cooperative Security It s a Team Sport. Robby Gulri VP, Product Marketing gulri@echoworx.com 8/28/13 1

2 Industry leading Educa1on Cer1fied Partner Program Please ask ques1ons For todays Slides h#p://compliancy- group.com/slides023/ Todays & Past webinars go to: h#p://compliancy- group.com/webinar/ #CGwebinar HIPAA

com/slides023/ Todays & Past webinars go to:

3 Real Stats in the Field 8/28/13 3

4 ACO Accountable Care Organizations Definition Accountable Care Organizations (ACOs) are groups of doctors, hospitals, and other health care providers, who come together voluntarily to give coordinated high quality care to their Medicare patients Goal of coordinated care is to ensure that patients get the right care at the right time, while avoiding unnecessary duplication of services and preventing medical errors Share in the savings it achieves for the Medicare program 8/28/13 4

patients Goal of coordinated care is to ensure that patients get the right care at the right time, while avoiding

5 ACO Illustrated 8/28/13 5

6 Encryption requirements for ACOs Requirements Scan, Encrypt or Block outbound Compliance (PHI, PAN, etc) Confidential or Sensitive information Business Process Enablement for Efficiency Replace paper based processes Loan applications, regulatory filings Medical records, insurance claims, and information exchange Automated edocument Delivery distribution of documents containing private information Bank, mortgage, credit card statements Bills and invoices Insurance policies and claims 8/28/13 6

filings Medical records, insurance claims, and information exchange Automated edocument Delivery Email distribution of

7 The Players within ACOs Providers As networks of providers, ACOs are composed mostly of hospitals, physicians, and other healthcare professionals. Payers The federal government, in the form of Medicare, will be the primary payer of an ACO Other payers include private insurances, or employerpurchased insurance Patients An ACO s patient population will primarily consist of Medicare beneficiaries 8/28/13 7

Payers The federal government, in the form of Medicare, will be the primary payer of an ACO Other

8 ACOs and Health Care IT Encryp1on, Security of Data at Rest and in Mo1on 8/28/13 8

9 4 Essential Technologies for effective ACOs HIEs (Healthcare Information Exchange) Portal Secure Push / Pull Analytics Reporting Dashboards Care Management applications Tele Medicine Remote Patient Monitoring Encryption & Security Applications Document Encryption Encryption 8/28/13 9

Care Management applications Tele Medicine Remote Patient Monitoring

10 Security Framework for ACOs Secure, online environment which allows for controlled access to and sharing of data on a variety of levels between stakeholders Access to aggregate cost and quality trends by governance and project teams Secure repository for shared aggregate and detailed data Sharing of patient-specific clinical data between responsible caregivers 8/28/13 10

quality trends by governance and project teams Secure repository for shared aggregate and

11 Tools required for Secure Communications Source: AT&T Compliance Report /28/13 11

12 Push / Pull Support 8/28/13 12

13 Complying to HIPAA for ACOs Becomes even more important as information is constantly being exchanged across multiple organizations and providers More scrutiny and enforcement of HIPAA Omnibus Encryption becomes an important compliance tool and weapon 8/28/13 13

organizations and providers More scrutiny and enforcement of

14 HIPAA Encryption Requirements Standard ~ Transmission Security: Implement technical security measures to guard against unauthorized access to PHI that is being transmitted over an electronic communications network 45 CFR (e)(1) Addressable Implementation Feature ~ implement a mechanism to encrypt electronic protected health information whenever deemed appropriate 45 CFR (e)(2)(ii) containing PHI requires Encryp1on

15 Addressable Implementation of encryption is not optional Addressable implementation features are not optional, they must be addressed; HCO must either: 1 Implement the feature or 2 Document why it s not reasonable and appropriate to implement feature, and implement an equivalent alternative measure when reasonable and appropriate

1 Implement the feature or 2 Document why it s not reasonable and appropriate to

16 Omnibus & Encryption More enforcement with Omnibus Direct liability for both Covered Entities and Business Associates More parties involved with PHI exchange Breach Definition have changed Breach is presumed and you have to prove why breach didn t occur Increase Penalties for liability 8/28/13 16

with PHI exchange Breach Definition have changed Breach is presumed and you

17 Echoworx Snapshot 8/28/13 17

18 Thank you 8/28/13 18

19 HIPAA Compliance HITECH Attestation Omnibus Rule Ready Meaningful Use core measure 15 Free Demo and 60 Day Evaluation group.com HIPAA Hotline HIPAA

Sunday March 30, 2014, 9am noon HCCA Conference, San Diego

Meaningful Use as it Relates to HIPAA Compliance Sunday March 30, 2014, 9am noon HCCA Conference, San Diego CLAconnect.com Objectives and Agenda Understand the statutory and regulatory background and purpose