Emptoris Contract Management for Healthcare HIPAA Compliance

Similar documents
Emptoris Contract Management Solution for Healthcare Providers

Improving sales effectiveness in the quote-to-cash process

Contract management's effect on in house counsel

Top Ten Keys to Gaining Enterprise Configuration Visibility TM WHITEPAPER

SOLUTION BRIEF: CA IT ASSET MANAGER. How can I reduce IT asset costs to address my organization s budget pressures?

Thought Leadership White Paper

A SELECTICA GUIDE ALL THINGS STARK LAW WHAT IS STARK LAW, AND HOW CAN CONTRACT MANAGEMENT SOFTWARE HELP YOU COMPLY?

The Firewall Audit Checklist Six Best Practices for Simplifying Firewall Compliance and Risk Mitigation

agility made possible

Business Associate Management Methodology

Best Practices in Contract Migration

Implement security solutions that help protect your IT systems and facilitate your On Demand Business initiatives.

White paper September Realizing business value with mainframe security management

RSA ARCHER OPERATIONAL RISK MANAGEMENT

Security management solutions White paper. Extend business reach with a robust security infrastructure.

IBM Tivoli Asset Management for IT

Contract Management The Mavericks Won t Like This!

Moving from Paper to Electronic Records: Hardwiring Compliance into Product Development Using technology to incorporate quality system regulation

IBM Emptoris Procurement SaaS Service

Product Lifecycle Management in the Medical Device Industry. An Oracle White Paper Updated January 2008

Product Lifecycle Management in the Food and Beverage Industry. An Oracle White Paper Updated February 2008

White Paper: The Seven Elements of an Effective Compliance and Ethics Program

OBLIGATION MANAGEMENT

Gain a competitive edge through optimized B2B file transfer

White Paper THE FIVE STEPS TO MANAGING THIRD-PARTY RISK. By James Christiansen, VP, Information Risk Management

An Oracle White Paper January Access Certification: Addressing & Building on a Critical Security Control

Governance, Risk, and Compliance (GRC) White Paper

Transforming Big Blue s Procurement Operations

Minimize Access Risk and Prevent Fraud With SAP Access Control

Veramark White Paper: Reducing Telecom Costs Why Invoice Management is the Best Place to Start. WhitePaper. We innovate. You benefit.

Tufin Orchestration Suite

IT ASSET MANAGEMENT SELECTED BEST PRACTICES. Sherry Irwin

Addressing IT governance, risk and compliance (GRC) to meet regulatory requirements and reduce operational risk in financial services organizations

Altiris Asset Management Suite 7.1 from Symantec

Driving performance and value through strategic vendor management

Mastering Complex Change and Risk through Smarter Engineering Collaboration

Eval-Source. Apparancy Business Process Platform. Analyst Review

White Paper. An Overview of the Kalido Data Governance Director Operationalizing Data Governance Programs Through Data Policy Management

The HIPAA Omnibus Final Rule

NEW PERSPECTIVES. Professional Fee Coding Audit: The Basics. Learn how to do these invaluable audits page 16

Security management solutions White paper. IBM Tivoli and Consul: Facilitating security audit and compliance for heterogeneous environments.

Industry Solutions Process Manufacturing Flexible and Agile Engineering Document Control for Efficient, Safe and Compliant Plants

8 REASONS TO OUTSOURCE RECORDS MANAGEMENT

HIPAA and HITECH Compliance for Cloud Applications

Provide access control with innovative solutions from IBM.

Adopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services.

The Brave. New World of Healthcare Correspondence. Harnessing the Power of SaaS to Safeguard Patient Data. White paper

Ten questions to ask when evaluating contract management solutions

Contracts Management Software as a Tool for SOX Compliance

Unlock the code IT Asset Management

Software License Asset Management (SLAM) Part 1

IT Security & Compliance. On Time. On Budget. On Demand.

Software License Asset Management (SLAM) Part III

8 Key Requirements of an IT Governance, Risk and Compliance Solution

Address IT costs and streamline operations with IBM service request and asset management solutions.

Case Study Success with a. into a Corporate Integrity Agreement (CIA)

What You Don t Know Does Hurt You: Five Critical Risk Factors in Data Warehouse Quality. An Infogix White Paper

Current Challenges in Managing Contract Lifecycle Management

CONNECTING ACCESS GOVERNANCE AND PRIVILEGED ACCESS MANAGEMENT

Securing Your Business with Managed File Transfer

S24 - Governance, Risk, and Compliance (GRC) Automation Siamak Razmazma

CA Oblicore Guarantee for Managed Service Providers

Sarbanes-Oxley: Beyond. Using compliance requirements to boost business performance. An RIS White Paper Sponsored by:

A CobbleSoft Customer Solutions Case Study

On-site Chemicals: Do You Know Your Exposure?

This paper looks at current order-to-pay challenges. ECM for Order-to-Pay. Maximize Operational Excellence

Reducing Cost and Risk Through Software Asset Management

ComplianceSP TM on SharePoint. Complete Document & Process Management for Life Sciences on SharePoint 2010 & 2013

Achieving Control: The Four Critical Success Factors of Change Management. Technology Concepts & Business Considerations

Microsoft s Compliance Framework for Online Services

WHITE PAPER. iet ITSM Enables Enhanced Service Management

Compliance and Security Solutions

White paper Maximize your electronic health records investment and improve patient care. A Configure Consulting white paper, sponsored by HP Software

Gain IT asset visibility, control and automation

Streamline the Financial Close

How To Manage It Asset Management On Peoplesoft.Com

Enforcive / Enterprise Security

SOLUTION WHITE PAPER. IT Business Management and Compliance Ensuring Cloud Governance

With tight timelines and complicated regulatory

IBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems

AssetCenter 4.4. Total Asset Visibility and Control. Control Costs. Ensure Compliance. Reduce Complexity

Increase the Efficiency and Value of Healthcare Contact Centers

Regulatory Requirements, and insure a Safe Workplace

CDOs Should Use IT Governance and Risk Compliance Management to Advance Compliance

Enhance visibility into and control over software projects IBM Rational change and release management software

Streamlining Healthcare Business Interactions

Comprehensive Compliance Auditing and Controls for BI/DW Environments

IBM Enterprise Content Management: Streamlining operations for environmental compliance

Effectively Managing EHR Projects: Guidelines for Successful Implementation

Achieving Better Contract Management through Automation

White Paper. Trends in Hospital Professional Liability Operations. Macro Trends in Hospital Insurance Operations

Pace of Change Broadcast Media. Channel 1 Channel 2 Channel 3

Improving Unstructured Data Governance. Ryan Jancaitis Product Management Symantec

6 Contract Management Best Practices - OPERATIONS EDITION -

Protecting the Single Source of Truth: Effective Contract Management as a Core Business Strategy

HIPAA Changes Mike Jennings & Jonathan Krasner BEI For MCMS 07/23/13

Securing the Healthcare Enterprise for Compliance with Cloud-based Identity Management

Next Generation Telecom Expense Management

Oracle Role Manager. An Oracle White Paper Updated June 2009

Transcription:

Emptoris Contract Management for Healthcare HIPAA Compliance An Emptoris White Paper Emptoris, an IBM Company www.emptoris.com ECHHC-4/12

Executive Summary Provider contracts are complex, dynamic, and critically important to healthcare payers success. Despite this, most payers manage their provider contracts with fragmented, manual processes. As a result, these payers miss opportunities to negotiate more profitable, standardized provider agreements. In an industry where profit margins are already slim and costs are rising, payers must gain greater control over their agreements with providers to remain competitive. Furthermore, changing conditions in the healthcare industry, including tighter government regulation and trends toward consolidation and consumer-focused products, require that healthcare payers also improve their operational flexibility. Andy Kyte, Vice President of Research, Gartner Group, affirms, Contract management must move from a casual practice to a structured approach to reap benefits and minimize liabilities... This will deliver bottom-line savings and reductions in ongoing operating costs, and facilitate good practice in risk and opportunity management. Emptoris Contracts for Healthcare, the industry s most comprehensive contract management solution, enables healthcare payers to increase their profitability by providing them with greater control, efficiency, and flexibility in developing and managing their contracts with providers. The Emptoris solution also integrates with reimbursement systems to provide healthcare payers with a seamless, closed-loop solution for managing provider agreements. 2

HIPAA Encompasses a Broad Range of Contracts A wide range of contracts between covered entities, such as payers, hospitals, laboratories, and their business partners, must be HIPAA compliant (the following table provides examples). Given that multiple parties are involved in the management of these contracts, covered entities face an uphill battle in ensuring their own compliance, and that of their business partners. A covered entity is in violation of HIPAA s Privacy Rules and Standards for Electronic Transactions requirements if its management knew or reasonably should have known of a business partner s breach of agreement and failed to take steps to remedy the breach or terminate the contract. Covered entities can protect themselves against this risk by quickly adopting solutions and processes that deliver effective controls over all business agreements. Physician contracts Equipment lease contracts Payer contracts Claim scanning/entry/processing contracts IT outsourcing contracts Computer software contracts Data warehouse/clearinghouse vendor contracts Professional services contracts Telemedicine program contracts Radiology services contracts Release of information vendor contracts Record reproduction vendors Employee benefit contracts BPO contracts Insurance contracts Risk management consulting contracts Legal services contracts Computer hardware contracts Transcription vendors Microfilming vendor contracts Pathology services contracts Emergency services contracts Real estate/facility contracts Waste hauling/incineration contracts Table 1: A broad range of contracts is subject to HIPAA requirements. 3

Covered Entities are Largely Unprepared to Meet HIPAA Requirements Non-standard, manual processes for managing provider contracts are commonplace at payer HIPAA compliance requires far more vigilance than simply adding nine clauses to business partner agreements. Covered entities must also have solid processes in place to address the following challenges: Adhere to Rigorous Standards for Contracts HIPAA s Privacy Rules and Standards for Electronic Transactions require that agreements include specific language regarding the electronic exchange of patient information, as well as its use and disclosure by business partners. Unfortunately, many covered entities lack enforceable policies for creating, negotiating, approving, and managing contracts and addenda. Compounding this challenge is the fact that it is often necessary for covered entities to create contracts that deviate from standard templates. Covered entities require the flexibility to create agreements with alternate clauses and terms, as well as an enforceable review and approval workflow to ensure that such deviations do not expose the organization to unnecessary risk. However, most healthcare contracts are negotiated and approved at the regional or local level, making it difficult for executive management to confirm that HIPAA requirements are met. 4 Document Complete Histories of Contracts A covered entity risks HIPAA non-compliance if it cannot demonstrate that it protects individually-identifiable patient information by effectively governing the practices of its employees and business partners. As healthcare organizations typically employ fragmented processes to negotiate and approve hard copy agreements, they generate incomplete paper trails that are insufficient defense against penalization. Without comprehensive documentation of the history of all agreements, covered entities cannot prove to auditors that they have made reasonable efforts to achieve and maintain HIPAA compliance. Gain Complete Visibility into the Contract Lifecycle Many covered entities have dangerously limited visibility into their contracts, exposing them to the serious risk of HIPAA violations. As contracts are scattered in disparate applications and filing cabinets in various departments, healthcare organizations grapple with identifying contracts that are affected by HIPAA and revising existing contracts to reflect updated HIPAA guidelines. As a result, they are unable to ensure their own compliance with HIPAA, let alone that of their business partners. Without a central contract repository and the ability to quickly search and report on key terms, covered entities cannot ensure that contracts and transactions adhere to HIPAA guidelines, or even confirm that they are operating under current contracts.

APPROVED APPROVED Enterprise Contract Management is Essential for HIPAA Compliance Enterprise contract management ensures that covered entities achieve and maintain compliance with HIPAA s contract-related requirements, and also yields additional business benefits. With access to historical contract data and comprehensive analysis capabilities, contract managers gain a significant advantage in negotiating contracts. They can readily identify the most profitable terms in past contracts and include them in future agreements. Emptoris Contract Management, the healthcare industry s most comprehensive contract management solution, seamlessly integrates with existing compliance and operational systems and also delivers powerful contract administration capabilities, complete visibility into contractual commitments and obligations, effective audit tools, and enforceable controls to ensure HIPAA compliance throughout the contract lifecycle. Claims Claims Physcian Group Emptoris Contracts Hospitals Field Contracting Professionals Regional Contracting Executivess Contract 5 Laboratories Provider Database Pricing Database Physcians Payment Reimbursement System Figure 1: Emptoris Enterprise Contracts Streamlines the Contracting and Auto-adjudication Processes 1. The payer s field contracting professionals use Emptoris Contracts to negotiate standardized contracts with providers. 2. Provider contracts are automatically routed for review and approval by the payer s regional contracting executives and actuaries, who verify that appropriate contract structures and language are used 3. Emptoris Contracts ensures that accurate provider-specific data is applied to contracts, and that the payer s reimbursement system operates with current provider contract data, including up-to-date pricing schedules. 4. Emptoris Contracts closes the loop between field contracting professionals and back office systems, eliminating the contract gap and increasing the profitability of provider contracts.

Emptoris Contract Management Drives HIPAA Compliance through Seamless Integration In order for healthcare organizations to manage employee and business partner compliance with the HIPAA provisions included in their contracts, tight integration between enterprise contract management solutions and compliance and operational systems is required. Emptoris Contract Management possesses the most complete contract management integration capabilities in the industry. By linking compliance information collected by these systems and ensuring that contracts cannot be finalized without authorized approvals, Emptoris Contract Management enables healthcare organizations to protect themselves against doing business with risky partners. In addition to contract management, Emptoris offers solutions to analyze and measure partner performance, providing a complete solution from contract to claim. The Emptoris solution assists HIPAA compliance managers in proactively managing business partner performance and in quickly assessing and managing risk if a HIPAA violation occurs. 6 Requirements for Achieving and Maintaining HIPAA Compliance Standalone Emptoris Contract Management Solution Emptoris Contract Management with Analysis and Performance Emptoris Integrated with Claims Enforce an automated contract approval workflow Standardize contract processes, language, and terms Monitor partners for HIPAA ü ü compliance and risk Document complete contract histories in audit trails Provide access to all contracts in a central repository Alert appropriate parties to critical contract events Readily search, report, and analyze contract terms Manage HIPAA compliance ü ü throughout contract lifecycle Review claims and payments ü ü against contracts Regularly audit credentialed ü ü providers Manage the lifecycle from contract to claim ü Table 2: Healthcare organizations achieve and maintain HIPAA compliance by integrating the Emptoris solution with existing compliance and operational systems.

Emptoris Contract Management Enforces Corporate Standards Emptoris Contract Management delivers an instantly accessible library of contract templates and terms, ensuring that approved language is used, and that the necessary HIPAA clauses are included wherever they are required. While negotiators in every office gain the flexibility to quickly build contracts with alternate language, no contract is ever finalized until it is approved by authorized staff. Contracts are easily routed to additional users for more extensive review. For example, covered entities may route certain types of contracts to HIPAA compliance officers to ensure that they include sufficient provisions for the protection of health information. To further protect healthcare organizations, managers are instantly alerted to any deviations from corporate standards. Emptoris Contract Management Provides Thorough Contract Documentation The Emptoris solution minimizes the risk of HIPAA infractions, but also prepares covered entities to meet the rigors of a HIPAA audit. Emptoris Contract Management automatically captures a complete record of each contract, including all edits and approvals made by internal and external parties, in an audit trail. By tracking the circumstances surrounding the approval of non-standard contracts, the Emptoris solution eliminates confusion down the road and facilitates faster and more efficient audits. In addition, Emptoris Contract Management, when integrated with a compliance system, delivers well-documented and enforceable controls that allow healthcare organizations to demonstrate that they are taking strong measures to ensure employee and business partner compliance with HIPAA. 7 Emptoris Contract Management Delivers Global Contract Visibility Emptoris Contract Management keeps contract terms at the fingertips of staff members within a centralized online repository to drive internal and external adherence to agreed-upon terms. New and existing contracts are stored in the system to provide organizations with complete contract visibility. Emptoris Contract Management powerful reporting capabilities and Executive Dashboard enable executive management to monitor regulatory compliance across the organization. In addition, flexible search tools allow HIPAA compliance officers to quickly identify contracts affected by HIPAA, and to rapidly revise them to reflect HIPAA updates. If necessary, covered entities can terminate agreements with partners which fail to improve their performance.

By integrating Emptoris solutions with their existing compliance and operational systems, covered entities are assured that: Standard HIPAA clauses are included wherever they are applicable Necessary approvals are obtained before any agreement is finalized Complete records of agreements, including who did what, when, and why, are documented in audit trails Contracts are readily accessible and can be easily updated to meet new HIPAA requirements Business partners are immediately warned if they are in violation of HIPAA, and associated contracts are terminated if the partner fails to correct the infraction Employees are instantly alerted to the occurrence of a business partner s HIPAA violation HIPAA compliance officers have instant access to all affected contracts in a central repository 8

Conclusion Achieving and maintaining compliance with HIPAA guidelines presents a major challenge to healthcare organizations, which must improve their management of business partner relationships to adhere to these guidelines. To ensure the HIPAA compliance of their employees and business partners, covered entities require systems and practices for managing the complete contract lifecycle. Emptoris Contract Management for Healthcare provides the enforceable contract standards, auditable contract documentation, and global contract visibility that are necessary for meeting HIPAA s contract-related requirements. When integrated with existing compliance and operational systems, Emptoris Contract Management delivers a comprehensive solution for managing HIPAA compliance. To learn more about how Emptoris can help you eliminate risk, create more profitable contracts, and meet your contractual obligations, visit www.emptoris.com or contact us at 1-781-993-9212. Learn more about how Emptoris Contract Management enables leading healthcare organizations to improve the profitability of their provider contracts. Request the Emptoris Contract Management for Healthcare: Provider Contracts white paper from your Emptoris sales representative. 9

About Emptoris Emptoris, an IBM company, is a world leader in strategic supply, category spend and contract management solutions that enable companies to maximize financial performance and optimize commercial risk. The company s suite of award-winning and industry-recognized sourcing, contract management, spend analysis, supplier lifecycle management, services procurement and telecom expense management solutions are successfully used by Global 2000 companies. For further information, visit www.emptoris.com. For more information about Emptoris, visit www.emptoris.com call 1 855 391 2561 (United States) +1 781 993 9212 (International) e-mail ibmemptorissales@us.ibm.com Emptoris, an IBM Company 200 Wheeler Road, Burlington, MA 01803 www.emptoris.com Copyright 1999-2012, Pat. www.emptoris.com/ip Emptoris, an IBM Company www.emptoris.com

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information