About 30 percent of physician practices are replacing their current EHR by 2021 because they want to customize their system to best meet their needs, according to a Black Book Research Report.

The landscape for the ambulatory practice is changing.

Outpatient practices need EHRs that have evolved to deliver the technology tools to support the increased expectations for value-based care.

Outpatient procedures are on the rise and there is an increased focus on providing more care in an ambulatory setting. In fact, by 2030, annual total hip and knee joint replacements are expected to grow from $1M to $4M and 45% of these procedures could be outpatient by 2025. Read more here.

One reason for this growth is because physicians and health systems have become more advanced around understanding the health risks associated with their patients. Meaning they are much more willing to direct lower-risk patients who require a surgery to an ambulatory surgery setting, when previously these would have been done in an inpatient hospital setting or even an outpatient surgery setting at a hospital.

While the ambulatory IT market was reported at $2.7 billion in 2016 and growing at a CAGR of 5.5% during the forecast period of 2017 to 2024, according to Data Bridge Market Research, budget constraints continue to be a top concern .

One area where costs can be cut is in the management of the legacy application portfolio.  By minimizing the volume of legacy EMR, ERP, GL, Accounting or HR/Payroll applications and infrastructures; maintenance contract costs can be saved, technical risk mitigated and labor burden reduced.

HealthData Archiver^®® is a long-term, HIPAA-Compliant ERP data storage solution for healthcare providers in both inpatient and outpatient care settings.  A solution particularly well-suited for organizations in merger and acquisition mode or replacing their current EHR, Health Data Archiver consolidates multiple data sources and domains.  This allows for ongoing access to the complete patient narrative no matter where in the health system a patient was seen.

At Harmony Healthcare IT, we agree that optimization should focus not just on technology but on change management with one key question to consider: “How does an information system impact patients and clinicians and support quality outcomes and patient care?”

Our clients are taking important steps forward to shore up their legacy clinical, ERP and revenue cycle systems with a reliable archive that ensures crucial data is available wherever, whenever and however it’s needed.  By this, we mean that legacy patient or employee data is  accessed from within the current EHR or ERP through Active Directory Single Sign-On (SSO), or, it is accessed in a variety of formats like JSON, CCD, CDA, HL7, CSV or others.  Once this data is available in a useful format, it can be accessed as required in population health, research or health information exchange environments.  The options for tapping into legacy data are endless, including, perhaps, on-demand ADT queries or other creative options that meet workflow demands at a particular facility.

Is your practice ready to optimize its IT budget by addressing legacy applications?

We can help.

Editor’s Note: This blog includes some content that originally was posted on April 7, 2017.

Mental health issues too often are the big news of the day. Behind the headlines, there are a lot of people suffering with mental health conditions. In fact, about 1 in 5 adults ages 18 or older (18.1 percent, or 43.6 million adults) had any mental illness (AMI) in the past year, and 4.1 percent (9.8 million adults) had serious mental illness (SMI), according to the 2014 report prepared for the U.S. Dept. of Health and Human Services. Interestingly, the percentages have remained stable from prior studies that started in 2008.

While we are bombarded with examples of mental and behavioral-related breakdowns, there are initiatives and opportunities to improve the focus on holistic health which will improve health outcomes.

It’s interesting that in Alaska, the Southcentral Foundation (SCF), an Alaska Native nonprofit health system, just won its second Malcolm Baldrige National Quality Award for its “unique health care delivery system”.

SCF provides a wide range of programs to address the physical, mental, emotional, and spiritual wellness for about 65,000 Alaska Native and American Indian people. SCF’s needs assessment revealed a population dealing with high rates of child abuse and neglect, intimate partner violence, and social isolation. SCF redesigned its care delivery around these needs, integrating specialty services into primary care and reducing the number of standalone specialty services. This reimagination of resources enables SCF to deliver high-quality care at a low cost and to make huge inroads with the health wellness of the population.

As a nation, there is plenty of room to improve the integration of mental and behavioral health into care delivery. A recent NEJM Catalyst Insights Council survey reports that 51% of Council members — a qualified group of U.S. executives, clinical leaders, and clinicians who are directly involved in health care delivery — consider their organizations’ mental and behavioral health services not very adequate or not at all adequate to meet the needs of their patient population.

How EHRs Contribute to Holistic Health Initiatives

One important component of a more thorough healthcare experience in the United States is the move toward the comprehensive health record (CHR), a term coined by Epic an industry leading EHR. While there are numerous HIPAA guidelines that must be followed regarding sharing mental health information, the bottom line is that complete care is extremely difficult to provide without access to a complete patient record.

For more info on the HIPAA guidelines for mental health records, click here.

The Federal government also is focusing on curbing the nation’s opioid crisis. President Trump’s proposed FY19 budget for the U.S. Department of Health and Human Services stresses the need for the agency to make the opioid crisis a top priority. While HHS’ budget would be slashed by 21 percent, Trump would give the agency $10 billion in new discretionary funding for both the opioid epidemic and mental illness.

This effort supports the expanded tracking and sharing of information about the full prescribing history of patients across state lines to help curb system abuse. It’s encouraging to see how data management and information sharing can lead the way toward helping to stop opioid abuse.

Legacy Data Management Key to Complete Patient Record

It makes sense that to expect better healthcare outcomes, there needs to be a focus on improving access to the complete patient narrative. Our HealthData Archiver^®, is a solid, secure solution that seamlessly integrates legacy records into a searchable and simple to use format. Our solution is system neutral and can integrate records from most every other type of system.

Does your organization have a legacy data management strategy to consolidate the numerous disparate systems that are hanging around in various states of use? Have you thought about what comes next in your data management strategy?

Increase efficiency, contribute toward access to the complete patient record and alleviate your own headaches about outdated, vulnerable legacy systems.

Call us. We’re ready to help you.

The Epic display at the HIMSS18 conference in Las Vegas illustrated that 115 health organizations have or are in the process of switching from other EHRs to Epic (which equates to up to 115 displaced, soon-to-be legacy systems).  And, why wouldn’t providers be moving to Epic and other market leaders?  In a recent HealthcareDive article about the evolving product features of today’s EHRs, it states: Legacy EHR vendors, staring down increased demand for interoperability, are remixing their products to keep with the times and customer needs.

What does this mean for legacy data?

Access to the complete patient narrative, including historical records stored outside of Epic and other leading EHRs, is of paramount concern for most provider organizations as they migrate to newer technology.  Federal, state and facility record retention regulations make it critical for healthcare delivery organizations to seek a secure storage solution for historical records, especially once they’re ready to shed the risk, labor and cost associated with keeping displaced EHR applications up and running.  Post EHR migration, the legacy patient data needs to seamlessly interact with the go-forward system to provide access to a comprehensive clinical narrative for a patient.

Create a Health Data Life Cycle Management Strategy

In most cases, it is cost prohibitive to migrate all the records from a legacy EHR into a new go-forward EHR. The benefits of creating a strong legacy data management strategy include: cost reduction, risk mitigation, compliance with both security standards and record retention mandates, simplified access to data and an opportunity to merge decade’s worth of data from disparate software applications into a secure long-term storage and retrieval center.

Harmony Healthcare IT‘s HealthData Archiver^® is a leading solution for healthcare organizations that are faced with system replacement, acquisition or migration. Is your team ready to create a legacy data management strategy?

Our team of data experts at Harmony Healthcare IT developed a process that has helped hundreds of ambulatory and acute care organizations evaluate their legacy clinical, financial, human resources and ERP system portfolio to create a Health Data Life Cycle Management Strategy that works. The process guides providers through a system inventory, financial forecast and system prioritization for decommissioning legacy systems enterprise-wide. It provides details to outline a five point strategy that is customized for each organization and rounded out with a commitment for collaborative execution. Perhaps the best part of the strategy is that it identifies significant areas to mitigate risks and provide cost savings.

Regardless of where your organization stands in terms of keeping your current EHR, or replacing some or all of your systems, it is important to include a strategy for the complete life cycle of the data in your care — from creation to archival to destruction — all according to your record retention policy.

We’re here. We’re ready.  Contact a consultant from Harmony Healthcare IT.

A major goal in healthcare today is to prevent all incidents of harm to patients. To promote patient safety and quality care, many healthcare systems are adopting the principles of High Reliability Organizations (HRO). Incidents of harm are costly and threaten the delivery of quality care. Legacy Data Stewardship¹ can play a vital role in the quest for patient safety.

What is an HRO?

An HRO is an organization where safety and reliability matters.  Examples of HROs are air traffic control, nuclear power, aerospace and theme parks. Safety-driven policies and processes lead the organization and are the focus of continual improvement.

The five general traits of an HRO adapted for healthcare are as follows²:

1. Sensitivity to operations. Have constant awareness of the systems and processes that affect patient care. This awareness is key to noting risks and preventing them.
2. Reluctance to simplify. Avoid assuming simple explanations of failure to identify reasons patients are at risk.
3. Preoccupation with failure. Identify near-misses as areas where the systems and processes should be improved to reduce potential harm to patients.
4. Deference to expertise. Listen and respond to the insights of people who know how processes really work and the risks patients face.  Create a culture in which high reliability is possible.
5. Resilience. Be prepared to know how to respond when system failures occur.

For a more thorough look at HROs and how to implement these principles in your healthcare organization, check out this article.

Applying HRO principles to legacy data   

Using a best-practice HRO tool from the military called SBAR (Situation, Background, Assessment and Recommendations), let us examine how your electronic health record storage, specifically the storage of legacy data, promotes patient safety and quality care.

“How reliable is your historical patient record management for achieving patient safety and delivering quality care?”

Situation

Converting and migrating historical data from a legacy system to a go-forward system can be costly.  To minimize cost and complexity, comprehensive historical patient narratives are often left behind in legacy systems in read-only mode.  These legacy systems are at risk: running on outdated servers and platforms, oftentimes unpatched and non-compliant with security protocols.

Background

Healthcare record retention laws and guidelines seek to:

1. Preserve the full patient narrative and improve patient outcomes with better-informed clinical decision-making.
2. Streamline the legal and compliance eDiscovery process.
3. Simplify the release of information workflow for health information management professionals.
4. Give healthcare providers a full patient story to offer the best care and reduce the risk to patient safety.

Patients often assume their doctor has access to their complete history.  Without the important historical information to provide a more complete medical record, safety and quality are at risk of being compromised. Cost and rapidly-changing technology can create a barrier to accessing the patient record—the opposite of the initial endeavor to provide high quality care through an EHR.

Finally, with an increase in cyber-attacks, there is a security risk that the patient’s record could be breached leading to costly HIPAA violations resulting in heavy fines and putting a patient’s identity at risk.

Assessment

Key points for reliable patient data

• The patient is at risk when clinical historical information is omitted in the go-forward EHR.
• Patient safety is at risk when there is a loss of access to vital and valuable historical information to provide reliable and timely care.
• Allowing historical data to remain in disparate legacy systems can further compromise safety and corrupt the integrity of useful patient data.

Recommendations

• Be a good steward of technology by applying High Reliability Principles to develop a strategy for legacy data.
• Preserve legacy data to meet record retention requirements.
• Establish a diverse data governance team to provide easy access to a comprehensive patient record that prevents vital information from being missed.
• Enhance patient safety and reduce medical errors by allowing clinicians easy access to the full patient narrative.
• Consolidate and secure legacy data that is maintained on outdated servers and at risk for breach.
• Lower medical errors by providing comprehensive access to the patient’s complete historical record.
• Lower the risk of losing the legacy data by preserving records using a long-term solution such as the HealthData Archiver^®.
• Ensure patient records and other employee, administrative or operational data is preserved and accessible within a system-neutral archive that is easy to operate and provides data where and when it is needed via single sign-on from go-forward systems and other interoperable solutions.

Safety as a Science

When we think about safety as a science² and the quality of patient centered care, applying HRO principles to healthcare technology can enhance patient centered care by arming frontline providers with necessary information and tools for providing care.  A comprehensive approach to patient safety must include access to historical information that is essential to delivering safe and effective care.  Healthcare organizations aiming for a comprehensive understanding of their patient population should include a data stewardship plan for their legacy data.  Legacy Data Stewardship is essential for safe and effective care that leads to highly reliable care.

Is your legacy data stewardship plan up to the task?

Safety as a science is the future of healthcare.  Have you begun to address your legacy system inventory to consolidate and secure disparate data stores, making them accessible to users when, where and how it’s needed to ensure high reliability?

Harmony Healthcare IT, the makers of HealthData Archiver^® can help.

 Sources

¹ “Technology stewards are people with enough experience of the workings of the community to understand its technology needs, and enough experience with technology to take leadership in addressing those needs.  Stewardship typically includes selecting and configuring technology, as well as supporting its use in the practice of the community.”  DIGITAL HABITATS: Stewarding Technology for Communities.  Wenger, White and Smith, 2007

² https://archive.ahrq.gov/professionals/quality-patient-safety/quality-resources/tools/hroadvice/hroadviceape.pdf

³ Agency for Healthcare Research and Quality, Advancing Excellence Health Care 

Guest Blog submitted by Jeff Liddell

Jeff is a High Reliability Organization coach and a Licensed Clinical Social Worker who has worked in emergency psychiatric services for the past 21 years.  He received his MSW from Portland State University and his Master of Divinity from The University of Notre Dame.  His Master of Divinity Thesis titled, “Healthcare of the Poor” has kept him attuned to ethical issues in the healthcare arena.  He has been consulting for Harmony Healthcare IT and continues to provide psychiatric services.

South Bend, IN – March 5, 2018 – As healthcare tops the list as the most cyberattacked industry in the United States for 2017, vulnerabilities from aging systems is the number one concern for IT executives according to a recent survey by Grant Thornton and The Professional Services Council. Of the many initiatives CIO’s and IT executives are considering to shore up their cybersecurity defense, creating a legacy data management plan should be at the top of the list says Harmony Healthcare IT (HHIT), makers of HealthData Archiver^®.

HHIT will share guidance to help healthcare providers guard their legacy data during a presentation: “Healthcare Cybersecurity Strategy: Make a Big, yet Easy Defensive Move – Create a Legacy Data Management Plan” at 4:30 pm on Tuesday, March 6, 2018, at the Cybersecurity Command Center at the HIMSS18 event at the Sands Convention Center in Las Vegas. To download the white paper, visit: https://www.harmonyhit.com/resources/security/.

“Archiving may not be the first thing on your health system’s cybersecurity task list, but it should be,” said Rick Adams, Vice President of IT and Chief Security Officer at Harmony Healthcare IT. “Think of it as closing and locking as many doors and windows to your organization’s valuable electronic health information. A health system’s best defense is to limit the number of systems it needs to protect.”

Adams also notes that considering the cost benefits of consolidating legacy systems and the added security of having less systems at risk, it makes sense to archive as much legacy data as possible into a single, secure archive.

The HIMSS18 Annual Conference and Exposition is March 5-9, 2018 at the Sands Convention Center in Las Vegas. The HHIT team will be at booth #1454 and also in the Cybersecurity Command Center.

About Harmony Healthcare IT
Since 2006, health IT analysts at Harmony Healthcare IT have extracted demographic, financial, clinical and administrative data for hundreds of healthcare provider organizations – both ambulatory and acute. Headquartered in South Bend, Indiana, the company’s mission is to preserve vital information that will improve lives. Harmony Healthcare IT employs experts in data extraction, migration, retention, integration and analytics to provide its clients with trusted solutions. Working with hundreds of applications, billions of records and petabytes of data; Harmony Healthcare IT with its product, HealthData Archiver^®, provides clients with access to historical records. Simply. For more information about the company, visit: www.harmonyhit.com .

Still a newcomer to the title of most cyberattacked industry in North America, healthcare has its work cut out for it. Health IT teams must protect data from external hackers. However, just like a creepy image from a horror movie, sometimes the threat is coming from right within the organization.

Internal threats to ePHI include:

• Snooping – One internal threat that plagues IT teams is employees snooping in patient records where they shouldn’t be looking. Types of snooping often include looking up a celebrity patient record after a case makes the news or viewing the record of a family member or friend. It’s an unfortunate way some employees are losing their jobs as it’s a violation of HIPAA’s federal laws against viewing patient records without authorized access. Read more here.

• Employee negligence – Beyond snooping, unintended data disclosure, such as emails containing PHI sent to the wrong recipient or servers left publicly accessible, accounted for 41 percent of reported health data breaches for the first nine months in 2017, according to research from Beazley.

• Flat out stealing – According to Verizon’s 2015 Data Breach Investigations Report, roughly 20 percent of all breaches are considered insider misuse events, where employees could be stealing and/or profiting from company-owned or protected information. This study isn’t just measuring healthcare breaches, which shows that the problem is widespread across many verticals.

Most organizations have an audit log built into their production electronic health record (EHR). This is an important level of IT security as it is critical to perform regular reviews of audit logs to:

• Detect unauthorized access to patient information
• Establish a culture of responsibility and accountability
• Reduce the risk associated with inappropriate accesses (Note: Behavior may be altered when individuals know they are being monitored)
• Provide forensic evidence during investigations of suspected and known security incidents and breaches to patient privacy, especially if sanctions against a workforce member, business associate, or other contracted agent will be applied
• Track disclosures of PHI
• Respond to patient privacy concerns regarding unauthorized access by family members, friends, or others
• Evaluate the overall effectiveness of the organization’s policy and user education regarding appropriate access and use of patient information (Note: This includes comparing actual workforce activity to expected activity and discovering where additional training or education may be necessary to reduce errors)
• Detect new threats and intrusion attempts
• Identify potential problems
• Address compliance with regulatory and accreditation requirements

Source: http://library.ahima.org/doc?oid=300276#.WpSmP-dG3IV

FairWarning protects ePHI – including legacy records
Privacy and security teams can spend days manually poring over audit logs to spot insider threats and and provide evidence for the misuse of access to ePHI.

Organizations struggle to keep up with securing access to ePHI and responding to inquiries for access to ePHI due to industry challenges such as mergers and acquisitions, large volumes of data, complex workflows, and heavy regulatory burden.

With FairWarning, those days are gone.

Auditing more than 375 business applications, FairWarning solutions provide a comprehensive platform and managed services for performing forensic investigations of applications, enforcing access policies, conducting legal investigations, and improving compliance effectiveness.

Your audit log is just the beginning. FairWarning’s programs and services constantly are on the lookout for suspicious activity based on specific logic designed for your organization’s set of rules.

FairWarning helps its customers through OCR audits, forensic investigations, and eDiscovery and lawsuits, proactive detection of misuse – all while giving them time back in their day.

“Our customers are under pressure to do more with less with their privacy, security, and compliance investments,” said Hobie Long, Marketing and Media Manager at FairWarning. “FairWarning’s Patient Privacy Intelligence platform offers a path forward for organizations to focus their time on securing patient data more efficiently, and most importantly improving the quality of patient care.”

Legacy Records now are Protected
Recently, Harmony Healthcare IT became the first discrete data archiving company certified by FairWarning to implement its audit platform for monitoring the long-term security of historical patient and employee record storage.

Together, FairWarning and Harmony Healthcare IT ensure that electronic Protected Health Information (ePHI) within Harmony Healthcare IT’s HealthData Archiver^® (HDA) product is monitored and protected for unusual activity and compliance through FairWarning’s Patient Privacy Monitoring Platform. This means healthcare providers can have the same peace of mind for their go-forward EHR and legacy archived data since the complete patient record is blanketed by the added security of the robust FairWarning.

Do you have concerns about protecting your organization’s ePHI? Are you ready to shore up your legacy records into a secure archive with an added level of protection?

Connect with us online. Or, visit us at HIMSS18, March 5-9 at the Sands Convention Center in Las Vegas. Harmony Healthcare IT will be at booth #1454 and at kiosk #8600-66 in the Cybersecurity Command Center. FairWarning will be at kiosk #8600-75 in the Cybersecurity Command Center. Both companies will be presenting a theater presentation.

Mergers and Acquisitions (M&A) in Healthcare

Last year, M&A in healthcare hit a ten-year high with 115 transactions, including 11 deals that involved sellers with revenues of more than $1 billion.  As reported in Fierce Healthcare, quoting a Kaufman Hall report, that is an increase of 13% over 2016.  The article states that “the rush to expand comes as other groups, like CVS and Optum, make a stronger push into the providers space.”  In 2018, we see a continuation of merger activity.

In a recent announcement, Amazon, Berkshire Hathaway and JPMorgan Chase said they are forming an independent healthcare company for their combined one million employees. They say the plan isn’t to replace existing hospitals or healthcare centers, but to use technology to simplify patient care. It’s not exactly clear yet what this means. These three companies are known for implementing transformative technology in their own businesses, so it is intriguing to consider how they might create something new, or improved, that may someday enter the broader healthcare IT landscape.

There already are some signs of new players and disruptors in healthcare as Amazon is registered as a pharmacy in 12 states and Apple recently purchased two medical clinics.

Consolidation of the EHR Vendor Playing Field

In a Healthcare Informatics article from last March, Mandy Long, chair of the Healthcare Information and Management Systems Society (HIMSS) EHR Association Clinician Experience Workgroup and vice president of product management at the Boca Raton, Fla.-based vendor Modernizing Medicine predicted that “In the next three to five years, you will be talking about 20 or less [major EHR players].”  Long supports that prediction by noting the challenging nature of technology requirements EHR vendors are facing to compete with each other, and to make their user base successful, with Meaningful Use, interoperability and MACRA (the Medicare Access and CHIP Reauthorization Act of 2015).

Rising Volume of Disparate, Legacy EHR Systems in Health Systems Nationwide

As hospital systems continue to merge and EHR vendors exit the market, the number of disparate, legacy EHR systems will continue to grow. Most hospital CIOs are creating a legacy data management strategy as a critical reaction to this market consolidation.

The benefits of creating a strong legacy data management strategy include: cost reduction, risk mitigation, compliance with both security standards and record retention mandates, simplified access to data and an opportunity to merge decade’s worth of data from disparate software applications into a secure long-term storage and retrieval center.

Does your IT leadership have a plan to consolidate legacy data silos to ensure secure record retention for the next 7, 10 or even 25+ years?  Once consolidated, will the data be readily accessible and enabled for interoperability?  Requests for historical patient records are fielded routinely from patients, payers, employers and lawyers.  Keeping the data siloed in outdated applications not only makes your healthcare organization vulnerable from a security standpoint; it also makes it far more difficult and costly to maintain, access and share information.

We get data.  We understand your needs.  We can help.  Connect with Harmony Healthcare IT, the makers of HealthData Archiver^®.

As healthcare ended 2017 as the most breached industry in North America, it is fitting that on Jan. 5, 2018, the Office of the National Coordinator (ONC) issued its draft Trusted Exchange Framework and Common Agreement aimed at improving the secure, interoperable exchange of health data nationwide.   According to HealthIT.gov, the Agreement is designed to bridge the gap between providers’ and patients’ information systems and enable interoperability across disparate health information networks (HINs).

With goals to provide a common set of principles as well as minimum terms and conditions for trusted exchange, the draft framework’s tougher security proposals include more detailed authentication and identity proofing specifications as well as quicker breach notification than mandated under HIPAA.  In terms of increased security, experts report that technology or requirements to implement technology or practice sets alone will not solve the problem of unauthorized access, use or disclosure of electronic protected health information (ePHI).  With much work to do, the ONC is accepting feedback on the draft of the program through Feb. 20, 2018.  Plans are for the final program to be published later in the year. As of now, participation is voluntary.

Is your legacy data primed and ready for secure, interoperability on the Trusted Exchange Framework?

What is the size of your hospital or health system?  Does its inventory of out-of-production systems on your network top out at 2? 10? 40? or 140?  While volumes of legacy systems across healthcare provider organizations vary, a single problem remains the same:  they contain disparate stores of patient data that make availability, security and interoperability challenging.

Does your IT leadership have a plan to consolidate legacy data silos to ensure secure, long-term record retention for the next 7, 10 or even 25+ years?  Once consolidated, will the data be readily accessible and enabled for interoperability?  Requests for historical patient records are fielded routinely from patients, payers, employers and lawyers.  Keeping the data silo’d in outdated applications not only makes your healthcare organization vulnerable from a security standpoint; it also makes it far more difficult and costly to maintain, access and share ePHI.

Entrust Us to Ready Your Legacy Data for the Trusted Exchange Framework

As EHR companies join and exit the healthcare ecosystem and as the volume of hospital and ambulatory mergers and acquisitions continues to increase, a natural byproduct is EMR system replacement.  As a myriad of data archiving vendors — claiming to have healthcare data expertise — clamor to the market with promising messages and varying degrees of proficiency and experience, you need one with a proven track record.

Our team at Harmony Healthcare IT offers decades of experience dealing with health data.  We came to the market early and have stayed ahead of the technology curve to ensure that our data extraction, migration and retention solutions meet current and long-term needs for providers. With our product, Health Data Archiver, we are laser-focused on our mission of preserving vital information that improves lives. Our growth has been steady and based largely on client referrals.  Heads down, we get work done and deliver results, guided by a simple yet meaningful set of core values.

Could your organization benefit from guidance to set a legacy data management strategy in motion that includes interoperability?  Are you prepared to comply with record retention regulations, data security protocols and impending expectations from the Trusted Exchange Framework?

We get data.  We understand your needs.  We can help.  Connect with us.

Tom Liddell, Harmony Healthcare IT’s CEO and the acting President of the Indiana Rural Health Association Board, recently hosted an intimate discussion with Indiana Lieutenant Governor Suzanne Crouch to discuss rural health. The audience was filled with rural health professionals and community members from across the State.

Throughout the 30-minute session, Liddell and Crouch cover a wide range of topics ranging from the uncertain but optimistic future of HIP 2.0 to ongoing efforts to combat tobacco use and the opioid epidemic. Crouch reinforced serious goals for Indiana including reducing infant mortality rates, becoming “Best in the Midwest by 2024” and focusing on workforce development for rural communities in 2018.

Ultimately, there was a great emphasis on improving the quality of life for rural Hoosiers and investing in the youth of Indiana through a variety of programs and initiatives. Harmony Healthcare IT is proud to do business in Indiana and to play a part in improving the health and vitality of its rural communities.

Click here to watch the full 30-minute discussion.

There are an increasing number of lawsuits and legal issues impacting the health information technology marketplace.  Here are highlights on just a few related to the storage of and/or access to patient data:

Limiting the Charge-able Amount for Copying/Transferring Medical Records

Ciox Health, a healthcare technology company that assists providers with medical records requests, filed a lawsuit against the Department of Health and Human Services (HHS) to prevent the agency from enforcing portions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) that limit the amount providers can charge for copying and transmitting electronic patient records. This lawsuit is focused peripherally on the EHR Access Rule, 42 C.F.R. § 164.524.

There are many nuances to this suit, but the bottom line is that Ciox Health claims there are unfair regulations on the amount allowed to charge when copying and transferring electronic protected health information (ePHI) to third-party commercial businesses like law firms or life insurance companies. The HHS guidance from 2016 requires a limit on the charges to a “reasonable cost-based fee.” HHS outlined three ways covered entities could charge a fee: actual labor costs, average labor costs, or a flat fee of $6.50.  Cioux Health says the fee schedule isn’t based at all on actual costs of the work involved.

Source: https://www.fiercehealthcare.com/regulatory/ciox-health-hhs-eric-hargan-hipaa-medical-records-request-ocr-lawsuit

More False Claim Lawsuits Against EHR Vendors?

In other legal news, the HHS Office of the Inspector General (OIG) also has scheduled a new audit of Medicare EHR incentive payments after identifying $729 million in inappropriate payments made through the program over the last 6 years. The focus is to investigate EHR vendors that are skirting meaningful use requirements to obtain Medicare incentive payments. OIG senior counsel said the agency will “vigilantly” investigate EHR vendors that compromise patient safety or trigger false claims through the EHR incentive program.

This audit comes on the heels of news that software company eClinicalWorks paid $155 million to resolve allegations from the Justice Department that it falsely certified its EHR software.

Source:  https://www.fiercehealthcare.com/ehr/whistleblower-attorney-expects-more-false-claims-lawsuits-against-ehr-vendors

The GDPR Goes into Effect in Europe on 05/25/18

Meanwhile in Europe, the General Data Protection Regulation (GDPR) is planned to go into effect on May 25, 2018. GDPR replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens’ data privacy and to reshape the way organizations across the region approach data privacy. The new program can impose fines up to four percent of global annual profits, or $23.5 million, whichever is greater, to all organizations that collect, store and transmit the following types of data: name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address.

The GDPR stretches globally as it applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location. This new program is interesting as it applies to all industries, while to date data privacy laws within the United States are sector specific.

Source: 

There are undoubtedly many legal issues to consider and monitor in the data management space.  At Harmony Healthcare IT, we keep up to date on these issues. We’re in the business of helping healthcare providers shore up disparate data sources and put a strong legacy data management strategy into place.  We often see healthcare providers with 30-40+ outdated legacy systems that are cumbersome at best, and at worst, are sitting ducks for legal or technical problems, including cyberattack.

Is your organization doing everything necessary to safeguard ePHI, HR and ERP data? Are you plagued by a multitude of legacy data applications in various states of use and usefulness?

We can help.

Click here to download our legal focus white paper. It covers specific information about:

• Mitigating Legal Risks – Being prepared for litigation and audit eDiscovery.
• Retaining Data and Replacing Systems – What to save and the issues that may arise.
• Governing Data with Technology – Creating a plan with a cross-functional team and technology.

Better yet, reach out to our team to start a conversation about your organization’s specific needs.

As we are seeing time and time again — it is better to be proactive than reactive.