Health Information Exchange 101. Your Introduction to HIE and It s Relevance to Senior Living

Similar documents
Chapter 9 Legal Aspects of Health Information Management

Memorial Hermann Information Exchange. MHiE POLICIES & PROCEDURES MANUAL

CIO Legislative Brief

Comparison of Health IT Provisions in H.R. 6 (21 st Century Cures Act) and S (Improving Health Information Technology Act)

1. What are the requirements for Stage 1 of the HITECH Act for CPOE to qualify for incentive payments?

Information Privacy and Security

Meaningful Use Update: Stage 3 and Beyond. Carla McCorkle, Midas+ Solutions CQM Product Lead

HITECH Act. Overview and Estimated Timeline

1. When will physicians who are not "meaningful" EHR users start to see a reduction in payments?

The HIPAA privacy rule and long-term care : a quick guide for researchers

HIPAA Education Program

Payment: We are permitted to use and disclose your health information to receive payment for our services. For example, we may:

Study Management PP STANDARD OPERATING PROCEDURE FOR Safeguarding Protected Health Information

Chapter 19 Section 3. Privacy And Security Of Protected Health Information (PHI)

National Health Information Privacy and Security Week. Understanding the HIPAA Privacy and Security Rule

Understanding the Privacy and Security Regulations

HIT Glossary and Acronym List

The results will also be used for public reporting for MN Community Measurement on mnhealthscores.org.

REVIEWED BY Leadership & Privacy Officer Medical Staff Board of Trust. Signed Administrative Approval On File

Meaningful Use Stages 1 & 2

Patient Privacy Requirements Beyond HIPAA

Office of the Chief Privacy Officer. Privacy & Security in an App Enabled World HIMSS, Tuesday March 1, 2016, Las Vegas, NV

Health Information Exchange and Telehealth: Opportunities for Integration!

Data Sharing Consent/Privacy Practice Summary

Consumer View of Personal Information Risks

Abstract. Are eligible providers participating? AdvancedMD EHR features streamline meaningful use processes: Complete & accurate information

2018 American Medical Association. All rights reserved.

A Practical Guide to Understanding Health Information Exchange,

Report of the Information & Privacy Commissioner/Ontario. Review of the Cardiac Care Network of Ontario (CCN):

HIE Implications in Meaningful Use Stage 1 Requirements

Peek-A-Boo: EHR Access and Compliance

THE ECONOMICS OF MEDICAL PRACTICE UNDER HIPAA/HITECH

Protecting Patient Privacy It s Everyone s Responsibility

Health Information Exchange. Anne Dobbins, RN Operations Director Minnesota Health Information Exchange (MN HIE)

Pharmacy Health Information Exchange The promise. The reality. The future.

HIE Implications in Meaningful Use Stage 1 Requirements

HIPAA & HEALTH INFORMATION EXCHANGE

The future of patient care. 6 ways workflow automation will transform the healthcare experience

U.S. Healthcare Problem

2514 Stenson Dr Cedar Park TX Fax

Breaking HIE Barriers

Meaningful Use Overview for Program Year 2017 Massachusetts Medicaid EHR Incentive Program

NOTICE OF PRIVACY PRACTICES

Security Risk Analysis and 365 Days of Meaningful Use. Rodney Gauna & Val Tuerk, Object Health

FCSRMC 2017 HIPAA PRESENTATION

WV MEDICAID PROVIDER WORKSHOPS & TRAINING SESSIONS. Amber Nary Business Development Manager

Merit-Based Incentive Payment System (MIPS) Promoting Interoperability Performance Category Measure 2018 Performance Period

Notice of Privacy Practices

HIE and Meaningful Use Stage 2 Matrix

Iatric Systems Supports the Achievement of Meaningful Use

Jason C. Goldwater, MA, MPA Senior Director

Nonprofit partnership. A grass roots organization where Board of Directors have vested interest in its success.

Staff Training. Understanding Healthix Patient Consent

Medicaid EHR Incentive Program Health Information Exchange Objective Stage 3 Updated: February 2017

Health Information Exchange in Minnesota

The Massachusetts ehealth Institute

EMPOWERING THE NEW HEATHCARE ERA

2018 Employee HIPAA Orientation (EHO) Handbook

Meaningful Use Stage 2

Maryland s Health Information Exchange 6 th National Medicaid Congress

Updated FY15 Dignity Health General Compliance Education for Staff Module 2

ONC Policy Overview. Session 66, February 21, Elise Sweeney Anthony, Director of Policy, ONC

Status Check On Health IT

HIE Success - Physician Education Series

Merit-Based Incentive Payment System (MIPS) Promoting Interoperability Performance Category Transition Measure 2018 Performance Period

Evidence-Based Practices to Optimize Prescriber Use of PDMPs

ESRD Network 14. Supporting Quality Care

Meaningful Use Achieving Core Objective #14 Montana HIMMS 2012 Spring Convention

HIPAA. Health Insurance Portability and Accountability Act. Presented by the UMMC Office of Integrity and Compliance

HIE Data: Value Proposition for Payers and Providers

A general review of HIPAA standards and privacy practices 2016

Streamlining Medical Image Sharing For Continuity of Care

Meaningful Use Stage 1 and 2 Your Survival Guide!

YOUR HEALTH INFORMATION EXCHANGE

Electronic Health Records and Meaningful Use

HIPAA Policies and Procedures Manual

How to Participate Today 4/28/2015. HealthFusion.com 2015 HealthFusion, Inc. 1. Meaningful Use Stage 3: What the Future Holds

Meaningful Use Stage 2

Roll Out of the HIT Meaningful Use Standards and Certification Criteria

Sharing health information electronically eliminates the need for faxing, copying and handcarrying your health record from provider to provider.

Proposed Meaningful Use Content and Comment Period. What the American Recovery and Reinvestment Act Means to Medical Practices

HIPAA PRIVACY TRAINING

Proposed Regulations NEW YORK STATE DEPARTMENT OF HEALTH Return to Public Health Forum

HIPAA Privacy Training for Non-Clinical Workforce

Challenges for National Large Laboratories to Ensure Implementation of ELR Meaningful Use

Medicare Compliance and HIPAA Updates With Mario Fucinari DC, CCSP, CPCO, MCS-P, MCS-I Sponsored by NCMIC

Meaningful Use Hello Health v7 Guide for Eligible Professionals. Stage 2

WHITE PAPER. Taking Meaningful Use to the Next Level: What You Need to Know about the MACRA Advancing Care Information Component

EHR for the PCMH A Doctor s Perspective. Medical Home Summit

HITECH* Update Meaningful Use Regulations Eligible Professionals

CLINICIAN S GUIDE TO HIPAA PRIVACY

AGENDA. 10:45 a.m. CT Attendees Sign On 11:00 a.m. CT Webinar 11:50 a.m. CT Questions and Answers

Missouri Health Connection. One Connection For A Healthier Missouri

Privacy Rio Grande Valley HIE Policy: P1. Last date Revised/Updated 02/18/2016

OSHA & HIPAA Seminar. Northern Texas Facial & Oral Surgery

Section: Medical Staff Office Page: 1 of 2

Telemedicine Privacy and Security: Safeguarding Protected Health Information and Minimizing Risks of Disclosure

Privacy and Security Orientation for Visiting Observers. DUHS Compliance Office

Qualifying for Medicare Incentive Payments with Crystal Practice Management. Version 1.0

Go! Knowledge Activity: Meaningful Use and the Hospital EHR

Transcription:

Health Information Exchange 101 Your Introduction to HIE and It s Relevance to Senior Living

Objectives for Today Provide an introduction to Health Information Exchange Define a Health Information Exchange (HIE) and its basic components Understand concepts of exchanging Electronic Protected Health Information (EPHI) 2

Why the Move to EHR and HIE? The Affordable Care Act requires providers of health care to be able to share health information about patients with each other to achieve goals related to cost savings, enhanced care, and enhanced patient satisfaction with their care experience Adopting an EHR and HIE benefits the provider in operational efficiencies and enhanced resident care Enables Health Care Teams To BETTER Work Together 3

Effect of Affordable Care Act Has created penalties and incentives for health systems to better manage health care expenses Consequently, health systems (like hospitals and hospital networks) are interested in accessing data within integrated health system serving its patients As a provider of clinical care and services to residents, YOU have what health systems need to achieve their cost savings goals 4

Effect of Affordable Care Act How do health systems spend less on patient care to achieve cost saving goals and avoid penalties from Medicare and Medicaid? They work to keep patients OUT of the hospital They work to prevent patients from same diagnosis readmission to the hospital They better manage patient information across all providers caring for their patients to make better care decisions = better care management through sharing of patient data (HIE) 5

You Have What They Need Health systems want data about patients As a clinical provider of care to residents you have important data (EHR) about the well-being of the patients the health system is trying to better manage As a matter of doing business within the emerging greater health system, you must have the capacity to become an HIE partner 6

Let s take a look at the foundational elements of HIE THE BASICS OF HIE 7

What is an Electronic Health Record? An Electronic Health Record (EHR) is a digital version of an individual s paper health care chart. EHRs are real-time, patientcentered records that make information available instantly and securely to authorized users across one or many systems. The EHR is different than the Electronic Medical Record (EMR) the EMR is also a digital version of the paper chart, but the EMR is used and accessed within one practice or across one internal system. 8

EHR Electronic Health Record The EHR is a real-time patient health record. The EHR can automate and streamline a clinician s workflow, ensuring that all clinical information is communicated because it is updated and maintained in real time. It exists within a system and is linked to HIE. The EHR can also support the collection of data for uses other than clinical care, such as billing, quality management, outcome reporting, and public health disease management and reporting. 9

EMR versus EHR The EMR, as an electronic version of a resident s health record is useful however, it is limited in how its contents may be shared with others limited to an internal system using the same EMR The EHR, as an electronic version of a resident s health record has different technology designed within it to allow its content to be shared with others internally and OUTSIDE of its home system MD Office Data Vendor Partner Data EHR Hospital Care Data 10

What is Health Information Exchange? Health information exchange (HIE) occurs when two or more organizations electronically exchange health-related data HIE hubs move health care information electronically across health care organizations within a region, community, or system HIE systems increase participation of multiple providers in a patient s continuity of care 11

What is Health Information Exchange? HIE is a verb the electronic sharing of health-related information among care organizations/entities HIE is a noun an organization that provides services to enable the electronic sharing of health-related information 12

How HIE Will Help to Care for Seniors Works like the Internet obtaining end user information in real time. Record Locator Service Each resident has unique personal identifying data about them (dob, SS#, etc.), allowing health care professionals to quickly and easily find health history. Powerful Search Health care professionals can search an entire resident s documented health history for specific information. Document Retrieval Needed documents may be downloaded efficiently to treat residents. Document Upload Documents may be uploaded and shared between health care providers. No faxing, paper, lost records or disparate health care provider charting 13

How Does HIE Work? Linking together all who care for the resident and their vendor partners 14

Preparation for Exchange = Technical Infrastructure EHR capability for sending, receiving and querying information. IT resources to support EHR/HIE use and goals. Workflow Understanding clinical and non clinical workflow efficiencies and improvement through HIE. Organizational Support A culture that prioritizes effective continuity of care, coordination of care and comprehensiveness of care utilizing applied technology that informs the HER. Training and Support Provider training and support. End user Champions, supportive management and motivated employees. Privacy and Security HIPAA privacy and security requirements (administrative, physical, and technical safeguards). Software Elegance An interoperable electronic health record (EHR) and a working relationship with the vendor (Eldermark). 15

Health Information Exchange has its own vocabulary COMMON TERMINOLOGY 16

Continuity of Care Document Also known as the CCD and related to the Clinical Care Record (CCR) Standardized fields for data CCD must contain certain data fields other data fields are optional Data fields established as STANDARDIZED at the Federal level Is a clinical care summary in real time 17

Unified Continuity of Care Document Data from multiple health records consolidated into one summary clinical care document in real time Provides a more complete picture of an individual s current and immediate status of health and well-being 18

Clinical Data Repository The data warehouse that contains clinical data in a central location in the cloud. Data stored here is data that conforms to established universal format criteria (the standard is referred to as HL7) The Repository aggregates the data about a person and then it creates a unified view of a single patient Typical data types found within a repository include: lab test results, patient demographics, Rx info, radiology reports/images, hospital admission/discharge/transfer dates, diagnosis/treatment codes, discharge summaries and progress notes. 19

E-Health (Electronic Health) This is the adoption and effective use of the Electronic Health Record (EHR) systems and other Health Information Technology (HIT) Senior Living Providers that have adopted the EHR and then practice the exchange of health information with other healthcare providers are practicing E-Health 20

Personal Health Record (PHR) The Personal Health Record (PHR) is a health record where health data and information related to the care of an individual provides a complete and accurate summary of an individual s medical history that is accessible online and accessible by the patient. The health data in a PHR might include care outcome data, lab results, allergies, imaging reports, medications and dosing, vaccinations, illnesses and hospitalizations, etc. 21

Personal Health Record (PHR) Benefits Potential to help analyze an individual s health profile, identify threats and improvement opportunities based on: Analysis of drug interactions, current best medical practices, gaps in current medical care plans, and identification of medical errors. Make it easier for clinicians to care for the individual by facilitating continuous communication about health status. Especially in emergencies, a PHR can quickly provide critical information to proper diagnosis and treatment. 22

Health Information Exchange (HIE) HIE means the electronic transmission of health related information between organizations in accordance with nationally recognized standards HIE facilitates access to and retrieval of clinical data to provide safer, more timely, efficient, effective, equitable, patient-centered care The movement of health information through an Exchange involves the services of entities such as a Health Data Intermediary (HDI) like Eldermark Exchange 23

The Goal of HIE The goal of HIE is to facilitate access to and retrieval of clinical data to provide safer, more timely, efficient, effective, equitable, patient-centered care. 24

Meaningful Use (Medicare/Medicaid) Main components are: Use of EHR in a meaningful manner like e-prescribing Use of EHR for HIE to improve quality of healthcare Use of EHR to submit clinical quality measures 25

Meaningful Use (Medicare/Medicaid) Providers need to show they are using EHR technology in ways that can be measured in quality and quantity (in a meaningful and appropriate manner) Improve care coordination Reduce healthcare disparities Engage patients and their families Improve population and public health Ensure adequate privacy and security 26

Meaningful Use Pumpkin Meaningful Use of a Pumpkin 27

There are different Stages of Meaningful Use (3) spread out over time (years) Meaningful Use Each Stage has its own goals related to HIE for those entities who are affected by the requirements of the Affordable Care Act (ACA) 28

Protected Health Information (PHI) Means individually identifiable health information that is transmitted or maintained by electronic media or is transmitted or maintained in any other form or medium Health Information is any information relating to the past, present, or future physical or mental health or condition of an individual, including information regarding payment for health care 29

Record Locator Service (RLS) This is an electronic index of patient identifying information that directs providers in a health information exchange to the location of a patient s health records that are held by providers and group purchasers. Within a HIE, the RLS seeks out the information requested by the user like a search engine within the index of patient identifying information and pulls it to the user 30

Direct vs. Connect Direct: messaging within the HIE that is point-to-point like sending a secure email message (and attachments). Sometimes, Direct is referred to as Push. Connect: related to the action of Query the act of performing a query, or search, for certain PHI about a certain patient that brings the data to the user. Sometimes, Connect/Query is referred to as Pull. 31

HIE Security is ruled by HIPAA and goes beyond what we are used to managing. ASSURING SECURITY & PRIVACY 32

Compliance with Law and Policy HIPAA Rules this is the legal framework for the privacy and security of Protected Health Information (PHI) The HIPAA Privacy Rule deals with PHI The HIPAA Security Rule deals with EPHI (Electronic Protected Health Information) 33

Compliance with Law and Policy The HIPAA Security Rule establishes national standards to protect EPHI that is created, received, used, or maintained by a covered entity our provider clients are covered entities The HIPAA Security Rule safeguards the confidentiality, integrity, and security of EPHI standards established at the federal level Participants in HIE must develop internal P&Ps to implement the requirements of the Security Rule 34

Security Rule General Rules Must ensure the confidentiality, integrity, and availability of all EPHI you create, receive, maintain, or transmit Must identify and protect against reasonable anticipated threats to the security or integrity of the data Must protect against reasonably anticipated impermissible uses or disclosures Must ensure compliance by your workforce 35

Security Rule Physical Safeguards Must limit physical access to your facilities while ensuring that authorized access is allowed Must implement policies and procedures to specify proper use of and access to workstations and electronic media Must have in place P&P regarding the transfer, removal, disposal, and re-use of e-media to ensure appropriate protection of EPHI. 36

Security Rule Technical Safeguards Access Control must implement technical P&P that allow only authorized persons to access EPHI. Audit Controls must implement hardware, software, and/or procedural mechanisms to record and examine access and other activity in information systems that contain or use EPHI. Integrity Controls must implement P&P to ensure EPHI is not improperly altered or destroyed. Electronic measures must be put in place to confirm that EPHI has not been improperly altered or destroyed. Transmission Security must implement technical security measures that guard against unauthorized access to EPHI that is being transmitted over an electronic network. 37

Security Rule Organizational Reqs If a covered entity knows of an activity or practice of the business associate that constitutes a material breach or violation of the BA s obligation, the covered entity must take reasonable steps to cure the breach or end the violation. Violations include the failure to implement safeguards that reasonably and appropriately protect EPHI. 38

Enforcement and Penalties for Noncompliance of Security Rule The Security Rule establishes a set of national standards for confidentiality, integrity and availability of EPHI. The Department of Health and Human Services (HHS), office for Civil Rights (OCR) is responsible for administering and enforcing these standards, in concert with its enforcement of the Privacy Rule, and may conduct complaint investigations and compliance reviews. 39

Data Classifications Public Information: information that may or must by open to the general public; i.e., publicly posted press releases, marketing materials, job announcements Internal Information: information that must be guarded due to proprietary, ethical, or privacy considerations and must be protected for unauthorized access, modification, transmission, storage, or other use; i.e. employment data, contracts Confidential Information: information protected by statutes, regulations, policies, or contractual language is sensitive in nature and access is restricted disclosure limited on a need-to-know bases only; i.e. protected health information, social security numbers, payroll records, data so identified to be treated as confidential 40

Protecting Confidential Information 41

Protecting Confidential Information Access Control: HIE established policy for granting and revoking access to information must demonstrate a business need Acceptable Use: security of HIE is dependent on safe computing practices by users established acceptable use guidelines user agreement Incident Management: HIE established policy for reporting, analyzing, resolving and reviewing incidents that compromise security includes Breach management 42

HIE Security Policy Topics Include: Access to HIE and Authorization to use - TRAINING Business Associates Confidentiality Agreement for various roles Data backup and Use Email Use Emergency access Staff termination/access revocation USB/Portable devices Release(s) of information and Consents Audits and monitoring Notices to patients/residents 43

Training Workforce, Agents and Contractors HIE participants are responsible for developing and implementing training programs for workforce members, agents, and contractors who will have access to the HIE Annual training is a minimum standard Must cover: Confidentiality of PHI and EPHI under HIPAA Access to HIE for purposes of treatment of an individual or necessary health care operations 44

Role of the Privacy/Security Officer Oversee security protocol standards as practiced by the provider organization Provide training and implementation guidance Regularly review records of information system activity Audit logs Access reports Incident tracking and report discrepancies Maintain a comprehensive listing of hardware used to store and transmit EPHI Manage passwords and credentials Manage security incidents and outcomes and software 45

Useful Web Sites HIPAA Security Tool Kit http://scap.nist.gov/hipaa.com Resources through OneHealthPort: http://www.onehealthport.com/home Resources through Federal Govt: www.healthit.gov 46

Other HIE Session Today Includes: Deeper look at HIE in Senior Living Meet Hope use cases for the EHR and HIE in Senior Living A look at screen shots from Eldermark Exchange 47

Questions Discussion - Comments Mark Anderson Senior Vice President Eldermark Software Eldermark Exchange manderson@eldermark.com www.eldermark.com o: 952-460-3848 m: 612-272-4595 48

Health Information Exchange 101 Your Introduction to HIE and It s Relevance to Senior Living

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback