Merrill Experts: HealthCare: 2011

Friday, December 30, 2011

Health Technology Critics Are Missing the Point (Part 2)

Modern smart devices effectively put personal computers in the pockets of a hospital’s entire staff. Along with that convenience comes the siren call of workplace distractions. It is all too easy to whip out a phone for a quick text, a few Facebook posts, and a round of Words with Friends on the job. While that may not be the end of the world in other office positions, a poorly timed conversation in healthcare could be the difference between lifeand death.

A recent email blast from Plexus Institute entitled "Do Electronic Devices in Health Care Present New Risks for Patient Safety" resonated with me on a very deep level, confirming suspicions gathered from informal conversations across the country. Fifty-five percent of perfusion technicians admitted having cell phone conversations while monitoring machines--and half had texted during surgery. Then a New York Times story by Matt Richtel highlighted a malpractice case in which a neurosurgeon made more than 10 personal calls during surgery to family members and business associates.

Phone calls during surgery? Texting while checking on patients? Those seem like fairly large red flags begging for regulation. As it turns out, those regulations already exist, they just aren’t enforced. “Managers are noticeably absent from the front line. It happened very slowly over a long period of time; their workload increased and changed, demanding that they spend more time in meetings and their offices,” says Hospital Impact’s Kathleen Bartholomew. “While most hospitals have a policy regarding the use of technology for personal reasons during work, very, very few actually enforce that rule…If it's not enforced, then it's not a rule. It's the norm.”

This is yet another case where simple education and enforcement would make the world of difference. Social media, if handled in perfect conditions, could provide medical professionals with the opportunity to communicate large concepts in real-time. Physicians could provide the medical advice that consumers are looking for, but accurately. They could share updates, pharmaceutical recalls, and outbreak information in a timely way.

There are plenty of good arguments against new technologies, but at the end of the day, it comes down to using technology in the best possible way, not just sweeping it under the rug.

-------------------------------------------------------------------------------------------

Pam Argeris is a thought leader in the Healthcare Industry and possesses extensive, hands-on experience with CMS compliance, and multiple regulatory bodies such as NCQA, JACHO, and DOI. In her role at Merrill Corp., Pam focuses on developing solutions for compliance and quality assurance, delivered in a cost effective manner to improve beneficiary and prospect communications. You can contact Pam at Pamela.Argeris@merrillcorp.com.

Wednesday, December 28, 2011

Health Technology Critics Are Missing The Point (Part 1)

In our past blogs, we have always approached the concept of revolutionary health technology with open arms. We feel that healthcare, like any industry, needs to constantly evolve and improve in order to stay relevant. After all, if WebMD ever becomes more up-to-date than a family physician, who would bother paying for an appointment? However, there is another side to this argument. Many industry experts, including members of the Department Health and Human Services (HHS) and the Centers for Medicare and Medicaid Services (CMS), feel that too much tech, too quickly, will cause massive compliance issues and will put the data of millions at risk. Is there truth to what they're saying?

There are serious arguments on both sides, but since we have been favoring one view over the other, it’s time to look at some of the reasons many in the health industry are hoping that social media and mobile technology simply fade away. Among the most common of these is the thought that technology has simply moved along too quickly, and that protective best practices have yet to catch up. Many in the industry are looking to HIPAA for answers, expecting laws to be passed down from above, but this is likely going to remain an issue for individual hospital managers to deal with; at least for the time being.

A few weeks ago, we posted some Ponemon Study statistics revealing that, despite being used by 80% of health organizations, only half of the country’s healthcare facilities have any regulations for the use of smart phones and other mobile devices. Until HHS can catch up with the shockingly fast wave of consumer demand, the number of mobile-related data breaches is only going to rise. And this isn’t the only risk mobile devices create. On the consumer end of the spectrum, things aren’t looking much better.

The lack of regulated health apps for mobile devices means that many consumers are turning to whatever options are out there. They are being fed inaccurate information from applications and websites that are, for the moment, unregulated and unmonitored. Those consumers are going into medical practices with their own (frequently incorrect) opinions of their symptoms, giving docs a false impression. Even worse, some consumers are taking these web-sourced diagnosis apps at face value, and seeking out prescriptions or over-the-counter medications they don’t actually need. This is a space where the medical industry really has a chance to make a difference. The social benefits of creating a physician-run network of medical advice are staggering, yet no such initiative has come to fruition.

In our next blog, we’ll focus in further on how mobile technology is impacting the workers on the floors of hospitals and private practices.

-------------------------------------------------------------------------------------------

Friday, December 16, 2011

CMS Calls for Sunshine

On Wednesday, CMS announced their proposed Sunshine Rule, an addendum to the Affordable Care Act (ACA) that would require a very specific kind of transparency. The overarching goal of the rule, much like the remainder of the ACA, is “better care at reduced costs.” Under this new regulation, certain drug or device producers would need to report on any financial relationships they share with healthcare providers.

“When people are faced with the difficult task of choosing the right doctor, they need all the information they can gather. If your doctor is taking money from manufacturers of prescription drugs, suppliers of wheelchairs or other devices, you deserve to know about it,” said Peter Budetti, M.D. CMS deputy administrator for Program Integrity. “Disclosure of these relationships will discourage the inappropriate influence on clinical decision-making that sometimes occurs while still allowing legitimate partnerships.”

If accepted, the rule will take effect on January 1, 2012.

CMS stressed that the purpose of the rule was not to end the endorsement of medical devices or prescriptions, but simply to make consumers more aware that these financial relationships exist. Effected manufacturers would include, “manufacturers of drugs, devices, biologicals, and medical supplies covered by Medicare, Medicaid, or the Children’s Health Insurance Program.” These manufacturers would be required to report any financial compensation or “transfers of value” made to teaching hospitals or physicians. Both parties would have the opportunity to review the report before it is made public.

Healthcare transparency is rarely a negative thing, and the consumer benefits of Sunshine seem obvious. However, there will always be opponents to new compliance legislation, and we’d love to hear those opinions. If you have strong feelings or evidence against (or in support of) the Sunshine Rule, leave them in the comments below.

-------------------------------------------------------------------------------------------

Friday, December 9, 2011

Is There a Solution for Healthcare Data Breaches?

Last week, we brought up some startling statistics about data breaches in the health industry. Among the most significant of those was the fact that the number and severity of breaches has not decreased since we last wrote about them in 2010. Instead, the number of breaches had increased by 32%. We looked at the causes of those breaches and found that, as usual, the majority of them were due to employee error, lack of security, and lazy or “sloppy” security practices.

It seems clear, then, that the first step in solving the issue of data security in health care is to start with the workers.

Accidents will always happen. No amount of security can prevent that, but that doesn’t mean that security training is a wasted effort. “More than 80 percent of healthcare organizations use mobile devices that collect, store and/or transmit some form of PHI,” says last week’s Ponemon study. “Yet, half of all respondents do nothing to protect these devices.” File encryption, passwords, and limited remote access are simple steps that could prevent stolen devices from spreading sensitive data.

Even more simply, employees could be better trained to monitor and protect mobile devices. We used the example last year of a sensitive file left in the back seat of a public cab, and now the same thing is happening with cell phones, tablets, and laptops. Health workers need to be trained in the dangers of such careless behavior, if we are ever going to see a change. But, there is a larger problem at the core of the issue.

Health administrators need to re-think their security policies. Ponemon’s study pointed out some very large flaws in this area.

Only 22 percent of organizations say their budgets are sufficient to minimize data breaches. 83 percent of hospitals have clearly written policies and procedures to notify authorities of a data breach, but 57 percent don't believe their policies are effective. The research indicates that the closer the personnel are to the data-such as billing and IT-the higher the probability of not following policies and procedures. 42 percent of respondents say administrative personnel in their organizations do not understand the importance of protecting patient data.

The numbers here tell the whole story. Nearly half of the participating health organizations do not see any importance in protecting patient data. Even more feel that existing policies aren’t effective. If so many people see problems in existing security policies, why is no one looking at improving them?

-------------------------------------------------------------------------------------------

Thursday, December 1, 2011

Why Are Health-Related Data Breaches Increasing?

We’ve been writing about healthcare data breaches since the first months of our blog, and the problem has yet to improve. A Ponemon Health press release this afternoon showed a 32% increase in health industry data breaches since 2010. Some analysts continue to blame controversial electronic health record legislation, but just as we reported back in August, most of this year’s data insecurities have been related to sloppy security practices and employee error. Here are the raw statistics from Ponemon’s release:

41% of surveyed health care organizations attributed their breaches to “sloppy employee mistakes.”
80% of organizations carry sensitive information on mobile devices, including laptops, mobile phones, external hard drives, or other technology, and…
49% of the breaches were caused by lost or stolen mobile devices, and even worse…
Around 50% “said theirorganization does nothing to protect the information contained on mobiledevices.”
55% of health care organizations claim to have no confidence in their ability to detect a privacy breach.

All of the evidence points directly to mobile devices, and thus, EHR’s. And it is hard to argue with the logic that electronic records can’t get stolen if they don’t exist, but there is an inherent flaw in that thinking.

A popular Ukrainian song contains a similar sentiment, “If you don’t have a house, house fires won’t scare you…Think on your own, decide on your own, to have or not to have.” Of course there is a risk of EHR theft, but that is no reason to dismiss a largely beneficial system. Not to mention the fact that printed documents are just as easily lost as cell phones are.

Next week, we’ll look at some ways to improve data security while still embracing the positive aspects of health care technology.

-------------------------------------------------------------------------------------------

Friday, November 25, 2011

Is Healthcare’s Fear of Change Justified?

Information technology, particularly in the fields of social media and mobile communication, is a notoriously slow-moving concept in the health industry. Complex compliance issues, data security, and expense have largely kept health workers on the outskirts of today’s technology boom. Now, some analysts are asking if the industry has fallen too far behind.

“I doubt that anybody within airlines, financial services, or manufacturing goes to meetings to debate whether information technology can improve what they do. It already has,” says BMJ’s Richard Smith. “But in healthcare we’ve grown very [skeptical] about information technology.” Smith believes that bad experiences with innovation in the past have helped foster an environment of stagnation, citing examples such as Britain’s 2005 initiative: Connecting for Health. The program, costing NHS billions of dollars, achieved almost nothing over the following years.

Leaders in healthcare are reluctant to invest in information systems that may not deliver a financial return or may take years to do so. We remembered how five years ago the leaders of Connecting for Health were being invited to tour the world talking about the remarkable things they were doing. Now those who have survived the wreckage are invited to talk on how not to do it.

This isn’t a problem limited to Britain, either.

In our own past blogs, we’ve looked at HIPAA’s reluctance to allow faster, more efficient mobile technology instead of outdated pagers. We also described July’s sharp increase of HITECH violations, caused by HIPAA’s refusal to update archaic requirements for electronic records. It should be obvious that compliance and security are top concerns for the health industry, but many experts believe that some technological advances could be improving those factors, in the long run. They wonder if, by the time HIPAA catches up, it will already be too late.

-------------------------------------------------------------------------------------------

Friday, November 18, 2011

A Summary of Uniform Coverage (Part 3)

We’ve spent a lot of time talking about healthcare and the recent Summary of Benefits and Coverage (SBC) regulations, along with a few other topics, so perhaps it is time for a wrap up, and a few last explanations.

A few months ago, on the 17^th of August, 2011, the Departments of Health and Human Services, Labor and Treasury issued proposed regulations for implementation of the Summary of Benefits and Coverage and the Uniform Glossary requirements under Section 2715 of the PPACA. These regulations were issued with the intention of providing every health plan provider and beneficiary with an accurate SBC in time for them to make effective decisions regarding their health plan enrollment.

Insurers are required to provide accurate, uniform SBC’s to all beneficiaries through the use of a provided template. The regulations also ensure that every insurer is provided with the tools, templates, and information required to meet the previously outlined requirements. Health plans are also required to be able provide a uniform glossary of terms and conditions, by request, within 7 days.

There are 12 main requirements outlined in the SBC regulations, including uniform definitions of standard insurance terms, description of the coverage, cost-sharing provisions of the coverage, coverage provisions, and a statement explaining that the provided SBC is only a summary of benefits and that the entire plan document should be consulted as well.

If they function as intended, these regulations should ensure that consumers are provided with the best possible information to make an informed decision about their healthcare. Health plans also stand to benefit from the regulations, as any outlined rules can help plans through the complex red tape of health compliance.

Merrill Corp supports the HHS regulations, and we are well-equipped to handle these new compliance requirements.

-------------------------------------------------------------------------------------------

Friday, November 11, 2011

A Summary of Uniform Coverage (Part 2)

Back in October, we began a series of blogs describing the proposed regulations issued by the Departments of Health and Human Services, Labor and Treasury on August 17, 2011. A few time-sensitive industry events have occurred in between, but we are now happy to be back on track.

When we last left off, we had described some of the basic requirements of ‘The Summary of Benefits and Coverage,’ or SBC. In this blog, we will go into some more detail on 12 of those requirements with help from a general list provided by HHS.

Uniform definitions of standard insurance terms and medical terms so that consumers may compare health coverage and understand the terms of (or exceptions to) their coverage.
A description of the coverage, including cost sharing, for each category of benefits identified by the HHS Secretary in guidance.
The exceptions, reductions, and limitations of the coverage.
The cost-sharing provisions of the coverage, including deductible, coinsurance, and copayment obligations.
The renewability and continuation of coverage provisions.
Coverage examples in accordance with the regulation as identified by the HHS Secretary.
A statement that the SBC is only a summary and that the plan document, policy, or certificate of insurance should be consulted to determine the governing contractual provisions of the coverage.
Contact information for questions and obtaining a copy of the plan document or the insurance policy, certificate, or contract of insurance (such as a telephone number for customer service and an Internet address for obtaining a copy of the plan document or the insurance policy, certificate, or contract of insurance).
For plans and issuers that maintain one or more networks of providers, an Internet address (or similar contact information) for obtaining a list of network providers.
For plans and issuers that use a formulary in providing prescription drug coverage, an Internet address (or similar contact information) for obtaining information on prescription drug coverage.
An Internet address for obtaining the uniform glossary.
Premiums (or in the case of a self-insured group health plan, cost of coverage).

In our next blog, we will provide some more detail, information, and analysis of the SBC proposals.

-------------------------------------------------------------------------------------------

Saturday, November 5, 2011

Banner Health Considers Pioneer ACO Contract

Arizona may be the home of the first pioneer ACO, if the state’s Banner Health accepts a contract presented by CMS this week. The largest health system in the state, Banner has a lot to gain from the early adopter ‘pioneer’ program.

In a statement describing massive funding cuts, Banner CEO Peter Fine explained the thought behind the move to ACO.

The traditional model of fee-for-service is gradually giving way to a collaborative model in which reimbursement is shared by hospitals, physicians and other providers based on the health management of defined populations…Doubtless, there will be those who will decry ACOs as a by-product of health-care reform and therefore unworthy of consideration. However, ACOs and similar collaborative models are moving forward whether health-care reform is implemented or not.

For Banner, the only point of concern was timing. “The issue before us now is that of timing. How fast can we bring new models of collaboration into existence?” Fine asked in his statement. As it turns out, it’s a question that many people are asking.

In a white paper available from the Robert Wood Johnson Foundation, authors Berenson RA and Burton RA explain that “…so far, the reception to CMS’ final regulations has been positive, but how many organizations will actually apply to CMS to be ACOs is another question.” The paper attempted to explain CMS’s motives for the ACO Pioneer program, and to establish a prediction on the widespread success of the program. FierceHealthcare summarizes:

How many and how fast will ACOs spread? CMS estimates 50 to 270 ACOs will sign up to participate, generating a net savings of $940 million during the first four years through Shared Savings, according to a recent report by the Urban Institute and the Robert Wood Johnson Foundation…

…According to the report, it's unclear if the Shared Savings Program and the earlier Pioneer ACO model are intended to test the ACO concept for large-scale implementation, to see whether it generates sustainable governmental savings, or to move as many providers as possible to ACOs to curb Medicare spending.

A few years will probably pass before we can come to any definitive conclusions on the program, but the Banner exercise at least demonstrates how much is at stake.

-------------------------------------------------------------------------------------------

Friday, October 28, 2011

Lack of Transparency Continues to Haunt HHS

A lack of information is driving consumers into poor health care choices, and Health and Human Services is to blame; at least according tothe Government Accountability Office.

In a 43-page report released this September, the office slammed HHS, claiming that a lack of transparency is keeping consumers from easily accessing the pricing information of health care plans until after they are already covered. FierceHealthcare summarizes, “In one example, the agency contacted a variety of physician offices to get the price of a diabetes screening--and was consistently told an office visit was required prior to disclosure of such a price. The GAO also noted that the negotiated prices between an insurer and provider were often kept from consumers for legal and trade purposes.”

Transparency in HHS is not a new topic. In fact, the department was criticized for similar reasons when they removed public access to National Practitioner Data Bank in early September.

This new report, the creation of which was heavily pushed by congress, has found a severe lack of initiative from HHS when it comes totransparency.

Several health care and legal factors may make it difficult for consumers to obtain price information for the health care services they receive, particularly estimates of what their complete costs will be. The health care factors include the difficulty of predicting health care services in advance, billing from multiple providers, and the variety of insurance benefit structures.

The entire industry is keeping a close eye on this developing story, and Merrill Corporation will be among them.

-------------------------------------------------------------------------------------------

Friday, October 21, 2011

Final Rule Addresses ACO Criticism

At their first announcement, the Centers for Medicare and Medicaid Services’ rules for ACOs caused an uproar. Accountable Care Organizations will reward medical providers that meet certain quality of care requirements, but health professionals found the rules to be needlessly complicated, hard to follow, and unrealistic. CMS responded quickly, committing to rework and improve the rule set.

On October 20^th, the proposed changes, collectively called the final rule, released to public acclaim. CMS Administrator Dr. Donald Berwick told Kaiser Health News, “We have been able to fine tune and improve the rules for a range of stakeholders, providers and patients.” Across the board, health industry officials are praising CMS for the new rule changes, and it seems that these requirements will finally move toward improving the country’s health care.

FierceHealthCare.com put together a table outlining the changes CMS made. We have an excerpt below, or you can view the full table here.

Topic	Proposed rule	Final rule
Transition to risk in Track 1	ACOs offer two tracks. Track 1 would entail two years of one-sided shared savings; then participants would have to transition in third year to a performance-based risk, two-sided model of savings and losses.	ACOs still offer two tracks. Track 1 now removes two-sided risk.
Prospective vs. retrospective	Retrospective assignment based on primary care service use, with prospective identification of benchmark population	Preliminary prospective-assignment with beneficiaries identified quarterly, with final reconciliation after each performance year
Quality measures	65 measures in 5 domains	33 measures in 4 domains
Shared savings	One-sided risk model: Sharing begins at savings of 2 percent Two-sided risk model: Sharing on first dollar	Share on first dollar for all ACOs in both models once min. savings rate is achieved

-------------------------------------------------------------------------------------------

Friday, October 14, 2011

Medicare Annual Open Enrollment Begins Early

This year, CMS has announced an early launch for Open Enrollment, which will begin October 15^th, instead of the usual date of November 15^th. The enrollment will end on December 7^th. CMS made this change under hopes that it would improve the enrollment process for Medicare beneficiaries, according to the official press release.

This gives people with Medicare a full seven weeks to compare and make decisions, and ensures that they will have essential plan materials and membership cards in hand on January 1, 2012 when new coverage starts.

In the press release, CMS also made efforts to stress the importance of investigating and exploring plan options.

There'll be a wide range of health and drug plan options available across the country, including Original Medicare. Most people with Medicare can choose a "Part D" plan to help them pay for prescription drugs. And people who have chosen to enroll in a "Part C" Medicare Advantage plan for their basic health care services have the option of staying in that plan, choosing a different plan, or going back to the Original Medicare program. Plans can change from year to year, so these are important choices that should be made with care.

As usual, the organization is making a big push to promote information sources such as 1-800-MEDICARE and http://www.medicare.gov. We saw many efforts being made around this time last year to promote those educational channels, and it is certainly good to see them remaining a large part of CMS’s enrollment initiative.

-------------------------------------------------------------------------------------------

Friday, October 7, 2011

A Summary of Uniform Coverage (Part 1)

On Tuesday, March 23rd, 2010, President Obama signed into law the “Patient Protection and Affordable Care Act” (“PPACA”). A Reconciliation Bill making changes to the Act was signed by the President on March 30th, 2010. On August 17, 2011, the Departments of Health and Human Services, Labor and Treasury issued proposed regulations for implementation of the Summary of Benefits and Coverage and the Uniform Glossary requirements under Section 2715 of the PPACA. Per regulation the Uniform Coverage Summary is now called “The Summary of Benefits and Coverage” or the “SBC”.

The proposed regulations provide rules for providing participants and beneficiaries with an accurate Summary of Benefits and Coverage (SBC). The proposed regulations also provide rules for SBCs that must be provided by insurers to plan sponsors wishing to purchase group health insurance. The rules apply to both group health plans and health insurers providing insurance in the group and individual markets. The rules also apply to Employee Retirement Income Security Act (ERISA) and non-ERISA group health plans and include grandfathered plans.

Here is an overview of the SBC requirements:

Every health insurer in the individual and group markets, and every group health plan (insured or self funded) must provide policy holders or certificate holders (“Subscribers/Members/Beneficiaries”), applicants, and enrollees a SBC using a uniform format that accurately describes the benefits and coverage under the plan. This was called the Uniform Coverage Summary (UCS) and is now known via regulation as the Summary of Benefits and Coverage (SBC). Under the new proposed regulations health plans are provided instructions, templates, samples, a guide for coverage example calculations to be used in completing the SBC template which includes a “Why this Matters” column and a Uniform Glossary of terms and definitions to help with beneficiary understanding.

Health plans are required to send each member an SBC and Coverage Examples. The Uniform Glossary of terms and definitions must be made available upon request in paper or electronic form within 7 days of request. The Uniform Glossary is provided by HHS and issuers cannot make any modifications to this glossary. Translation services for the SBC will follow the 10% by county rule.

Next week, we will go into further detail on what this will mean to both the business community and the American public.

-------------------------------------------------------------------------------------------