Change is constant. In business, companies are bought and sold every day. Processes must be altered, inefficient practices identified and eliminated.

Periods of change are when organizations are most vulnerable to security breaches – especially healthcare entities and the technology vendors that serve them. The addition of new hardware, devices, software, and applications to the larger IT network creates numerous opportunities for mistakes. For instance, it is common for organizations to overlook vendor default passwords on newly-added devices or programs. In many cases, these default passwords can be found easily on the Internet by hackers seeking to steal valuable information such as protected patient data. The unprotected devices are their entry point.

The scary truth is that only a little more than half of organizations apply the necessary change management principles to their IT assets. According to a study of configuration management for cloud-based infrastructures, 80 percent of outages impacting mission-critical services will be caused by people and process issues and 50 percent of those outages will be caused by issues related to handing off the system to new personnel.

During this time, the system is ripe for unplanned and/or unapproved alterations. To put this into perspective, the cost of such downtime is approximately $8,000 per minute for the healthcare provider, not to mention the cost to an IT vendor’s reputation.

Change for the better
The answer to this problem lies in making sure that the organization’s approach to managing change contains a plan for the integration of all IT services, particularly those that may put valuable patient data at risk. However, many healthcare IT organizations lack the resources to fully address the staffing needs required during organizational change. At these times, it may be smart to enlist the support of an expert managed services company that specializes in healthcare “cloud” security and management. These vendors possess the expertise necessary to help IT vendors and healthcare providers alike recognize and address system vulnerabilities before they become exploited.

They will also offer services tailored specifically to the needs of change management. One such service is configuration management, which assures (among other responsibilities) that vendor-supplied credentials are changed to unique passwords. These managed data service experts can also handle security, monitoring, patch management and other professional services. They can also help to manage a secure transition of valuable data to new systems and aid in the integration of multiple databases. After the initial integration, managed services can include real-time monitoring, intrusion detection and prevention, data encryption and regular scans to detect new compliance risks.

Another useful resource is the IT Process Institute’s Visible Ops Handbook. This comprehensive guide provides direction to IT vendors on many aspects of managing organizational change and translating that to the IT infrastructure. This includes such security measures as reducing access to systems that can be modified, the importance of documenting all information related to IT assets, how to build a RACI, how to create a repeatable build library and making continuous improvement a part of the daily culture.

However it is accomplished, healthcare IT vendors must learn to recognize periods of change are tried and true opportunities for data breaches. Having plans and policies in place for change management is key to thwarting them.

Article source:

read more

Healthcare IT News and HIMSS Media are accepting speaking proposals for the Big Data Healthcare Analytics Forum, which will be held in New York City, June 18-19.

The deadline for submissions is 5 p.m. ET on March 31. Click here for more information and to submit a proposal.

Submissions are limited to healthcare provider and payer organizations, government agencies, and academic institutions. Presentations should be practical, actionable, and solutions-based.

Case studies are a priority for this event.

Approximately 250 payer and provider organizations will attend the forum, one of two that HIMSS Media and Healthcare IT News will present in 2015,

Session proposals should focus on how provider and payer organizations are using analytics to transition from volume-based to value-based healthcare.

Specifically, we want presentations that clearly demonstrate how payers and providers are using analytics to, among other things, improve clinical care, patient safety, succeed at population health, reduce readmissions, treat high-risk patients, streamline operations, and reduce the cost of healthcare.

The NYC agenda will be finalized by mid April.

Article source:

read more

Harold D. Tamayo, Chief Financial Officer–engagement partner, Tatum

A lot has been discussed about revenue cycle management (RCM) which is the process that manages claims processing, payment and revenue generation, and often entails the use of certain technologies to keep track of the claims process at every check point; however, RCM itself has lacked the interoperability, security and the analytics necessary to understand how to improve the process through appropriate quality measures to keep up with changing reimbursement models and business needs.

According to the article “Visibility key to efficient revenue cycle management,” published in Healthcare IT News, “denials represent the 10 to 20 percent of the claims that cause 90 percent of missed revenue opportunity. Much of the issues around claim denials drive some practices to accumulate claims which obviously lead to missed collections and longer accounts receivable intervals. Other practices assign staff to work denials and get them turned around more quickly. However, the best approach is to analyze denials, determine their root cause, and implement action plans to eliminate the cause.”¹

RCM: Driving Improvement in Healthcare

Improving RCM processes is one way any practice can improve the delivery of healthcare in their organization. The revenue cycle involves numerous tasks of the billing and collection processes which need a methodical approach to find levers to be improved — providing solutions that confirm eligibility, account balances, appointment scheduling, deferred services and cost transparency will drive improvements in the process. Developing analytics and reporting with key performance indicators to monitor the RCM process is fundamental to make revolutionary improvements and drive out inefficiencies in the system. Without such measurements an organization is likely to find itself simply rather stacking on new applications that create additional silos, generate more issues with interoperability and increase costs.

Every step in the RCM process has the potential for administrative waste: excessive paperwork, back-and-forth interactions between provider and payer, contracts with each payer and varying forms of information exchange with each payer. Managing the business of healthcare through improvements in the RCM process, allows healthcare providers to dramatically reduce costs in the administrative processes associated with RCM.

Putting costs and volume of claims into perspective, according to the article from MGMA in Practice Blog “How to avoid ‘unclean’ claims”, “the average cost to rework a claim is $25”.² Furthermore, according to CAQH index report, for healthcare plans covering 100 million lives, there were over 1 billion claims in 2013.³ In addition, in the article at Huff Post Politics online version, “Of all the claims submitted to it last year by health care providers and policyholders, Blue Cross denied 7.6 percent. Cigna denied 21 percent. MVP was in the middle at 15.5 percent”.4

As a finance executive, I can speculate that the inefficiencies and possibilities for savings from having a better revenue cycle management process in the US healthcare system are in the hundreds of millions.  In my opinion, with the right process in place and use of technology the administrative burden in the revenue cycle management can be greatly reduced.


1 John Andrews, Contributing Writer.  “Visibility key to efficient revenue cycle management “.IT Healthcare News.  September 16, 2010.
2 Amber Taufen, MGMA assistant editor.  “How to avoid ‘unclean’ claims”.  MGMA in Practice Blog.  March 28, 2014.
3 CAQH.  “2013 U.S. Healthcare Efficiency Index, Electronic Administrative Transaction Adoption and Savings”.  Revised May 5, 2014.
4 Wendell Potter, consultant.  “The Higher Health Insurers’ Claim Denial Rate, the Higher the CEO Pay”.  Huff Post Politics. April 23, 2013.

Harold D. Tamayo MBA, MSc, serves as a Chief Financial Officer–engagement partner with Tatum a leading practice providing Companies with hands on senior operating executive finance leadership.


Article source:

read more

The lack of response is surprising given that several states, particularly Hawaii, Maryland, Massachusetts and Oregon, were widely expected to ditch their own exchanges after severe technical problems impeded many consumers from signing up for coverage online.

Article source:

read more

This afternoon, CMS and ONC announced the release of a proposed rule that will allow some flexibility for Eligible Professionals, Eligible Hospitals, and Critical Access Hospitals attempting to attest to the Meaningful Use EHR Incentive Program in 2014.

Article source:

read more