With the Deep-Dive Insights Series, Aston Carter takes a closer look at emerging trends in the evolving job market that will affect both employers and candidates alike.
Regulatory frameworks within the healthcare industry have evolved to keep pace with changes in patient care and communication methodology.
As telehealth became more commonly practiced across the industry, the National Committee for Quality Assurance (NCQA) made changes to the Healthcare Effectiveness and Data Information Set (HEDIS). Specifically, they adjusted 40 HEDIS measures to better reflect evolving digital and telehealth delivery and provide an enhanced standard for healthcare organizations and consumers to comparatively measure the quality of health plans.
More changes loom on the horizon.
The NCQA recently issued recommendations to President Biden, which outline steps the administration could take to create a more efficient and equitable reporting ecosystem. Chief among these include moving to a digital quality measurement system that could phase out paper documentation for good.
HEDIS standards will continue to shift and maintaining a proactive awareness of regulatory changes will give healthcare providers a crucial advantage. As organizations implement new processes for remote healthcare delivery, they should enhance their data compliance programs to keep up with evolving regulatory standards.
Remote work, combined with the industry’s reliance on traditional record-keeping involving hard copies and old network infrastructure, has created complications in maintaining HIPAA compliance.
Remote workflows among the healthcare workforce have introduced tricky new hurdles to overcome in avoiding HIPAA violations. For example, handling PHI material out of a home office setup rather than a centralized office completely alters the chain of potential exposures. Organizations need to ensure there are systems in place for proper document disposal across the entire remote workforce.
Temporary fixes won’t solve this issue. Remote work is a permanent fixture of the employment landscape. So now is the time for healthcare organizations to revamp their network infrastructure and privacy policies to address imminent exposure threats.
Consider staffing up the IT department and working with an outside team to make a detailed assessment of the documentation life cycle. Identifying risk points early and plotting a course for mitigation is far better than waiting until a violation occurs.
Automation is another trend that’s accelerating amid the pandemic, both in the healthcare space and the wider business world.
For healthcare organizations, automating administrative transactions — such as claim submissions and verifying patient insurance — is cheaper and faster than executing transactions manually. Automated claims status inquiry costs about $11 less than the manual equivalent, according to the Council for Affordable Quality Healthcare CAQH 2020 Index report.
However, automation and broader digital transformation initiatives also bring significant cybersecurity risks. Every digital transaction or process represents a unique avenue for potential breaches. Automation should always be explored in tandem with risk and compliance considerations — including HIPAA requirements. In the planning stages of any new automation strategy, it's best to bring in specialized R&C teams early and often to assess new risks, identify potential compliance issues and guide implementation.
Transforming network infrastructure, implementing new software and adjusting to evolving HEDIS measures and HIPAA policies requires extensive support and management, and there are a few ways to take on these challenges.
One common method is to pay for advisory services from a consulting firm. This is often the most expensive option, and it’s often difficult to retain valuable knowledge and experience because consultants often leave after projects close out.
Another option is to explore Managed Services to supplement traditional support workflows with contract and contract-to-hire consulting talent and project management options. This allows organizations to successfully navigate risk and stay on top of increasingly sophisticated governance and compliance needs through maximized workforce productivity and enhanced management capacity. After projects close, contingent staff can be converted to full-time employees, which fosters internal knowledge retention and results in a thorough and informed use of new technology after implementation.
One common throughline of the above practices? A risk-informed approach is key for success in a virtual world. Developing governance informed by risk and compliance capabilities — and layering them over operational management of evolving processes — will be the main driver behind the success of every new aspect of digital transformation.
For more insight on risk and compliance considerations, read Risk and Compliance in the Age of COVID-19.
Need to evaluate readiness, capacity and compliance of current remote workflows as they become a permanent fixture of your organization?