Health insurers face most signifi cant technology overhaul in 20 years
By Ray Desrochers, COO, HealthEdge The last time the healthcare industry
underwent a large-scale technology change- out, George H.W. Bush was president, the Gulf War had just begun and HMOs were booming. In fact, it was the shift toward managed care in the early 1990s that prompted payers to transition from mainframe computing to more fl exible client-server solutions. Flash forward 20 years to 2011, and once again fundamental industry change is driving the need for next- generation technology. According to McKinsey & Company, healthcare reform, conversion to ICD-10 and the stimulus act’s healthcare IT mandates will require the transformation of more than 90 percent of a typical payer’s existing IT structure. Other major trends fueling a technology overhaul include: • Highly customized, consumer-focused benefi t plans: Payers will need to continuously develop new types of innovative products in order to truly compete in the 21st- century healthcare marketplace. Existing legacy systems require signifi cant time and effort to implement even the most minor changes. These solutions were simply
ransition Learning from PCI compliance
By Elizabeth Ireland, VP of strategy, nCircle
Healthcare can gain by looking at payment
card industry standards (PCI) developed by major credit card issuers to ensure credit card privacy and security. It’s not a big stretch to imagine healthcare security standards are likely to evolve along a trajectory similar to PCI, especially since records exchanged over the Internet are subject to the same security concerns as any other Internet data transactions.
specially While both PCI and healthcare security standards
already share some common features, there are a number of PCI requirements that are destined to be included in future security requirements: • File integrity monitoring: File-level auditing tools safeguard against tampering with fi les. Any changes to
not built to address today’s rapidly evolving healthcare needs.
• Operational efficiency and productivity gains: Over the years, most payers have resorted to costly and ineffi cient manual processing, surround systems and other workarounds to compensate for their IT infrastructure’s shortcomings. Federal legislation will soon limit payers’ non-medical spending – a death knell for previously tolerated administrative ineffi ciencies.
to s t
s li k
• Ongoing government mandates: As further details of new legislation and regulations continue to unfold, payers will need to comply quickly with new and often onerous requirements.
• Increased expectations for customer service: As customized benefi t plans and value-based programs become the norm, payers will need to move beyond the limitations of their current systems and offer real-time access to information that will allow their members to make better decisions about their care. Simply put, the current payer IT infrastructure is not going to support the needs of the new healthcare economy. Health plans that view change as an opportunity, and move quickly in 2011 to adopt new technologies, will be well positioned to lead the market. As science fi ction writer Isaac Asimov once said, “No sensible decision can be made any longer without taking into account not only the world as it is, but the world as it will be.”
fi le size and location are logged including fi le attributes, when the fi le was changed and the log-in name of the entity that changed it. • Confi guration compliance: Making sure all devices on the network adhere to security policy is critical to controlling risk and maintaining compliance. While sounding simple, gaining visibility and control of every networked device can be challenging, especially in large networks. Automating tools that make it possible to adhere to a set of best practices
lo • d is c v d n p
is an important step toward protecting the critical information healthcare networks contain.
is an imp
• Web application vulnerabilities: Web applications are the primary mechanisms for over 55 percent of the conditions leading to failure of confi dentiality and integrity. Web application security includes a wide variety of conditions critical to sharing EHR with other labs, clinics, hospitals and payer networks. An early start on these areas can improve security and help with rigorous compliance requirements ahead.
18 February 2011
HEALTH MANAGEMENT TECHNOLOGY