The transitions to HIPAA EDI version 5010 and ICD-10 will only further complicate electronic data gathering, reporting and security.
Stage 1 of meaningful use is now finalized, and provider incentives will certainly result in an increased use of certified electronic health records (EHRs), exchange of electronic health information and submission of quality measures. However, meaningful-use requirements and their incentives apply only to healthcare providers and, even then, only Medicare or Medicaid acute-care hospitals, critical-access hospitals and eligible providers. A significant segment of the provider community, not to mention the healthcare ecosystem, is ignored: alternative care providers, nursing homes, mental health providers, payers, suppliers, vendors and, last but not least, patients.
All stakeholders will need to be involved to meet the ultimate goals of meaningful use: improved quality and reduced cost. For those stakeholders not directly affected by meaningful use and provider incentives, other healthcare industry initiatives may pave the way for their involvement and for the meaningful use of data. Meaningful use will require transformational changes in healthcare delivery for all stakeholders: new systems, additional staff training and education, redesigned work flows and — perhaps most challenging — meaningful use of data.
HIPAA EDI version 5010 and ICD-10 mandates will provide an opportunity for various health-industry stakeholders to examine their people, processes and technology. These projects, if structured around a comprehensive data-management plan, will allow entities to benefit directly from the new clinical and financial data that these initiatives provide. Unfortunately, the final Stage 1 meaningful-use objectives removed the requirements for checking insurance eligibility electronically and submitting claims electronically to both private and public payers. It is almost certain, however, that these two objectives will be present in Stage 2, which begins in 2013. This expectation, coupled with the required implementations of HIPAA EDI version 5010 and ICD-10, should motivate healthcare stakeholders to examine their current business operations related to coding and claims and to identify opportunities for increased efficiency, effectiveness and value in those administrative functions. Development of a data-management plan will provide the framework for assessment, analysis, implementation and improvement.
Data management requires both the efficient and effective use of healthcare data, as in to improve clinical outcomes, as well as the protection of that data via physical and technological safeguards to ensure privacy and security. Healthcare data can no longer merely be collected or reported, but must be analyzed with the intention of using it in the future to identify opportunities for improvement and to act on those opportunities. The nationwide adoption of EHRs will exponentially increase the volume of electronic personal health information (PHI) and will greatly increase the demands on healthcare stakeholders to ensure the privacy and security, as well as the integrity, of the data. An overlooked but arguably essential third component of effective data management is ensuring appropriate data inputs — a component that will be highlighted in coming years due to the exponential increase in raw electronic data available.
In January 2012, HIPAA EDI version 5010 will provide much-needed standardization of data in claims-related transaction sets. The initial implementation of HIPAA EDI transaction sets in 2003 failed to provide stakeholders with relief from burdensome claims requirements. Individual payers were still able to define their specific requirements for data content and presentation via the use of “companion guides” for each transaction set. The transaction-specific implementation guides developed at the national level provided merely a list of ingredients; the payer-specific companion guides were the recipe to be followed to submit an acceptable transaction. This lack of standardization created an inability to compare claims data among payers, as each could define various acceptable elements and formats for each data field. With version 5010, we are promised true standardization of data elements in the HIPAA EDI transaction sets and, as such, greatly enhanced data inputs for insurance eligibility, clinical authorization, healthcare claims and reimbursement-related transactions. All payer databases will prove more meaningful and the resulting information more useful in determining opportunities for new reimbursement models, costs of care and utilization of services.
In October 2013, the nation will finally see the long-awaited implementation of the ICD-10 coding and classification system, a system approved for use by the World Health Organization (WHO) for more than 20 years. ICD-10 will bring a level of detail to clinical diagnoses and procedures not previously available without burdensome abstracting and indexing efforts. Although some of the volume of new codes — approximately 55,000 additional diagnosis and 67,000 additional procedure codes with the ICD-10 system — are merely data extenders (for example, codes that define laterality: right side, left side, bilateral), many codes give insight to new layers of information, such as the specific approach for a procedure or the staging or status of a condition for a diagnosis.
Although many stakeholders are focused on the educational burden and technology costs of these new initiatives, the information that will be available from the greatly expanded new data inputs of ICD-10 will provide immediate access to findings that previously could take years to assemble and report. State-operated discharge databases and claims transactions can be mined to immediately analyze key indicators of population health and clinical quality: the popularity of a specific procedural approach and the associated clinical outcomes of specific approaches to determine most effective clinical protocols, incidence of specific diseases (like diabetes) with a current manifestation to determine patient management of chronic disease conditions, or the status of a condition to identify the prevalence of post-injury follow-up care. In preparation for both HIPAA EDI version 5010 and ICD-10, the Centers for Medicare and Medicaid Services (CMS) will now require their contractors to process more than twice the number of diagnosis and procedure codes than they previously extracted from claims submissions (now 25 each of ICD diagnosis and procedure codes), providing for greater availability of data to develop new national coverage decisions, medical necessity guidelines and clinical demonstration projects.
In this relatively new electronic data age, coupled with the transitions to HIPAA EDI version 5010 and ICD-10, healthcare providers lacking comprehensive data-management plans (comprehensive defined as addressing the collection, use, retention, privacy, security and analysis of data) will face numerous challenges in meeting the data requirements to perform daily functions, submitting a clean claim and higher-level functions of achieving meaningful use. Privacy and security alone are significant challenges in light of a mobile workforce and the ease of sending data electronically via e-mail, social networking, chat and remote applications.
Individual entities may feel overwhelmed when considering the current slate of health information-technology projects underway; however, data management is not solely an HIT concern. Stakeholders, whether provider, payer or other, can begin with the creation of a data-management steering committee, a group to guide the development and execution of a comprehensive data-management plan. This committee would not necessarily create the plan, but serve as a governance body for the plan and also provide necessary checks and balances for data management, specifically in the areas of data use, privacy and security.
A first step for this committee would be to determine the desired future state of various areas to be addressed in the comprehensive plan. Then, the committee or outside consultant should conduct a gap assessment against the current state to determine focused opportunities for action. With the information from the gap assessment, the committee can develop a strategic plan and timeline for implementation. In concert with the plan and timeline, a matrix identifying relevant measures and their benchmarks is necessary. Entities with concerns regarding the cross-functional deployment of a comprehensive data-management plan may wish to engage the services of a HIT consulting firm for the actual drafting of the plan. Regardless, employees at all levels of the organization should be engaged to ensure success.
Data management is the responsibility of all those who create, transmit and receive data. Providers will need to adeptly respond to their burden of responsibility to produce accurate data; payers and government agencies will play a role as data accumulators receiving, processing and analyzing data on a local, regional and national scale; vendors will be expected to provide systems that are certified, secure and allow for ease of analytics of data; and patients will be expected to act on the information that is made available to them to take an active role in their health and demand high quality for their healthcare spend. Lastly, all stakeholders will be expected to follow adopted standards for the collection and reporting of data, to actively exchange data and, most of all, to protect the privacy and security of data.
Mark Danis is vice president of Keane.
For more information on