Author Archives: Jim Younkin

  • 0

CedarBridge Group and Stella Technology Showcase Project on Interoperability in Action Day

Jim Younkin

CareApprove™ puts health data exchange in patients’ hands with a mobile patient consent app that’s now in final round of Move Health Data Forward Challenge.

Today during a live webinar hosted by the Office of the National Coordinator for Health Information Technology (ONC) for thousands of participants nationwide, CedarBridge Group presented the new patient consent app, CareApprove as part of 2017 Interoperability in Action Day. With this milestone for CareApprove, patients are one step closer to directing how their individual health data flows. The ONC announced in late February that CedarBridge Group LLC was awarded a phase two funding prize of $20,000, and was invited to participate in the third and final phase of the Move Health Data Forward Challenge (MHDFC).

Under the provisions of the America COMPETES Act, MHDFC is a nationwide competition to incentivize development of application programming interface solutions that will allow individuals to securely and electronically authorize the movement of their health data. With this news, CedarBridge has accelerated testing of their revolutionary new app, CareApprove, aided by Stella Technology, Inc.

CareApprove is a smart phone app that allows patients to grant, and to revoke, permission for providers across the care team to access, send, or receive health information electronically. Due to a patchwork of federal and state requirements for collecting patient consent for sharing health information, many healthcare organizations simply choose to lock down all sensitive health data, even when patients want their providers to have a full picture of their health status when they arrive for an appointment. CareApprove helps solve this problem by putting patients in charge of how their health data is shared among providers engaged in their care, even when sensitive data is involved.

The CareApprove app will allow patients to determine whether their health data is made available to all healthcare providers they have a medical relationship with, or released on a case-by-case basis for treaent or care coordination.

As a strategy to achieve ONC’s goals for expanding consumer-mediated health information exchange, the MHDFC competition requires using the Health Relationship Trust (HEART) privacy and security specifications for the patient authorization aspects of the app design. The CareApprove app incorporates the HEART requirements with rigorously compliant security. By putting the power of data-sharing permissions directly in the hands of patients, CareApprove will resolve many of the vexing legal questions facing healthcare organizations storing and sharing health records.

“We are gratified the ONC evaluators have recognized the potential in our CareApprove app, and that our solution is advancing to the next round of this unique competition,” said Carol Robinson, Principal and founder of CedarBridge Group. “Organizations in every part of the healthcare sector struggle to manage patient consent across multiple provider groups and care delivery sites. These barriers must be brought down to achieve truly integrated healthcare, where critical information about a patient’s condition is available to trusted—and patient-approved– providers.”

“Our next step in making CareApprove available across all healthcare sectors is to demonstrate the flexibility of the app, with a wide variety of use cases.” said Jim Younkin, CedarBridge Group Chief Technology Officer. “Health information exchange services vary across the country, so we’ve designed CareApprove to work with common technology architectures. CareApprove can be easily implemented with Direct secure messaging protocols and can also support query-based exchange, where that’s an available option.”

“Stella Technology is excited to keep pushing forward with CedarBridge Group on this innovative solution to one of health information exchanges’ toughest problems,” said Salim Kizaraly, Senior Vice President of Business Development and Founder. “We’re confident our real-world testing will be successful in any situation, since we’re building the system to connect with a state or regional health information exchange, or to operate independently with a provider’s office by integrating seamlessly with their electronic health records system.”

The five Phase 3 teams have until May 1, 2017 to complete their demonstration pilot projects. Two winners of Phase 3 will each receive $50,000; the awards will be based on the judging team’s assessment of implementation viability for the winning solutions.

 


  • 0

CedarBridge Group and Stella Technology CareApprove Project Advances to Phase 2 in HHS Move Health Data Forward Challenge.

Jim Younkin

What if we put health data control in patients’ hands? CareApprove™ can do it.

We are thrilled to announce that today, patients are a little closer to directing how their individual health data flows. The Office of the National Coordinator for Health Information Technology (ONC) announced today that CedarBridge Group LLC has been awarded a phase one funding prize of $5,000, and will participate in the second phase of the Move Health Data Forward Challenge (MHDFC).

Through the America COMPETES Act, MHDFC is a nationwide competition to incentivize development of solutions that will allow individuals to authorize the movement of their health data electronically. With this news, CedarBridge and our partner, San Jose based HIT services and product technology developer Stella Technology, Inc. will set to work on prototyping the revolutionary new app, CareApprove.

CareApprove is a smart phone app that allows patients to grant—and revoke— permission for providers to access, send, or receive health information electronically.  CareApprove is designed to put patients in charge of how their health data is shared, which is critical for data related to behavioral health, substance use disorders or sexually transmitted infections. Complex federal and state requirements for collecting patient consent to share health information mean that many healthcare organizations choose to lock down sensitive health data, even when patients want their providers to have a full picture of their health.

The CareApprove app will let patients choose whether their health data is made available to all healthcare providers they have a medical relationship with, or released on a case-by-case basis for treatment or care coordination.

As a strategy to achieve ONC’s goals for expanding consumer-mediated health information exchange, the MHDFC competition requires using the Health Relationship Trust (HEART) privacy and security specifications in the app design. The CareApprove app incorporates the HEART requirements with rigorously compliant security. By giving the power of data-sharing permissions to patients, CareApprove will resolve many of the vexing legal questions facing healthcare organizations that store and share health records.

Managing patient consent among providers is one of the toughest challenges we see, and often, critical information about patients’ conditions is hidden from their trusted providers. CareApprove not only solves this problem from a legal standpoint, but also engages patients more in their own care decisions.

CareApprove is powerful because it is flexible. We’ve designed it to work with common technology standards so that CareApprove™ can be implemented easily using query-based exchange, or with Direct Secure Messaging.

For now, it’s on to Phase 2. We have until mid-January to prepare a prototype with a video demonstration, and an implementation plan for a project pilot. Phase 2 of the MHDFC challenge will provide $20,000 for up to five finalists to prove “real life” value through pilot demonstrations by May 1, 2017. Two Phase 3 winners will each receive $50,000, based on the judging team’s assessment of implementation viability for the winning solutions.  We’re confident we can go all the way. We’ll keep you posted!


  • 0

Can Patient Attribution Cause HIPAA Violations?

Jim Younkin

A recent story in Oregon’s Lund Report, Longview Hospital Appears to be Accessing Non-Patient Prescription Data, raises concerns about patient attribution and responsibility for unpermitted disclosures and/or breaches of protected health information (PHI). The report alleges, “when doctors leave PeaceHealth St. Johns Medical Center, officials there are able to access prescription records for the physician’s new patients – even when those patients are not affiliated with the PeaceHealth system.” What can we take away from this incident, and how can organizations ensure they are not—even inadvertently—violating federal and state laws that are designed to protect patient privacy?

The article demonstrates the importance of strong policies and procedures to guide health information exchange services that make outside patient information available for treatment. Even as organizations seek efficiency and better care coordination through technology, whistleblowers, patient advocates, and the legal community will not allow “business as usual” responses to unpermitted disclosures of PHI because of inadequate or ignored policies around accessing patient information. HIPAA violations are not cheap. According to the American Medical Association, penalties for violations can range from $100 to $50,000 per violation (or per record), with a maximum penalty of $1.5 million per year.

It is essential that provider organizations have proper controls to prevent unpermitted disclosures when leveraging health information exchange (HIE) services. Procedures that prevent employees from accessing health records after they leave employment of a healthcare provider organization can be confounded by systems that allow access from home computers. HIPAA Security and Privacy violations can arise unless organizations have termination procedures in place, and follow them religiously.

It appears the problem in the PeaceHealth case was that a physician’s National Provider ID (NPI) was used to identify which patient external records in the CoverMyMeds system could be accessed by the health care system’s employees. When the physician left PeaceHealth, their NPI should have been immediately “disassociated” with the PeaceHealth system so that PeaceHealth would no longer receive patient records associated with that physician. The story’s source contends that patient records from the physician’s new practice could be accessed by PeaceHealth employees.

Similar problems can occur with HIE services that deliver PHI to any HIPAA Covered Entity, including hospitals, physician practices, payers and accountable care organizations based on patients that have been attributed to these organizations for Treatment, Payment, and/or Healthcare Operations. If those attributions, or rules that govern them, are not kept current, PHI could be inappropriately delivered to a covered entity after the patient (or physician) has moved on.

The obvious lesson here is that HIPAA covered entities using such services must have controls in place to ensure NPI information is immediately updated when a provider leaves, or when patients or members should no longer be attributed to their organization, and should conduct training and auditing to ensure those procedures are followed.

Additionally, this case shows that patients should have control over, and easy visibility into who uses their PHI. Access could be set up proactively so that patients can designate their primary care provider or specialist, and determine when information can be shared with other providers. They should be able to keep an updated list of their providers if they choose. In the past, ideas like this were dismissed as impractical, or “wishful thinking.” However, with more than 70% of adults using smart phones in 2015, real-time patient-directed approval of PHI-sharing is now possible. Mobile technology enables consumers to control many aspects of their life; why not put control of our PHI directly in our own hands?

Has your organization discussed issues like this, and what steps have you taken to avoid a similar problem?

jy_blog1


  • 0

HIEs are Not Dead Yet

Jim Younkin

One thing we have learned from the HIEs with sustainable business models is that there is more to health information exchange services than just query-based exchange. The first of the ONC Learning Guides points to the value of ADT notifications to keep all caregivers informed about where their patient is receiving care outside of their practice or health system. This is a huge benefit to patient centered medical homes, ACOs, and other value-based programs. Maryland’s CRISP HIE has generated significant value by providing an encounter notification service for its members as well as other states. 

Even better, is the ability to have clinical information automatically pushed to members of the care team based on a subscription to their list of patients so they can see what happened with their patient after they left their facility. KeyHIE, another successful HIE, has created value for its members through its Information Delivery Service. This is critical for hospitals that participate in the CMS Bundled Payment for Care Improvement initiative, because it provides the hospitals with post-discharge information during the 90-day period for which the hospitals are responsible. And most importantly, they receive this information in real-time, as soon as it is generated by long-term care, home health, and even other hospitals, so the BPCI facility can help to coordinate care for those patients enrolled in that program. Other bundled-payment initiatives like Comprehensive Joint Replacement and newly proposed bundles for cardiac care will have similar post-discharge requirements.

The real significance of these two highly valuable push-type services is that they both require disparate healthcare providers to be linked together through some kind of network so the others can receive notices and clinical information in a proactive manner. As good as it is, query-based exchange, like those supported by EHR vendors cannot currently provide this level of functionality needed to support the risk-sharing programs of today and the near-future. Until this kind of pro-active interoperability can be generated by other means, there will continue to be a need for robust health information exchange services. Don’t write them off too soon.


  • 0

Finding Your Passion in Health IT

Jim Younkin

For some time now, I have been thinking about the best way to use my skills to improve healthcare overall. I have been with the Geisinger Health System for almost 12 years, where I co-founded the Keystone Health Information Exchange (KeyHIE) and provided administrative and technical services for the Keystone Beacon Community, which demonstrated reductions in emergency visits and readmissions for patients with heart and lung disease by using care coordination and health information exchange services.

During this last year, as I completed my MBA from Temple, I realized my time to make a difference in healthcare is limited. I think many IT professionals go into healthcare fields because we want to a part of something bigger; we want to know that the work we do every day is going to make people’s lives better in some way. Most of us could have made more money in some other industry, and while money is important, it’s not always the most important thing driving our career choices.

More often, we are motivated by the potential to make a difference to the life of a friend, a family member, or a co-worker who is faced with a chronic or life-threatening illness. And that person, who is dear to us, is struggling with some part of this health care “system” that seems to continually fail them in some way or another. And while we know health IT isn’t the answer to every problem in healthcare, we believe strongly in the improvements that information technology can bring to patients and their families, as well as for providers using better IT systems and tools.

I have cherished my time at Geisinger, and especially the amazing people I was able to work with along the way, including those within the system, those in our community and those across the nation that we were blessed to partner with over the years. But with time seeming shorter each week and each year, I want to strive for a much larger impact than I felt was possible within a single health system, a single HIE, inside a single state.

I began looking for an opportunity to work in one of three areas; consulting, the federal government, or with a software development company. Consulting would give me the opportunity to spread my knowledge nationwide as well as outside the U.S. This has particular appeal due to my realization during a recent speaking engagement in Zhuhai, China, that even countries where governments set a lot of standards are challenged with implementing standards-based health IT and interoperability among systems. Possibly through consulting I could help other parts of the world embrace some of the technologies to improve care coordination and population health that are emerging in the U.S., Europe, and several other countries around the globe.

I also considered looking for a role with a federal agency, testing strategies for transforming the U.S. healthcare delivery system with enabling health IT. I thought that through policies or large programs, I could be a cog to help turn the wheels faster toward a more interoperable country, with an eye toward global implications. Finally, I considered pure software development where I could work with a vendor to build something new and innovative, and take this solution to providers around the world to make it a better place.

When I found CedarBridge Group and began talking with the growing team of passionate consultants working there, I realized I didn’t have to limit myself to choosing only one avenue to make a difference in our world. As a consulting company specializing in health IT, CedarBridge assists clients across the U.S. advance their use of health information exchange, telemedicine, and other technology solutions, while also focusing on what it takes to develop programs and policies that deliver a strong ROI for stakeholders while keeping patients at the center of their own care. CedarBridge is supporting state and local governments, as well as working with federal agencies to address population health improvements. CedarBridge also works with leading private sector companies, including Intel Corporation where, as a self-insured purchaser of healthcare for employees and families, Intel is driving delivery system improvements through the use health IT. Check out their mind map for details about everything they are in to. I’m very excited to embark with the CedarBridge Group as their new Chief Technology Officer, where I can have a maximum opportunity to identify promising technologies, develop them both internally and through partnerships, and see them come to life in communities across the nation and one day around the globe.

Is it going to be hard work? Heck yeah! But in the words of Simon Sinek, “working hard for something we don’t care about is called stress, working hard for something we love is called passion.” Find your passion, and make your mark on the world. Our time here is short.