Get the E-newsletter
2016 will go down as the year in which the existential threat that healthcare providers face from ransomware became crystal clear.
But a silver lining of the growing number of highly publicized attacks is that hospital leaders are fully on board with marshaling the necessary resources to respond to the threat.
For many provider organizations, in fact, effective, ongoing relationships among their senior leaders may represent the line between success and high-profile failure in combating ransomware.
"This is an issue that has to be understood across the entire C-suite," says Russell Branzell, president and CEO of the College of Healthcare Information Management Executives (CHIME). "It doesn't just have IT or financial ramifications like a lot of background IT functions that might exist. This is really about patient care, daily operations, and for some organizations it could even be an organizational killer."
“We’re certainly seeing [ransomware] as a real threat to the healthcare sector and not just something that is sensationalized,” says Lee Kim, director of privacy and security, HIMSS North America. (Photo: HIMSS)
A February malware attack at Hollywood Presbyterian Medical Center in Los Angeles was the first of a series of cyber assaults on hospitals this year in which attackers encrypted the hospital's patient data and demanded a ransom to release it.
Such assaults have become common, according to emerging research. For instance, 52 percent of the 30 midsized U.S. hospitals contacted by researchers from the Health Information Trust Alliance revealed they had been infected with malicious software.
Hospitals also have been individually reporting an uptick in malware attacks. For instance, Metro Health Hospital in Wyoming, Mich., has seen a noticeable increase in attempted malware attacks over the last 12 months, including one per month since the Hollywood Presbyterian attack, says John Weller, chief information security officer (CISO) at the hospital.
The assaults led the U.S. Department of Homeland Security's Computer Emergency Readiness Team to issue a ransomware alert, which described the main characteristics and prevalence of such attacks and ways to prevent and mitigate the threat.
"We're certainly seeing it as a real threat to the healthcare sector and not just something that is sensationalized," says Lee Kim, director of privacy and security for HIMSS North America, a business unit of the Healthcare Information and Management Systems Society.
For a healthcare organization to effectively respond to the ransomware threat, Branzell says, executive support is needed on both a programmatic and a behavioral level. That means that in addition to prioritizing scarce hospital resources to bolster information security budgets, hospital executives and boards need to make security a priority throughout the organization.
"That support needs to be ubiquitous at every level—whether it is patient care, administration, financial billing, or human resources, it needs to be cross-ordered across the entire organization," Branzell says.
Hospital data security leaders say both the awareness and support of executives and hospitals boards have increased.
"It's been relatively easy to translate what these threats mean for non-IT people, given what may have happened to them personally as a consumer or what is happening in the news," Myra Davis, senior vice president of information services and CIO at Texas Children's Hospital, says about the recent hospital malware attacks. "That has made it pretty easy for the adoption of behavioral changes that we have instituted. I'm pretty optimistic that while it may be painful, I don't think we will meet a lot of resistance."
The need for a robust response is apparent across the industry, with 67 percent of healthcare IT leaders stating that these highly publicized data breaches have affected their security practices, according to a Ponemon Institute survey released in May.
"In years past I would have to try to get people's attention about cybersecurity, and now they are coming to me asking for advice," says Mike Yamamoto, CISO for Beth Israel Deaconess Medical Center, Boston. "The board is asking about cybersecurity and quite focused on it. They want to get to the bottom of what's happening. And it definitely helps having that increased focus."
How Healthcare Organizations Are Focusing on Data Security
The support of executives and hospital boards has proven critical to boosting both security resources and rank-and-file compliance with security adjustments in the wake of the malware attacks, according to hospital security leaders.
"Otherwise people don't take an e-mail from the CIO too seriously," says David Chou, CIO at Children's Mercy Hospital, Kansas City, Mo. "They think the CIO or compliance officer is so risk-averse that that is all they care about and they are ruining our experience utilizing information technology. That has changed and will continue to evolve. It's a lot easier when the organization has your back."
Organizational support has allowed Chou's office to enlist the help of departments such as education, communication, and marketing in sharing knowledge and spreading information. The practical effect of such cooperation cannot be overstated given the key role of education in preventing individual employee actions from devastating an entire organization.
Coming from the IT department, such communications may not even be opened by employees. "Whereas, if it is coming from marketing, it may be something fun and they may have a different reaction," Chou says.
Prioritization has given IT leaders direct access to the board at Texas Children's Hospital, which allowed Sanjeev Sah, director of information security, the opportunity to justify a three-year ramp-up in health IT security spending. His pitch followed a board member's discussion of a news story about IT security spending by healthcare organizations.
"So that drove the direction of how we wanted to respond," Sah says. "It does allow us to have a pretty rapid response if we're able to get these tools and make the investments we were asking to be made."
Davis agrees that the board and executives have set the tone for the organizational response at Texas Children's.
"That doesn't mean that we should abuse that to get everything we need, but we have received the endorsement that's been needed so far to make the right investments and to close the gaps," Davis says.
The practical impact of that leadership support includes faster acceptance by staff of the changes that some security technologies inject into an organization.
"The time that it takes to get to an agreement among different departments is nowhere near the time it would take if you didn't have that sense of urgency at the top," Davis says.
Regular interactions with senior executives about the evolving health IT security threat are key, Kim says, because different executives can bring different insights to addressing cyber risks. But a recent HIMSS Analytics survey of 115 hospital IT and security personnel found many security leaders have only occasional interactions with top-level leadership.
Kim encourages regular face-to-face meetings with executives or, at least, frequent virtual meetings that allow for interaction.
"Security leaders need to translate the risks they are seeing from technical lingo to describing the big impact on other areas of the organization," Kim says.
Relating how the malware threat could impact other departments, such as legal, may not only focus other departmental leaders on the danger but also encourage them to look for vulnerabilities and find solutions.
“It does allow us to have a pretty rapid response if we’re able to get these tools and make the investments we were asking to be made,” says Sanjeev Sah, director of information security, Texas Children’s Hospital. (Photo: Texas Children’s Hospital)
The threat from ransomware and other IT security challenges is expected only to increase as hospitals become repositories of ever-larger quantities of valuable patient electronic health records. Additionally, the nature of the IT security threat changes so rapidly that ongoing education of hospital leaders is critical.
"CIOs and CISOs need to be spending time with their boards to make sure they understand the risks and responsibilities and the oversight that's needed at the board level with something like this," Branzell says.
Hospitals have looked for effective ways to keep their leaders engaged on an issue that, while critical, is not directly focused on the central organizational mission of providing patient care.
Steven Smith, CIO for NorthShore University HealthSystem in Evanston, Ill., finds the threat of malware can be effectively communicated to executives and board members through the use of data—such as the relative black-market value of electronic health record information compared with a credit card number, or the number of emails his security systems manage (the health system receives about 250,000 e-mails each day and blocks all but about 25,000 for various reasons).
"Information like that helps them understand what we're doing in this area," Smith says.
When Sah last updated the Texas Children's board on the malware threat the hospital was facing, he was surprised at the level of detail they wanted. The presentation, which included a simulation of a common way in which such attacks occur, was generally high-level, but the board wanted to know more about the details of the threat. The board's relatively sophisticated knowledge may stem from the inclusion of senior executives from other sectors, whose organizations generally have more advanced IT security systems.
"They were very familiar with what is going on, so they wanted to know what we were doing about it," Sah says.
Hospitals’ Anti-Ransomware Steps
Some organizations have implemented changes to their structure and to the interactions among key leaders to better respond to evolving information security threats.
Beth Israel Deaconess Medical Center established a board subcommittee to review security issues and another subcommittee on overall compliance and risk, through which the CIO communicates with the board. Such meetings occur "a few times each year or more if needed," Yamamoto says.
Metro Health Hospital's board recently created a cybersecurity subcommittee, and the hospital's CIO agrees on the need to increase efforts in this area, Weller says.
"We're an innovation-oriented hospital that tries to leverage technology to benefit patient care," Weller says. "It is sometimes harder for a smaller hospital like ours, and we have to be very strategic with which technology we buy because you can't have everything."
Among the unanswered questions regarding structural responses to the growing health IT security threat is how a hospital should organize its leadership. Slightly more than 50 percent of hospitals have a full-time CISO, while others assign the security executive's role to another officer, such as a CIO or chief technical officer, according to CHIME.
"As we move forward," Branzell says, "can a portion of a person maintain enough expertise to keep their organization as secure as they should?"
Hospitals are split on where the CISO fits in an organizational chart. Many healthcare organizations have the CISO report to the CIO, while in other cases the CISO is a peer of the CIO and reports directly to the CEO or board.
The organizational question is far from academic. "A CISO with an equal voice may lend a hand to being able to more quickly report what is happening with cybersecurity instead of having another layer in the chain," Kim says.
Additionally, higher-ranked CISOs can have more autonomy in hiring and technical asset allocations and greater ability to deviate from the typical three-year lifecycle of technology assets if a cyber threat changes.
But some CISOs say the issue is not so clear-cut. For instance, Sah, who reports to his CIO, says he has independence and receives support for his role and for the information security program from executive leadership at Texas Children's.
"The support and the structure have resulted in positive outcomes more often than not," he says.
His CIO, Davis, says Sah has the authority to communicate with leadership directly, including through one-on-one meetings with the CFO and the hospital's general counsel, privacy group, and legal team.
"I am not in those meetings, and that is intentional," Davis says. "He is a resource to the entire organization. Just like I have the benefit of understanding our risk, it is very important that the rest of the organization has the benefit of understanding that risk."
Similarly, Yamamoto, who also reports to a CIO, says the structure has worked at Beth Israel Deaconess Medical Center because the organization's security initiatives are strongly aligned with the overall initiatives of the CIO.
"We haven't run into an issue where there is a complete butting of heads between what security thinks versus what we're trying to do across the board in health IT," Yamamoto says.
However, he notes that in some industries the common practice is for CISOs to report directly to the CEO or the board.
"It's an evolution, and health care is where it is in its maturity model in terms of security," Yamamoto says. "You can look to other industries to see, perhaps, how that may go."
“It is sometimes a lot harder for a smaller hospital like ours, and we have to be very strategic with which technology we buy because you can’t have everything,” says John Weller, chief information security officer, Metro Health Hospital. (Photo: Metro Health)
Although most say they have positive and productive relationships with their boards, healthcare IT security leaders report ongoing budgetary struggles. Part of the funding challenge is the nature of the demand for IT security, which is not directly related to patient care. Additionally, the growing need for resources in IT security comes amid an industrywide push to reduce healthcare spending and to do more with less.
"There is always more that I want than we will be able to deliver on, in terms of acceptance throughout the organization," says Weller of Metro Health.
But the funding challenge is less steep at some organizations than at others.
For instance, Texas Children's has ramped up its security spending in recent years to 10 percent of the total IT budget. That makes the organization one of the biggest security spenders among providers, according to the HIMSS Analytics survey, which found only 10 percent of provider respondents spent larger shares of their IT budgets on security. Most reported spending between 0 and 3 percent of their budget.
Davis said the relatively large spending commitment at Texas Children's is a testament to what the issue means to the CEO and the board and how vital it is to patients and the organization.
"It wasn't a hard sell or a great deal of negotiating; it was just the honest truth of what was needed," Davis says.
Kim was optimistic that the emerging threats may bolster hospital funding for security.
"We've seen the security spend at healthcare organizations be generally less than in other sectors—but in the last few years there has been more of a business priority toward cybersecurity, so some organizations are allocating more resources, personnel, and updated technology to address what is going on," Kim says.
Frequency of Cyberattacks Against Healthcare Organizations
Part of the challenge of obtaining more funding for the growing IT security threat is the lack of cost-effective and proven investments that will significantly bolster security, according to industry officials.
Metro Health has focused on procuring a "silver bullet" software package expected to provide 80 to 90 percent of the help the organization needs to prevent malware attacks. The package focuses on so-called end-users, or individual computer users, to prevent them from unknowingly opening malware attachments in an e-mail—the most common way in which such attacks are initiated. Malware also can enter through ads that are clicked or even just viewed while browsing the Internet.
A separate communication challenge for healthcare IT security leaders is how to learn from hospitals that have been attacked.
NorthShore's Smith frequently has behind-the-scenes discussions with organizations that have been attacked by malware to learn about the nature of the attacks and effective ways to stop them. However, at times it can be difficult to get information from those publicly identified as under attack, with the affected organizations citing an ongoing investigation or other issues.
“It’s been relatively easy to translate what these threats mean for non-IT people, given what may have happened to them personally as a consumer or what is happening in the news. That has made it pretty easy for the adoption of behavioral changes that we have instituted,” says Myra Davis, senior vice president of information services and CIP, Texas Children’s Hospital. (Photo: Texas Children’s Hospital)
Branzell of CHIME urges hospital security leaders to contact his organization to be put in touch with the IT security leaders of affected hospitals.
"Obviously that helps when we're talking about organizations of similar complexity trying to learn lessons across the board," Branzell says.
Smith said an effective step for his organization has entailed spending a full day with IT security leaders of other health systems or vendors to discuss differences in their responses, the latest vulnerabilities, and different ways to prevent attacks. State hospital associations, HIMSS, and security organizations also provide useful feedback.
Weller of Metro Health obtains security updates from four organizations, including the West Michigan Cyber Security Consortium, which holds quarterly events such as seminars. "Just having that dialogue, that extra conversation, gives you more context about what is going on and what they are spending their money on," Weller says.
Additionally, Metro Health compares its cybersecurity effort to those of 18 other hospitals in Michigan through the Michigan Healthcare Cybersecurity Council, a public-private partnership between the state government and hospitals. Comparisons include the number of staff on security teams, the number responding to incidents, and details of incident response plans.
"We know that we are pretty much in alignment, compared to comparable-size institutions," Weller says. "We don't want to have double the security team because that is another person who is not providing patient care."
Rich Daly is a senior writer/editor for HFMA based in Washington, D.C.
Interviewed for this article:
Russell Branzell, president and CEO, College of Healthcare Information Management Executives.
John Weller, chief information security officer, Metro Health Hospital, Wyoming, Mich.
Lee Kim, director of privacy and security, HIMSS North America.
Myra Davis, senior vice president of information services and CIO, Texas Children's Hospital, Houston.
Mike Yamamoto, chief information security officer, Beth Israel Deaconess Medical Center, Boston.
David Chou, CIO, Children’s Mercy Hospital, Kansas City, Mo.
Sanjeev Sah, director of information security, Texas Children's Hospital, Houston.
Steven Smith, CIO, NorthShore University HealthSystem, Evanston, Ill.
6 Patient Revenue Cycle Metrics You Should Be Tracking (and How to Improve Your Results)
Patient financial engagement is more challenging than ever – and more critical. With patient responsibility as a percentage of revenue on the rise, providers have seen their billing-related costs and accounts receivable levels increase. If increasing collection yield and reducing costs are a priority for your organization, the metrics outlined in this presentation will provide the framework you need to understand what’s working and what’s not, in order to guide your overall patient financial engagement initiatives and optimize results.
10 Ways to Reduce Patient Statement Volume (and Reduce Costs)
No two patients are the same. Each has a very personal healthcare experience, and each has distinct financial needs and preferences that have an impact on how, when and if they chose to pay their healthcare bill. It’s no longer effective to apply static billing techniques to solve the complex challenge of collecting balances from patients. The need to tailor financial conversations and payment options to individual needs and preferences is critical. This presentation provides 10 recommendations that will not only help you improve payment performance through a more tailored approach, but take control of rising collection costs.
Reduce Patient Balances Sent to Collection Agencies: Approaching New Problems with New Approaches
This white paper, written by Apex Vice President of Solutions and Services, Carrie Romandine, discusses the importance of patient segmentation and messaging specifically related to the patient revenue cycle. Applying strategic messaging that is tailored to each patient type will not only better educate consumers on payment options specific to their billing needs, but it will maximize the amount collected before sending to collections. Further, targeted messaging should be applied across all points of patient interaction (i.e. point of service, customer service, patient statements) and analyzed regularly for maximized results.
The Future of Online Patient Billing Portals
This white paper, written by Apex President Patrick Maurer, discusses methods to increase patient adoption of online payments. Providers are now seeking ways to incrementally collect more payments due from patients as well as speeding up the rate of collections. This white paper shows why patient-centric approaches to online payment portals are important complements to traditional provider-centric approaches.
Payment Portals Can Improve Self-Pay Collections and Support Meaningful Use
Increased electronic engagement between healthcare providers and patients provides significant opportunities for improving revenue cycle metrics and encouraging patients to access EHRs. This article, written by Apex Founder and CEO Brian Kueppers, explores a number of strategies to create synergy between patient billing, online payment portals and electronic health record (EHR) software to realize a high ROI in speed to payment, patient satisfaction and portal adoption for meaningful use.
Large Health System Drives 10% UP (Patient Payments) and 10% DOWN (Billing-related Costs)
Faced with a rising tide of bad debt, a large Southeastern healthcare system was seeing a sharp decline in net patient revenues. The need to improve collections was dire. By integrating critical tools and processes, the health system was able to increase online payments and improve its financial position. Taking a holistic approach increased overall collection yield by 10% while costs came down because the number of statements sent to patients fell by 10%, which equated to a $1.3M annualized improvement in patient cash over a six-month period. This case study explains how.
ICD-10: Managing Performance
With the ICD10 deadline quickly approaching and daily responsibilities not slowing down, final preparations for October 1 require strategic prioritization and laser focus.
Clarity Drives Collections
Read how Gwinnett Medical Center provides clear connections to financial information, offers multiple payment options for patients, and gives onsite staff the ability to collect payments at multiple points throughout the care process.
Orlando Health Gains Insight into Denials, Reduces A/R Days with RelayAnalytics Acuity
Read how Orlando Health was able to perform deeper dives into claims data to help the health system see claim rejections more quickly–even on the front end–and reduce A/R days.
Revenue Cycle Payment Clarity
To maintain fiscal fitness and boost patient satisfaction and loyalty, healthcare providers need visibility into when and how much they will be paid–by whom–and the ability to better navigate obstacles to payment. They need payment clarity. This whitepaper illuminates this concept that is winning fans at forward-thinking hospitals.
Streamlining the Patient Billing Process
Financial services staff are always looking for ways to improve the verification, billing and collections processes, and Munson Healthcare is no different. Read about how they streamlined the billing process to produce cleaner bills on the front end and helped financial services staff collect more than $1 million in additional upfront annual revenue in one year.
Wallace Thomson Hospital Automates to Maximize Limited Resources
Effective revenue cycle management can be a challenge for any hospital, but for smaller providers it is even tougher. Read how Wallace Thomson identified unreimbursed procedures, streamlined claims management, and improved its ability to determine charity eligibility.
7 Steps for Building and Funding Sustainability Projects
Before launching an energy-efficiency initiative, it’s important to build a solid business case and understand the funding options and potential incentives that are available. Healthcare leaders should consider taking the steps outlined in the whitepaper to ease the process of gaining approval, piloting, implementing, and supporting sustainability projects. You will find that investing in sustainability and energy efficiency helps hospitals add cash to their bottom line. Discover how hospitals and health systems have various options for funding energy-efficient and renewable-energy initiatives, depending on their current financial structure and strategy.
Key Capital Considerations for Mergers and Acquisitions
Health care is a dynamic mergers and acquisitions market with numerous hospitals and health systems contemplating or pursuing formal arrangements with other entities. These relationships often pose a strategic benefit, such as enhancing competencies across the continuum, facilitating economies of scale, or giving the participants a competitive advantage in a crowded market. Underpinning any profitable acquisition is a robust capital planning strategy that ensures an organization reserves sufficient funds and efficiently onboards partners that advance the enterprise mission and values.
Key Capital Considerations for Mergers and Acquisitions
The success of healthcare mergers, acquisitions, and other affiliations is predicated in part on available capital, and the need for and sources of funding are considerations present throughout the partnering process, from choosing a partner to evaluating an arrangement’s capital needs to selecting an integration model to finding the right money source to finance the deal. This whitepaper offers several strategies that health system leaders have used to assess and manage capital needs for their growing networks.
Trend Watch: Providers adapt as value-based care moves from hype to reality
Announcements from several commercial payers and the Centers for Medicare and Medicaid Services (CMS) early in 2015 around increased efforts to form value-based contracts with providers seemed to point to an impending rise in risk-based contracting. Rather than wait for disruption from the outside in, health care providers are now making inroads on collaborating with payers on various risk-based contracting models to increase the value of health care from within.
Yuma Regional Medical Center case study
Yuma Regional Medical Center (YRMC) is a not-for-profit hospital serving a population of roughly 200,000 in Yuma and the surrounding communities.
Before becoming a ZirMed client, Yuma was attempting to manually monitor hundreds of thousands of charges which led to significant charge capture leakage. Learn how Yuma & ZirMed worked together to address underlying collections issues at the front end, thus increasing Yuma’s overall bottom line.
Reforming with a New 50-Bed Acute Care Facility
Kindred Hospital Rehabilitation Services works with partners to audit the market and the facility’s role in that market to identify opportunities for improvement. This approach leads to successes; Kindred’s clinical rehab and management expertise complements our partners’ strengths. Every facility and challenge is unique, and requires a full objective analysis.
5-Minute Briefing on Revenue Integrity Through HIM WhitePaper Hospitals FS
As the critical link between patient care and reimbursement, health information enables more complete and accurate revenue capture. This 5-Minute White Paper Briefing shares how to achieve cost-effective revenue integrity by your optimizing HIM systems.
5-Minute Briefing on Accelerating Cash Flow Through HIM WhitePaper Hospitals FS
Speedier cash flow starts with better CDI and coding. This 5-Minute White Paper Briefing explains how providers can improve vital measures of technical and business performance to accelerate cash flow.
5-Minute Briefing on Reducing the Cost of RCM WhitePaper Hospitals FS
Qualified coders are getting harder to come by, and even the most seasoned professional can struggle with the complexity of ICD-10. This 5-Minute White Paper Briefing explains how partnerships can help improve coding and other key RCM operations potentially at a cost savings.
Providers Focus Too Much On Revenue Cycle Management
The point of managing your revenue cycle isn’t just to improve revenue and cash flow. It’s to do those things effectively by consistently following best practices— while spending as little time, money, and energy on them as possible.
Lucille Packard Children’s Hospital Stanford Case Study
How Lucile Packard Children’s Hospital Stanford increased payments received within 45 days by 20% and reduced paper submission claims by 70% by using ZirMed solutions.
Using Predictive Modeling To Detect Meaningful Correlations Across Claims Denials Data
The reasons claims are denied are so varied that managing denials can feel like chasing a thousand different tails. This situation is not surprising given that a hypothetical denial rate of just 5 percent translates to tens of thousands of denied claims per year for large hospitals—where real‐world denial rates often range from 12 to 22 percent. Read about how predictive modeling can detect meaningful correlations across claims denials data.
ZOLL and Emergency Mobile Health Care Case Study
Emergency Mobile Health Care (EMHC) was founded to be and remains an exclusively locally owned and operated emergency medical service organization; today EMHC serves a population of more than a million people in and around Memphis, answering 75,000 calls each year.
Maximizing Medicare Reimbursements White Paper
Since the Physician Quality Reporting Initiative (PQRI) introduction, CMS has paid more than $100 million in bonus payments to participants. However, these bonuses ended in 2015; providers who successfully meet the reporting requirements in 2016 will avoid the 2% negative payment adjustment in 2018, so now is the time to act! Included in this whitepaper are implications of increasing patient responsibility, collections best practices, and collections and internal control solutions.
Denials Deconstructed: Getting Your Claims Paid
Getting paid what your physician deserves—that’s the goal of every biller. Yet even for the best billers, achieving that success can be elusive when denials stand in the way of success, presenting challenges at every turn. Denials aren’t going away, but you can learn techniques to manage and even prevent them.Join practice management expert Elizabeth W. Woodcock, MBA, FACMPE, CPC, to: Discover methods to translate denial data into business intelligence to improve your bottom line, determine staff productivity benchmarks for billers, and recognize common mistakes in denial management.
Automation and Operational Improvement Drive Sustainable Results
Physician practices must improve organizational efficiency to compete in this era of reduced reimbursement and escalating administrative costs.
Revenue Cycle Management Resolves Migration Implementation Issues
Many healthcare organizations are pursuing next-generation health information systems solutions. Learn more about Navigant's work with University of Michigan Health System.
Partnering For Success – Provider Achieves Strength in Stability
The proper implementation of healthcare information technology systems is crucial to an organization’s financial health.
Building a Clinically-Integrated Network
As value-based payment models evolve, providers are challenged to maintain superior clinical outcomes while controlling costs.
Winning in the Post-Acute Marketplace
Read more about factors contributing to the changes in the post-acute marketplace and what it means for manufacturers, physicians, clinicians, patients, and post-acute facilities as they anticipate the transition to the second curve.
Building A Common Vision with Employed Physicians
HSG helped the physicians and executives of St. Claire Regional in Morehead, Kentucky, define their shared vision for how the group would evolve over the next decade. As well as, develop the strategic and operational priorities which refocused and accelerated the group’s evolution.
Practice Performance Improvement
The client was a nine-hospital health system with 14 clinics serving communities in a multi-state market with very limited access to care, poor economic conditions, high unemployment, and a heavy Medicare/Medicaid/uninsured payer mix. In most of these communities, the system was the sole source of care.
Though the clinics were of substantial size (they employed 98 physicians) and comprised of multiple specialists, the physicians functioned as individuals and the practices lacked any real group culture.
Clinical Integration Without Spending a Fortune
Clinical integration can be expensive, but it doesn’t have to be, as this four-step road map for developing a CIN proves. Does it have to cost millions to initiate a clinical integration strategy?
Contrary to popular belief, we have clients who have generated substantial shared savings and a significant ROI over time, without massive investments. Yes, some financial capital is required for resources the CIN providers can’t bring to the table themselves. But the size of that investment can be miniscule relative to the value it produces: improved outcomes and documentation for payers.
Adding Value to Physician Compensation
Today’s concerns about physician compensation are the result of the changing healthcare environment. The transition to value is slow, but finally becoming a reality. Proactive hospitals want to ensure that provider incentives are properly aligned with ever-increasing value-based demands.
This report focuses on the three big questions HSG receives about adding value to physician compensation; Why are organizations redesigning their provider compensation plans? What elements and parameters must be part of successful compensation plans? How are organizations implementing compensation changes?
Effective Revenue Cycle Management in Your Network
Revenue Cycle Management has become an even more complex issue with declining reimbursements, implementation of Electronic Health Records, evolving local carrier determinations (LCD), and payer credentialing [The emphasis on healthcare fraud, abuse and compliance has increased the importance of accuracy of data reporting and claims filing).
The efficiency of a medical practice’s billing operations has critical impact on the financial performance. In many cases, patient billings are the primary revenue source that pays staff salaries, provider compensation and overhead operating cost. Inefficiencies or inaccurate billing will contribute to operating losses.
Succeeding in Value-Based Care
This publication identifies and outlines the necessary characteristics of a fully-functioning clinically integrated network (CIN). What it doesn’t do is detail how hospitals and providers can participate in the value-based care environment during the development process.
One common misconception is that the CIN can’t do anything significant until it has obtained the FTC’s “clinically integrated” stamp of approval. While the network must satisfy the FTC’s definition of clinical integration before single signature contracting for FFS rates and contracts can legally start, hospitals and providers can enjoy three key benefits during the development process.
Therapy: Benefits at All Levels of Care
Nearly half of all Medicare beneficiaries treated in the hospital will need post-acute care services after discharge. For these patients, a stay in an inpatient rehabilitation facility, skilled nursing facility or other post-acute care setting comes between hospital and home.
Does Your Budgeting Process Lack Accountability?
With the proper process, tools, and feedback mechanisms in place, budgeting can be a valuable exercise for organizations while helping hold organizational leaders accountable. Having a proper monthly variance review process is one of the most critical factors in creating a more efficient and accurate budget. Monthly variance reporting puts parameters around what is to be expected during the upcoming budget entry process.
Cost Accounting: the Key to Cost Management and Profitability
Managing the cost of patient care is the top strategic priority of most hospital CFOs today. As healthcare shifts to more data-driven decision making, having clear visibility into key volume, cost and profitability measures across clinical service lines is becoming increasingly important for both long-range and tactical planning activities. In turn, the cost accounting function in healthcare provider organizations is becoming an increasingly important and strategic function. This whitepaper includes five strategies for efficient and accurate cost accounting and service line analytics and keys to overcoming the associated challenges.