Posted: August 6th, 2022

iNFORMATION SYSTEMS

 Please read “Case 16: The admitting system crashes” on page 506-507 of the textbook and discuss either question 1 or question 2 at the end of the case. You only need to pick one of the two questions to discuss and please include the question number in your post. You can comment on any posts, not limited to those discussing the same question as you did. 

(200 words) 

Chapter Ten

Performance Standards and Measures

Health Care Information Systems: A Practical Approach for Health Care Management

Karen A. WagerIFrances Wickham LeeIJohn P. Glaser

Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

  • To explain the significant role of health information in national private andpublic quality improvement initiatives
  • To compare and contrast licensure, certification, and accreditation processes
  • To discuss the role of the Joint Commission and the National Committee forQuality Assurance in ensuring the quality of care in the US
  • To understand performance measurement development in the US
  • To identify the roles of specific public and private organizations in thedevelopment and endorsement of national performance measures
  • To understand the origins and uses of major health care comparative data sets

Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

Learning Objectives

Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

  • Licensure
  • , certification, and accreditation

  • The Joint Commission
  • National Committee for Quality Assurance (

    NCQA

    )

  • Data sources for quality measures
  • Comparative health care data sets
  • Quality improvement
    • –Federal initiatives
    • –CMS initiatives

    Outline

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

      Licensure
    • –The process that gives a facility legal approval to operate
    • –State governments oversee the licensure of health care facilities
    • Certification
    • –Gives a health care organization the authority to participate in the federalMedicare and Medicaid programs
    • –CMS developed minimum standards, conditions of participation (CoPs)
    • Accreditation
    • –Voluntary, external review process
    • –Financial and legal incentives for accredited organizations

    Definitions

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    • An independent, not-for-profit organization
    • Best-known health care accrediting agency in the US
    • Site-surveys every 3 years(2 years for laboratories)
    • Standards manuals are publishedannually
    • Categories of accreditation
    1. Preliminary accreditation
    2. Accreditation

    3. Accreditation with follow-up survey

    The Joint Commission

    1. Contingent accreditation
    2. Preliminary denial of accreditation
    3. Denial of accreditation

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    • Record of Care (RC), Treatment, and Services Standards
    • –Content needed for a complete health record, regardless of its format
    • Information Management (IM) Standards
    • –Apply to bothnoncomputerizedsystems and systems with the latesttechnologies

    StandardsThe Joint Commission

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    • National Committee for Quality Assurance (NCQA)
    • Leading accrediting body for health plans
    • –Quality management and improvement
    • –Utilization management
    • –Credentialing andrecredentialing
    • –Member’s rights and responsibilities
    • –Member connections
    • –Medicaid benefits and services
    • –Health effectiveness data and information set (
    • HEDIS
    • )

    NCQA

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    • Crossing the Quality Chasm
    • –Published in 2001 by Institute of Medicine (IOM)
    • –Outlined 6 aims for establishing quality health care
    • Safe
    • Effective
    • Patient-centered
    • Timely
    • Efficient
    • Equitable

    Quality of Care

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    • Administrative Data
    • –Claims databases
    • Disease registries
    • –Data on patients with specific conditions
    • Health records
    • –Detailed patient information
    • Qualitative data
    • –Patient surveys or interviews

    Quality CareData Sources for Measures

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

      HEDIS
    • –Set of health care performance measures
    • –90% of health plans in the US collect and report HEDIS data
    • Clinicalquality measures (CQMs)
    • –Identified and updated by CMS each year
    • –Developed by private organizations, health care societies,collaboratives,alliances, and government agencies
    • –Required for accreditation by the Joint Commission

    Quality CareMeasurement Development

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    • Comparative health data sets
    • –Benchmarking
    • : comparing one or more performance measures against astandard

    • Patient satisfaction data sets
    • –Survey data
    • –Agency for Healthcare Research and Quality (AHRQ)
    • Consumer Assessment of Healthcare Providers and Systems (CAHPS) program
    • Practice patterns data set
    • –Dartmouth Atlas: interactive, online tool funded by the Dartmouth Institutefor Health Policy and Clinical Practice

    Data Sets

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    • Clinical data sets
    • –Quality Check: established by the Joint Commission
    • –Hospital Compare: sponsored by CMS
    • Comparative data for health plans
    • –NCQA health care report cards
    • –Accessible athttp://reportcard.ncqa.org

    Data Sets

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    • Patient Safety Act
    • –Patient safety organizations (PSOs): responsible for the collection andanalysis of health information that is referred to in the Final Rule as patientsafety work product (PSWP)
    • –PSWP: contains identifiable patient information covered by specificprivilege and confidentiality protections
    • Incidents
    • Near misses (or close calls)
    • Unsafe conditions
    • –Common formats: established by AHRQ to help providers uniformly reportpatient safety events

    Quality ImprovementFederal Initiatives

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    • National Quality Strategy (NQS)
    • –Established by the Affordable CareAct
    • –3 broad aims
    • Better care
    • Healthy people/healthycommunities
    • Affordable care
    • –“Levers” to ensure alignment withthe NQS
    • Measurement and feedback
    • Public reporting
    • Learning and technical assistance
    • Certification, accreditation, regulation
    • Consumer incentives & benefit designs
    • Payment
    • Health information technology
    • Innovation and diffusion
    • Workforce development

    Quality ImprovementFederal Initiatives

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    • Original value-based programs were an attempt to link performance onendorsed quality measures to reimbursement
    • –Hospital value-based purchasing (HVBP)
    • –Hospital readmissions reduction (HRR)
    • –Hospital-acquired conditions (HAC)
    • –Value modifier (VM) (or Physician value-based modifier [PVBM])
    • The Medicare Access and CHIP Reauthorization Act (
    • MACRA
    • )

    • –Enacted in 2015
    • –Streamlines quality programs under the Merit-based Incentive PaymentSystem (MIPS)

    Quality ImprovementCMS Programs

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    • Licensure, certification, andaccreditation
    • The Joint Commission

    • National Committee for QualityAssurance (NCQA)
    • Datasources for qualitymeasures
    • –Administrative data
    • –Disease registries
    • –Health records
    • –Qualitative data
    • Measurement development
    • –HEDIS
    • –CQMs
    • Comparativehealth care datasets
      –Benchmarking

    • –Patient satisfaction
    • –Practice patterns
    • –Clinical data
    • –Comparative data for health plans

    Summary

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    • Qualityimprovement
    • –Federalinitiatives
      Patient Safety Act

    • Patient safety workproduct (PSWP)
    • National Quality Strategy (NQS)

    • –CMSinitiatives
    • Value-based programs
    • MACRA

    • –MIPS

    Summary

    Chapter Nine

  • Privacy
  • and

  • Security
  • Health Care Information Systems: A Practical Approach for Health Care Management

    Karen A. WagerIFrances Wickham LeeIJohn P. Glaser

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

  • Distinguish among privacy, confidentiality, and security as they relate to healthinformation
  • Identify the purpose of the Privacy Act of 1974 and 42 C.F.R. Part 2,
  • Confidentiality
  • of Substance Abuse Patient Records

    Describe and discuss the impact of the

  • HIPAA
  • Privacy, Security, and BreachNotification rules

  • Identify threats to health care information and information systems caused byhumans (intentional and unintentional), natural causes, and the environment
  • Understand the purpose and key components of the health care organizationsecurity program and the need to mitigate security risks
  • Discuss the increased need for and identify resources to improve cybersecurityin health care organizations
  • Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    Learning Objectives

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    Outline

    • Privacy, confidentiality, and security
    • Legal protection
    • HIPAA

    Privacy Rule

    Security Rule

    Breach Notification Rule

  • Threats
  • Cybersecurity
  • NIST
  • Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

      Privacy
    • –An individual’s right to be left alone and to limit access to his or her healthcare information
      Confidentiality
    • –Addresses the expectation that information shared with a health careprovider during the course of treatment will be used only for its intendedpurpose and not disclosed otherwise
      Security
    • –The systems in place to protect health information and the systems withinwhich it resides

    Definitions

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    • Federal HIPAA Privacy, Security, and Breach Notification rules
    • State privacy laws
    • Federal Trade Commission (FTC) Act consumer protection
    • The Privacy Act of 1974
    • –Protected patient confidentiality only infederally operatedhealth carefacilities
    • Confidentiality and Substance Abuse Patient Records
    • –Set stringent release of information standards, designed to protect theconfidentiality of patients seeking alcohol or drug treatment

    Legal Protection

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    • 1996: Signed into law
    • First comprehensive federal regulation to offer specific protection toprivate health information
    • 2003:
    • HIPAA Privacy Rule
    • 2005:
    • HIPAA Security Rule
    • Defines covered entities (CE) to which these rules apply

    HIPAA

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    • Defines PHI
    • –Relates to a person’s physical ormental health, the provision ofhealth care, or the payment forhealth care
    • –Identifies the person who is thesubject of the information
    • –Is created or received by a coveredentity
    • –Is transmitted or maintained in anyform (paper, electronic, or oral)
    • 5major components
    • –Boundaries
    • –Security
    • –Consumer control
    • –Accountability
    • –Public responsibility

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    HIPAA
    Privacy Rule

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    • Written authorization required forallnonroutineuses or disclosureof PHI
    • –School
    • –Relative
    • PHI can be released withoutpatient authorization in someinstances
    • –Presence of a communicabledisease
    • –Suspected child or adult abuse
    • –Legal duty to warn of a clear andimminent danger from a patient
    • –Bona fide medical emergency
    • –Valid court order

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    HIPAA

    Patient Authorization

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    • Elementsof a valid release form
    1. Patient identification (name, DOB)
    2. Name of person/entity to whom theinformation is being released
    3. Description of specific healthinformation authorized for disclosure
    4. Statement of reason/purpose of thedisclosure
    5. Date, event, or condition which theauthorization will expire, unlessrevoked earlier
    6. Statement that authorization issubject to revocation by patient/legalrepresentative
    7. Patient’s/legal representative’ssignature
    8. Signature date (must be after date ofencounter that produced theinformation to be released)

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    HIPAA
    Patient Authorization

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    • GovernsePHI
    • Protected health information maintained or transmitted in electronic form
    • May be stored in any type of electronicmedia
    • HIPAA Security Administrative Safeguards
    1. Security management functions
    2. Assigned security responsibility
    3. Workforce security
    4. Information access management
    5. Security awareness andtraining

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    HIPAA
    Security Rule

    1. Security incident reporting
    2. Contingency plan
    3. Evaluation
    4. Business associate contracts andother arrangements

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    • HIPAA Security PhysicalSafeguards
    1. Facility access controls
    2. Workstation use
    3. Workstation security
    4. Device and media controls
    • Policies, Procedures, andDocumentation
    • HIPAA Security TechnicalSafeguards
    1. Access control
    2. Audit controls
    3. Integrity
    4. Person or entity authentication
    5. Transmission security

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    HIPAA
    Security Rule

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    • Requires CEs and their business associates to provide notificationfollowing a breach ofunsecuredprotected health information
    • –Unsecured: PHI that has not been rendered unusable, unreadable, orindecipherable to unauthorized persons through the use of a technologyor methodology specified by the Secretary in guidance
    • –Secured: encrypted using a valid encryption process, or the media onwhich the PHI is sorted have been destroyed

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    HIPAA
    Breach Notification Rule

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    • Who is notified?
    • –Individuals affected
    • –Health and Human Services Secretary (via the
    • Office for Civil Rights
    • )

    • –Major media outlets

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    HIPAA
    Breach Notification Rule

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

      Office for Civil Rights
    • –Responsible for enforcing the HIPAA Privacy and Security rules
    • State attorneys general
    • –Given authority by HITECH to bring civil actions on behalf of the residentsof their state for HIPAA violations

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    HIPAA

    Enforcement

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    • Tiered scheduled (both civil and criminal penalties)
    • Civil penalties involve fines
    • –Cannot be levied if resolved within a specified period of time
    • Criminal penalties involve jail time (anywhere from 1 to 10 years)

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    HIPAA

    Violation Penalties

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    • Human tampering threats
    • –Intentional or unintentional
    • –Internal or external
    • Natural and environmental threats
    • Environmental factors and technology malfunctions

    Threats

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    • General term for software that is written to “infect” and subsequentlyharm a host computer system
    • Commons forms of malware
    • –Viruses
    • : infects the host system and spreads itself

    • –Trojans
    • : designed to look like a safe program; steals personal informationor takes over the resources of the host computer

    • –Spyware
    • : tracks Internet activities assisting the hacker in gatheringinformation without consent

    • –Worms
    • : replicates itself and destroys files on the host computer

    • –Ransomeware: encrypts and locks folders; demands money to unlock

  • Malware
  • Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    1. Lead your culture, select your team, learn
    2. Document your process, findings, and actions
    3. Review existing security ofePHI/Perform security risk analysis
    4. Develop an action plan
    5. Manage and mitigate risks
    6. Attest for meaningful use security related objectives
    7. Monitor, audit, and update security on an ongoing basis

    Security Management Process

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    1. Protect mobile devices
    2. Maintain good computer habits
    3. Use a firewall
    4. Install and maintain antivirus software
    5. Plan for the unexpected (i.e., create backups)
    6. Control access to PHI
    7. Use strong passwords
    8. Limit network access
    9. Control physical access

    Cybersecurity

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    • National Institute of Standards and Technology (NIST)
    • Developed a cybersecurity framework to reduce cyber attack risks
    • –Framework Core
    • (identify, protect, detect, respond, recover)

    • –Framework implementation tiers
    • –Framework profile

    NIST

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    Summary

    • Privacy, confidentiality, security
    • HIPAA Privacy Rule

    • –Authorization
      HIPAA Security Rule
    • –Administrative safeguards
    • –Physical safeguards
    • –Technical safeguards
    • –Policies, procedures,documentation
    • HIPAA Breach Notification Rule
    • HIPAA Enforcement
    • –Office of Civil Rights
    • –State attorney general
    • Violation penalties
    • –Fines and jail time
      Threats
    • –Human
    • –Natural
    • –Environmental

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    Summary

      Malware
      –Viruses
      –Trojans
      –Spyware
      –Worms

    • –Ransomware
    • Security management process
    • Tips for cybersecurity
    • NIST cybersecurity framework
      –Framework Core

    • –Framework Implementation Tiers
    • –Framework Profile

    Health Care Information Systems: A Practical Approach for Health Care Management, 4th editionK. WagerIF. LeeIJ. Glaser

    Expert paper writers are just a few clicks away

    Place an order in 3 easy steps. Takes less than 5 mins.

    Calculate the price of your order

    You will get a personal manager and a discount.
    We'll send you the first draft for approval by at
    Total price:
    $0.00