Experiences from the Front Line – Being a Pilot Site for Governance Principles for Healthcare (IGPHC) Kyle McElroy, MS-HSA, RHIA Assistant Vice President, Health Information Management IASIS Healthcare
What does IG mean to you? Right data at the right time? Safe care for patients? Reduce clinical risk? Reduce cost? Information in one system? http://bok.ahima.org/doc?oid=301386
What does IG mean to you? All forms of information within healthcare http://www.informationarchitected.com/blog/what-is-information-governance/
What does IG mean to others? Finding my correct medical records? Not having to fill out the same two page form every time I visit? Medical records are available to other providers? Ability to share information safely with clinical providers? http://www.modernhealthcare.com/section/himss
In the news: http://www.cnn.com/2016/06/14/health/hipaa-medical-privacy/
In the news: http://www.healthdatamanagement.com/news/information-governance-crucial-as-providers-rely-on-quality-of-data
In the news: http://www.healthcareitnews.com/news/7-largest-data-breaches-2015
In the news: http://www.healthcareitnews.com/news/7-largest-data-breaches-2015
In the news:
In the news: http://www.govtech.com/security/Southern-California-Hospital-Hack-Threatens-Patient-Privacy-Safety.html
In the news: Consumer Demand – Quality Lower Cost – Increase out of pocket Patient Engagement – Patient access to information
Why Information Governance? “IG serves the dual purpose of optimizing the ability to extract clinical and business value from healthcare information while simultaneously meeting compliance needs and mitigating risk. Without some level of information governance, it is difficult – if not impossible– for HCOs to address these needs” http://www.ahima.org/topics/infogovernance/igbasics
Health Information Management’s Role “The HIM professional’s training, experience, and understanding of the clinical, financial, regulatory, and technology aspects of healthcare and information management often makes her/him a natural fit for IG. Working in concert with senior business and clinical leaders, HIM professionals can help strengthen an organization’s performance related to managing information and data that is necessary for achieving strategic goals.” http://www.ahima.org/topics/infogovernance/igbasics
IASIS Healthcare – AHIMA Pilot Site AHIMA’s Information Governance Principles for HealthCare (IGPHC) AHIMA HealthCare Information Governance Maturity Model AHIMA IG Toolkit – tools to facilitate implementation IG Advisory visit Organization webinar series
IASIS Healthcare – AHIMA Pilot Site Why was IASIS interested? DNV requirement to comply with ISO Document Control guidelines (4.2.4 Control of Records) Establish a documented procedure to define the controls needed for record: Identification Storage Protection Retrieval Retention Disposition Keep records legible, readily identifiable, and retrievable.
IASIS Healthcare – AHIMA Pilot Site Why was IASIS interested? CEO concern around data breach Cost savings Elevated need around data conversion (McKesson to Cerner) Establish better coordination of risk between areas Develop metrics
IASIS Healthcare – AHIMA Pilot Site IG Pulse Rate score ~ Getting Started Baseline scoring Identify early gap areas
IASIS Healthcare – IG Charter
IASIS Healthcare – IG Charter
IASIS Healthcare – AHIMA Pilot Site IGHealthRate™ Assessment 2 day event Executive sponsors (CIO & VP Rev Cycle), Chief Privacy Officer, Director IT Security, Director IT Project Management, Director Business Intelligence, Manager Physician Group Compliance, HIM Operations Coordinator, Clinical Document Manager, 3 HIM Directors
Information Governance – Getting Started Leadership & Relating Relevance Clear Goals Knowledge Experts
Leadership & Relating Relevance Think Organization Wide “Dream Big” Patty Thierry Sheridan, 2012 AHIMA President Jump on board without an end view Collection of small projects that forms an organizational culture Project management skills Challenge knowledge gaps Organizational awareness Takes time and effort to create the awareness
Leadership & Relating Relevance Redefining organizational value? Is Health Information Management really IG? https://www.google.com/search?q=business+meeting+pictures&biw=1525&bih=727&tbm=isch&tbo=u&source=univ&sa=X&sqi=2&ved=0ahUKEwiWu7Dhvq_LAhUFeT4KHfEECgIQsAQIGw#tbm=isch&q=leadership+pictures&imgrc=ZSz9CNe1_wWxlM%3A
Leadership & Relating Relevance Invest your own time More than reciting bullet points Develop as a skill similar to coding Connection to current events Healthcare breaches Tie into organizational framework Understand leadership interest
Information Governance Goals Patient Identification (Availability) $95 per duplicate (Hansard, L. (2014). The Risk of Duplicate Patient Records, Gallagher Healthcare Practice) Patient portal Integration with physician group clinics Reduce duplicate testing Limitations in tools offered Challenges with understanding true duplicate rate Cost Reduction = Annual Return on Investment Clean up, conversion costs, single source of truth https://www.ajg.com/media/72413/Duplicate-Patient-Records_healthcare.pdf
Information Governance Goals Destruction of Records (Disposition) Enterprise inventory Utilize storage partner for help Department heads and compliance to support Manual survey of all areas Cost Reduction = Annual Return on Investment Silver reclamation reinvestment, monthly savings Projected annual savings of $100K - $200K per year
Information Governance Goals Data Normalization (Integrity) Knowledge of systems used and purpose Organization of all types of data Understand capture format Standards for format Improve quality Cost Reduction = Annual Return on Investment Reduce system overlap, Value-based purchasing
Information Governance Goals PHI Security (Compliance) Security Management Process (§164.308(a)(1)(ii)(D) Implement procedures to regularly review records of information system activity, such as audit logs, access reports, and security incident tracking reports. Workforce security (§164.308(a)(3)(ii)(A) Implement procedures for the authorization and/or supervision of workforce members who work with electronic protected health information or in locations where it might be accessed. Access Control (§164.312(a)(2)(i) Assign a unique name and/or number for identifying and tracking user identity. Ensure that system activity can be traced to a specific user. Ensure that the necessary data is available in the system logs to support audit and other related business functions. http://www.hhs.gov/hipaa/for-professionals/security/guidance/guidance-risk-analysis/index.html
IG Knowledge Experts IG Advisors™ Formalize Project Maintain Engagement Project Management Use Available Tools
IG Knowledge Experts IG HealthRate™ 3 Hospitals – Baseline Score 2.6 Higher score = Privacy & Security Lower score = IG Structure, Strategic Alignment, IG Performance
Free IG Resources Small projects Add IG to existing committees Email important resources or articles Post content in high traffic areas http://www.ahima.org/topics/infogovernance/igbasics?tabid=resources
ARMA International Generally Accepted Recordkeeping Principles https://www.arma.org/docs/bookstore/theprinciplesmaturitymodel.pdf?sfvrsn=2
Questions? Kyle McElroy KMcElroy@IASIShealthcare.com