Is it Spam? This week in Healthcare Fraud email
Turn Your Android Device into a Swiss Army Knife for Security

The Affordable Care Act Will Depend on Secure Access for Success

The Affordable Care Act (ACA) is completely reshaping how Americans think about, participate in and receive services through our healthcare system. While we are still early in the implementation cycle, it appears that advanced technologies will be key enablers for ACA:  High-speed broadband networks, high-density servers and storage systems, various forms of cloud computing will all combine to facilitate the rollout of this ambitious overhaul of U.S. healthcare. Given the nature and sensitivity of healthcare-related information, these technologies must be further complemented to facilitate secure information flow.  Secure access solutions accommodate secure information transfer by taking into consideration privacy needs and regulation; to date, secure correspondence and secure healthcare information transfer have received little attention in the healthcare debates. However, healthcare providers, insurance companies and other payer organizations and patients/consumers cannot securely and confidently share patient records and other information if high-performance remote access solutions are present.

Multiple Healthcare Trends Drive the Need for Secure Access

Healthcare is changing in three meaningful ways and the Affordable Care Act will stimulate growth in these areas:

Medical practice in the digital age. U.S. medical professionals are rapidly moving into the digital age, a trend that started even before the passage of ACA.  More than two-thirds (69 percent) of doctors used electronic health records (EHRs) in 2012, up from just 46 percent in 2009.  While American doctors lag their brethren in much of the developed world, it seems likely they will catch up or even surpass doctors in other countries. 

Ensuring high-quality healthcare to rural America is a critical component of successfully rolling out ACA.  More than 20 percent of Americans live in rural areas, tend to be older, have lower incomes and are more likely to be uninsured than urban Americans.   Concurrently, the rural healthcare workforce is aging and closer to retirement than urban healthcare workers.  Long distances to travel for services and a lack of reliable transportation leads rural Americans to delay seeking care, exacerbating health problems and leading to more expensive treatment.

Point-of-care diagnosis, as opposed to the current system of centralized diagnosis in large facilities, for example, has the potential to dramatically increase effectiveness and efficiency of delivering healthcare services by eliminating time and distances issues, cutting wait times and decreasing healthcare delivery costs.

The broadband infrastructure in the United States must evolve quickly to facilitate communication of healthcare related information. Some of this evolution has been underway for some time.  The Federal Communications Commission (FCC) in 2010 created the National Broadband Plan, before the ACA was even passed.  Among the provisions included in this plan was the provision of $8.1 billion to the Connect America Fund to expand rural broadband and voice service, and the e-rate program to provide high-speed broadband to schools and libraries (see Healthcare Connect Fund).

Mobile devices will also play an important role in providing healthcare services in the near future.  Smart phones, tablets and laptops allow for anytime, anywhere access for sending and receiving healthcare information among providers, payers and consumers.  Some believe purpose-specific, portable medical communication devices will offer the long-term solution to providing health services.  In one pilot program, such as portable device enabled a doctor in Canada to monitor the heartbeat of a baby in the Andes Mountains, as well as communicate with the mother and enable providing of an ultrasound, with the assistance of an onsite nurse.

The Role of Secure Access in the New Healthcare Landscape

The security of any type of information is only as good as the weakest link in the chain from the source where the information resides to the person who requests it.  Whether the communication is payer to provider, provider to payer, or between a payer or provider and a consumer, remote access is nearly always involved and secure access is always required.

Each entity involved in a secure information transaction has different needs.  The payer and provider in particular have legal and regulatory requirements to quickly and efficiently provide patient information to other healthcare providers or payers, to government organizations that might be involved in providing payment as well as to the patient. It is in the best interest of the consumer as well to have secure access solutions on his or her computer and any mobile devices.

Payers and providers have a particularly difficult task ensuring secure access since many people within their organizations may have access to a consumer’s records, some of these workers may be stationery, others may be mobile, some may create and access information on a mobile device, and that mobile device may belong to the payer or provider, or to the workers themselves.

Working with a remote access provider would ensure secure data and secure transport of data among the payer, provider and patient to provide the necessary protection of patient information.

Secure access/transaction processing must satisfy at least this set of security features:

  • Simple, complete and interoperable integration with VPN gateways from any manufacturer.  
  • No installation of a client on PCs, Macs, tablets, phones or other devices, and no requirement of administrator rights.
  • Accommodation of the BYOD prevalent at many businesses today, while ensuring content security for patient or related healthcare information that is stored on these devices.
  • Facilitate preparation for disasters as part of comprehensive business continuity program through capabilities such as place- and platform-independent operations 
  • Enable efficient and secure access by authorized business, technology, channel and other partners to content, with particular attention to accommodating regulatory constraints on access to certain information.
  • The secure access solution should also facilitate branch office connectivity.  This ensures authorized employees have access to the most current information, enables IT teams to manage connectivity centrally, simplifies support, and reduces operating costs.
  • Offer other features that can provide convenience to users and IT teams alike, such as VoIP calling features that allow for free phone calls from any location.

With these security features in mind, IT teams at payers and providers must scrutinize every facet of their organization’s communications systems and security infrastructure for possible holes. Tha nature and sensitivity of patient and related healthcare information tends to draw IT's attention first to protect "data at rest". Secure access calls attention to the fact that sensitive data "rest" at both endpoints of any information transaction and must be protected during transfer as well. Payers, providers and consumers are best served.y adopting secure access solutions that meet the aforementioned criteria.  

This is a guest post by Siegfried Plommer, Director of HOB GmbH KG, a software based remote
access solution provider. It was reviewed and accepted for publication without fee. 

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Comments are moderated, and will not appear until the author has approved them.

Your Information

(Name is required. Email address will not be displayed with the comment.)