PRECONFERENCE III Advanced Strategies to Achieve ROI in Implementing HIPAA Karl Ideman, CEO Pool Administrators Inc. September 14, 2003.

Slides:



Advertisements
Similar presentations
MONITORING OF SUBGRANTEES
Advertisements

Preparation of the Self-Study and Documentation
Governor’s Center for Efficient Government. Mission The mission of the Governor's Center for Efficient Government is to promote fair and transparent best.
HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) ; Victoria Nemerson.
29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.
Strategic Purchasing at Penn Impacting the Institution's Bottom Line October 21, 2005 Presented by: Ralph Maier Director of Purchasing Services.
Introduction to the State-Level Mitigation 20/20 TM Software for Management of State-Level Hazard Mitigation Planning and Programming A software program.
1 FAA Reform: Congressional Staff Briefing January 24, 1996.
By Saurabh Sardesai October 2014.
ECM Project Roles and Responsibilities
Office of Inspector General (OIG) Internal Audit
Chapter 16 Strategically Managing the HRM Function Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without.
External Quality Assessments
Euseden INTERNAL AUDIT & ASSURANCE SERVICES.
Mitun PatelMXP07U. Organisational structure Top management; this includes the organisation’s general manager and its executives Department managers; this.
BP Centro Case Top management job descriptions Team 4 Jussi Tiilikainen Jiri Sorvari.
THE PRINCIPLES OF QUALITY MANAGEMENT. DEFINING QUALITY Good Appearance? High Price? The Best? Particular Specification? Not necessarily, but always: Fitness.
Business Acquisition Process Implementation & transition Closing Negotiation of the transaction Due Diligence Engagement TargetIdentification.
Vendor Risk: Effective Management is Essential
Mia Alexander-Snow, PhD Director, Office for Planning and Institutional Effectiveness Program Review Orientation 1.
INFORMATION SECURITY GOVERNANCE (ISG) Relates to the security of information systems Is an element of corporate governance.
MethodGXP The Solution for the Confusion.
QAD's Customer Engagement Dan Blake Consultancy Development Director, QAD QAD Explore 2012.
“Establishment of the Clean Development Mechanism (CDM) National Authority, Operational Framework and Support Systems for the Philippines”
Project Risk Management. The Importance of Project Risk Management Project risk management is the art and science of identifying, analyzing, and responding.
Audits & Assessments: What are the Differences and How Do We Learn from the Results? Brown Bag March 12, 2009 Sal Rubano – Director, Office of the Vice.
Implementing and Auditing Ethics Programs
Risk Management Office ECO-IDB Workshop on Risk Management 4 March 2012.
Investment Funds Conference “Collective Investment Funds in the Qatar Financial Centre – Confidence and Opportunity” November 26-27, 2007 Michael Webb.
Risk Management - the process of identifying and controlling hazards to protect the force.  It’s five steps represent a logical thought process from.
OHT 25.1 Galin, SQA from theory to implementation © Pearson Education Limited 2004 The quality assurance organizational framework Top management’s quality.
The Financial Accounting Foundation The Financial Accounting Foundation Advancing Financial Reporting.
Office of Clinical Research and Innovative Care Compliance (OCRICC) What You Need To Know About Conducting Research at Froedtert Hospital Roberta Navarro,
1 Today’s Presentation Sarbanes Oxley and Financial Reporting An NSTAR Perspective.
Evaluating Investments in Information Technology Shannon Crump December 9, 2002 ISM 6021.
IT 499 Bachelor Capstone Week 4. Adgenda Administrative Review UNIT three UNIT Four Project UNIT Five Preview Project Status Summary.
Logistics/Supply Chain Organization
+ Regulation and Compliance Summary “ Making Great Ideas Become Reality”
FSA - The Financial Supervision Authority Nele Piir, Marge Laan, Kadri Toks.
FOURTH CABINET RETREAT 20 – 21 DECEMBER 2011 PRESENTATION BY MOTIE.
NIST / URAC / WEDi Health Care Security Workgroup Presented by: Andrew Melczer, Ph.D. Illinois State Medical Society.
CIVIL RIGHTS IMPACT ANALYSIS Animal and Plant Health Inspection Service Civil Rights Enforcement and Compliance.
Chapter 3 Strategic Information Systems Planning.
Copyright © Emerson Strategic Group, Inc. All Rights Reserved 1 Ninth National HIPAA Summit Auditing for Privacy Compliance: A Case Study September.
Order Management Redesign Start up Implementation Team Member Meeting November 3, 2005.
SOLUTION What kind of plan do we need? How will we know if the work is on track to be done? How quickly can we get this done? How long will this work take.
Confidential 1 HIPAA Compliance at Blue Cross Blue Shield of Minnesota: A Case Study Tim Wittenburg Director of Corporate Architecture & Data Management.
Organizing a Privacy Program: Administrative Infrastructure and Reporting Relationships Presented by: Samuel P. Jenkins, Director Defense Privacy Office.
Selecting, Reviewing, and Supporting the Administrator Governing Board Online Training Module.
1 QUALITY MANAGEMENT SYSTEM PRESENTATION TO BOTSWANA DRUG ADVISORY BOARD MEMBERS 13 th – 17 th AUGUST 2007.
The Health Insurance Portability and Accountability Act of 1996 “HIPAA” Public Law
Trade Compliance Considerations April 13, © 2016 KPMG LLP, a Delaware limited liability partnership and the U.S. member firm of the KPMG network.
Business Continuity Planning 101
New Hire Packet Automation Factors for Decision Making.
ISO Certification For Laboratory Accreditation ISO Certification For Laboratory Accreditation.
Procurement Development Programs
RISK MANAGEMENT SYSTEM
Chapter 11 Project Management.
An Overview on Risk Management
CPA Gilberto Rivera, VP Compliance and Operational Risk
Application Outsourcing: Achieving Success & Avoiding Risk
SACSCOC Fifth-Year Readiness Audit
HRM 420 EDU The power of possibility/hrm420edu.com
HRM 420 Edu Education Your Life / hrm420edu.com
HIPAA Implementation Strategies for Compliance Professionals
Privacy Project Framework & Structure
April 2011.
HIPAA Implementation Strategies for Compliance Professionals
Sustainability Corporations, Capital Markets and Global Economy.
Presentation transcript:

PRECONFERENCE III Advanced Strategies to Achieve ROI in Implementing HIPAA Karl Ideman, CEO Pool Administrators Inc. September 14, 2003

Topic Outline Introduction and Background: The Speaker, The Firm and The Business of Risk Pooling Introduction and Background: The Speaker, The Firm and The Business of Risk Pooling Measurement of Return on Investment Measurement of Return on Investment

Topic Outline Methodology Used for Analysis and Implementation Methodology Used for Analysis and Implementation Case Study: Privacy, Security and Transactions Projects for an Covered Entity and a Business Associate (A Handout) Case Study: Privacy, Security and Transactions Projects for an Covered Entity and a Business Associate (A Handout)

The Speaker: Karl Ideman Executive Director of high risk and reinsurance pools Executive Director of high risk and reinsurance pools Board Member of five state risk pools Board Member of five state risk pools Task Force Leader on President Reagan’s Private Sector Survey on Cost Control Task Force Leader on President Reagan’s Private Sector Survey on Cost Control

The Firm: Pool Administrators Inc. (PAI) Industry leader in administration of risk spreading mechanisms in individual and small employer health insurance markets Industry leader in administration of risk spreading mechanisms in individual and small employer health insurance markets Offices in Connecticut but clients everywhere there is a need for collaborative approaches to provide health coverage for the uninsured Offices in Connecticut but clients everywhere there is a need for collaborative approaches to provide health coverage for the uninsured

The Business of Risk Pooling Purpose of the Pools: To facilitate change to guarantee issue and insurance rate regulation and market reforms Purpose of the Pools: To facilitate change to guarantee issue and insurance rate regulation and market reforms Concept: Isolate the highest costs and spread them back equitably over a large base to reduce their impact on the members of the pool Concept: Isolate the highest costs and spread them back equitably over a large base to reduce their impact on the members of the pool

The Business of Risk Pooling A Board of Directors is responsible for program oversight to assure a fair and equitable program for all pool members A Board of Directors is responsible for program oversight to assure a fair and equitable program for all pool members The Administrator or Executive Director is responsible for staffing the Board of Directors and for the day to day operation of the pool The Administrator or Executive Director is responsible for staffing the Board of Directors and for the day to day operation of the pool

Measurement of Return on Investment HIPAA imposes significant additional risk on the pools and on the Pool’s Board of Directors since the Pool is considered a “Covered Entity” HIPAA imposes significant additional risk on the pools and on the Pool’s Board of Directors since the Pool is considered a “Covered Entity” Privacy and Security issues are disproportionately high in high risk pools Privacy and Security issues are disproportionately high in high risk pools The Board of Directors has responsibility for compliance with very little direct control over it: They must rely on the Administrator or Executive Director The Board of Directors has responsibility for compliance with very little direct control over it: They must rely on the Administrator or Executive Director The Administrator‘s staffing responsibility includes protecting the Board and the Pool from unnecessary risk The Administrator‘s staffing responsibility includes protecting the Board and the Pool from unnecessary risk

Measurement of Return on Investment The risk of non-compliance for the Board of Directors justifies the investment in a thorough review of HIPAA Compliance by subject matter experts The risk of non-compliance for the Board of Directors justifies the investment in a thorough review of HIPAA Compliance by subject matter experts The risk of non-compliance for the Administrator of the Covered Entity justifies investment in comprehensive systematic controls that assure the Board and the Administrator that there is adequate control over day to day operations The risk of non-compliance for the Administrator of the Covered Entity justifies investment in comprehensive systematic controls that assure the Board and the Administrator that there is adequate control over day to day operations

Measurement of Return on Investment Investments made include Investments made include Gap Analysis to identify HIPAA compliance shortcomings and potential corrective actions Gap Analysis to identify HIPAA compliance shortcomings and potential corrective actions Staff time by Administrator to provide information, perform analyses, evaluate alternatives, design corrective measures, and to implement proposed changes Staff time by Administrator to provide information, perform analyses, evaluate alternatives, design corrective measures, and to implement proposed changes Purchased or built systems and developed policies and procedures Purchased or built systems and developed policies and procedures Return on Investment includes Return on Investment includes Tangible improvements in operations and competitive advantage Tangible improvements in operations and competitive advantage Intangible mitigation of significant risk where there is only moderate control over it Intangible mitigation of significant risk where there is only moderate control over it

Measurement of Return on Investment Dealing with the HIPAA Compliance Crisis: Creating an Opportunity that is a “Win – Win Scenario” Dealing with the HIPAA Compliance Crisis: Creating an Opportunity that is a “Win – Win Scenario” The Covered Entity has to comply and its risks are different – we can’t copy and we can’t hide The Covered Entity has to comply and its risks are different – we can’t copy and we can’t hide The Board has significant risk without very much control The Board has significant risk without very much control The Administrator is small, needs to fulfill responsibilities and must maintain a competitive edge in a growing market The Administrator is small, needs to fulfill responsibilities and must maintain a competitive edge in a growing market

Measurement of Return on Investment Creating an Opportunity Creating an Opportunity Documenting a process for compliance analysis that can be replicated if other opportunities present themselves: There are already 30 other pools that could use the same process Documenting a process for compliance analysis that can be replicated if other opportunities present themselves: There are already 30 other pools that could use the same process Creating policies and procedures that are transportable: We have already used the same template from our Connecticut High Risk Pool for the Reinsurance Pool in the same state Creating policies and procedures that are transportable: We have already used the same template from our Connecticut High Risk Pool for the Reinsurance Pool in the same state Offering to invest in world class HIPAA compliant systems so that we own them and can use them for our competitive advantage = product differentiation Offering to invest in world class HIPAA compliant systems so that we own them and can use them for our competitive advantage = product differentiation

Measurement of Return on Investment Demonstrate the Return to the Board: Demonstrate the Return to the Board: Provide liaison for Board Privacy and Security at no additional cost Provide liaison for Board Privacy and Security at no additional cost Automate manual processes that provide staff efficiencies Automate manual processes that provide staff efficiencies Improve enrollment and billing through Web based technology that transfers or eliminates work Improve enrollment and billing through Web based technology that transfers or eliminates work

Measurement of Return on Investment Realize the Return for The Firm and the Pool Realize the Return for The Firm and the Pool Spread system costs over five years to balance the costs to the cost reductions coming from automation Spread system costs over five years to balance the costs to the cost reductions coming from automation Recover system costs by using the system for related functions performed for other pools Recover system costs by using the system for related functions performed for other pools Share future enhancements for other pools with the CT Pool at no cost Share future enhancements for other pools with the CT Pool at no cost

Measurement of Return on Investment Capitalize on the Investment Through Product Differentiation and Low Cost Transportable Policies, Procedures and Systems Capitalize on the Investment Through Product Differentiation and Low Cost Transportable Policies, Procedures and Systems

Methodology Used for Analysis and Implementation Problem definition and survey Problem definition and survey Determination of Covered Entity Status and requirements for compliance taken as a whole Determination of Covered Entity Status and requirements for compliance taken as a whole Survey of the current status of similarly situated Covered Entities and contact with subject matter experts Survey of the current status of similarly situated Covered Entities and contact with subject matter experts Presentation of findings to the Board of Directors and approval of Gap Analysis Project Presentation of findings to the Board of Directors and approval of Gap Analysis Project Gap Analysis of HIPPA Compliance: The current state vs. the fully compliant state Gap Analysis of HIPPA Compliance: The current state vs. the fully compliant state Documentation of the organizational flow of responsibility Documentation of the organizational flow of responsibility Interviews with staff and documentation of the gaps: regulation by regulation Interviews with staff and documentation of the gaps: regulation by regulation Development of alternative scenarios and cost/benefit analysis Development of alternative scenarios and cost/benefit analysis Presentation to the Board of Directors and Approval for design of policies and procedures for Privacy and Security Presentation to the Board of Directors and Approval for design of policies and procedures for Privacy and Security

Methodology Used for Analysis and Implementation Privacy and Security Project Privacy and Security Project Project Management defined to include a Board Steering Committee and Administrator Management Committee Project Management defined to include a Board Steering Committee and Administrator Management Committee Project Team trained and project “war room” established Project Team trained and project “war room” established Templates used or “lifts” from the Regulations copied to form a structure for the customized policies and procedures Templates used or “lifts” from the Regulations copied to form a structure for the customized policies and procedures Checklists and charts used to keep documentation to a form of HIPAA “shorthand” Checklists and charts used to keep documentation to a form of HIPAA “shorthand” Weekly Management Committee meetings on accomplishments and planned activities Weekly Management Committee meetings on accomplishments and planned activities

Methodology Used for Analysis and Implementation Transactions Project Transactions Project Conceptual design of resolution to compliance and EDI Standard Transactions Issues Conceptual design of resolution to compliance and EDI Standard Transactions Issues Analysis of alternatives including a Clearinghouse approach Analysis of alternatives including a Clearinghouse approach Presentation to the Board and Approval to proceed Presentation to the Board and Approval to proceed Creation of project team and development of systems project management structure and controls Creation of project team and development of systems project management structure and controls Identification of work packages and incorporation into MS Project Identification of work packages and incorporation into MS Project Traditional steps to complete preliminary design, detail design and Implementation Traditional steps to complete preliminary design, detail design and Implementation

Summary Privacy Policies and Procedures Done on schedule and within budget Privacy Policies and Procedures Done on schedule and within budget Security Policies and Procedures in progress, on schedule and running under budget Security Policies and Procedures in progress, on schedule and running under budget Transactions in progress, on schedule and close and under budget Transactions in progress, on schedule and close and under budget

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.