Month: March 2023

Addressing Strategic Initiatives with Payment Integrity Solutions in 2023

For many Health Plans, 2023 presents unique challenges and opportunities when it comes to addressing strategic initiatives. The healthcare payer ecosystem is becoming increasingly digital, and for good reason. Data and processes that were once siloed and handled at departmental levels, are increasingly becoming more interoperable and overseen at an enterprise level with strategic investments into digital platforms, including payment integrity solutions.

In fact, Gartner cites “Payers that implement enterprise payment integrity programs and solutions are on the path to reducing medical expenses by 10% or more, with even more potential for significant reductions in administrative expense.”[1]

When it comes to Payment Integrity processes, over the past several years I’ve witnessed a significant shift away from individual point solutions that address singular pain points to digital investments that provide transparent and interoperable data and services that empower health plans to leverage up-to-date industry content, in-source capabilities, and customize the tools as needed.

For payers looking to address digital initiatives in 2023 with their editing solutions, a well-rounded approach and evaluation includes the following three items: depth of content, agility to accommodate a health plan’s unique requirements, and an “open book” approach so health plans can address the root cause of recurring payment errors.

1. Unique Data Set

Q: How does Source provide a broad, unique data set?

A: Our depth of content

Source provides a unique depth of content that includes a wide range of Medicare payment policy edits, state-specific Medicaid payment policy edits, as well as Clinical, Cost-Containment, and Validation edits maintained by subject matter experts. Source is also designed to incorporate 3^rd party specialty content into our ecosystem seamlessly including specialty content from MediQuant, 3M, Concert Genetics and TruthMD, to augment policy standards and ensure claims are paid accurately. Without this depth of content, Payers must rely on multiple vendors, perform excessive manual claims reviews, and risk over- or under-paying claims.

Our unique data set includes:

• Hands-off, automatic delivery of government, clinical, billing, and validation edits to handle complex policies automatically across all lines of business
• User-driven interface for easy development of customized edits to mimic medical policies
• History-based capability to look across claims for comprehensive editing
• Optional third-party edit libraries natively integrated into the solution

2. Agility to accommodate a health plan’s unique requirements

Q: As more and more health plans look to better understand and control their data, how does Source enable plans to deploy their own algorithms?

A: Source was designed to be agile to address a health plan’s unique business rules

Source allows Plans to deploy their own algorithms through creation of custom edits in a flexible configuration layer, existing real-time integrations to commercial claims systems, and workflow management to map to your system’s disposition codes for appropriate adjudication decision-making.

Source deployment capabilities include:

• Use of our native content with health plan-specific customizations to standard policy
• Adapting a payer’s proprietary edits through a contemporary user interface or leverage our professional services team to assist in the process
• The ability to monitor the financial and utilization impacts of an edit before deploying it for production use
• Hierarchical structure to efficiently deploy edits enterprise-wide or to specific regions, products, providers, etc.
• The ability to allow deployment of an edit to act as informational, soft denial, or automatic denial
• Single instance of the software in the Azure cloud that connects to all health plan claims systems for streamlined maintenance and consistent editing
• No technical maintenance as Source is updated and maintained by experts on a continuous basis

3. An “open book” approach

Q: How does Source enable plan to in-source a portion of their payment integrity capabilities?

A: Our “open book” approach

With Source, we’ve taken a “Black box to Open book” approach to payment integrity—ensuring that health plans have insight into root-cause analysis and the tools to address payment integrity issues upstream in the adjudication process.

This approach empowers health plans in multiple ways, including:

• Participation in Payment Integrity health checks performed by our experts to identify new cost of care or administrative savings opportunities.
• Enabling Source edit libraries in addition to your own proprietary edits through the user interface.
• Understanding the impact of edits with the use of Monitor Mode to see “what if” utilization and financial impacts that show aggregated results before turning the edit on in production.
• Enabling the edit in production with flexible adjudication decisions based on your business needs.
• Discovering new opportunities through real-time dashboards and reports while assessing the savings impacts of edits already in production.

Source uniquely provides editing content and capabilities alongside reimbursement for a comprehensive and cohesive approach to payment integrity that enables health plans to finally achieve long-term, enterprise-wide goals. This comprehensive, holistic & fresh approach to payment integrity considers reimbursement, application of medical and payment policies, analytics, and contract configuration—not as separate aspects of adjudication—but as part of an ecosystem that needs to remain agile, interoperable, and coordinated. Learn more about Source here.

 

[1]  – Gartner, Fight Healthcare Fraud With Enterprise Payment Integrity for U.S. Payer CIOs, Mandi Bishop, Refreshed 9 October 2022, Published 4 May 2021

Here at HealthEdge, our cybersecurity strategy relies on a defense-in-depth approach, which means we rely on people, processes, and technology to ensure our security controls remain viable and constantly evolve. Of these three, the HealthEdge team, is the most formidable layer of cybersecurity. We count on our global workforce to stay informed, identify and report suspicious messages, and to understand and comply with our IT Security Policies. Our Chief Information Security Officer, Jerry Sto. Tomas says, “I am often asked how big our security team is. I respond with, ‘around 2,000 people.’ Each of us has a responsibility in security because the HealthEdge team is the first line of defense.”

The SAFE program aims to empower our team with:

• Regular newsletters providing education on healthcare cybersecurity threat awareness and trends.
• Cybersecurity alerts on real-time threats and how the workforce can help.
• Comprehensive IT security policies.
• Mechanisms to report suspicious messages.
• Monthly internal phishing simulation tests and just-in-time training.
• Annual training, role-based training, and continuous micro-training.
• Cybersecurity best practice tips to implement in the workplace and at home.

Preparing the Team

With regular information newsletters and real-time security alerts, our team is always kept up-to-date on cybersecurity, regardless of their role at HealthEdge. Newsletters are sent out bi-weekly with cybersecurity news, tips, trends and communications about new security practices. Newsletter content is tailored to our organization with the objective of improving overall healthcare cybersecurity threat awareness both at work and home.

Identifying and Reporting

The goal of SAFE is to ensure everyone is able to identify and quickly report suspicious messages or activities. The Security Operations team analyzes every message that is reported as suspicious and sends the results back to the reporter. Sending the analysis results back to the reporter provides the reporter with confirmation of their ability to identify malicious messages or spam. On a monthly basis, phishing tests are sent out that simulate current phishing campaigns used by threat actors. Campaign attack techniques include domain and popular brand spoofs, QR codes, and suspicious links with requests for information, oftentimes with topics based on global security trends, cultural events or “the events of the day”. In addition to maintaining a low fail rate, the objective is to increase identification and reporting of suspicious messages. Those who fail are provided subsequent training to increase future awareness.

Administrative and Technical Controls

In addition to IT security policies, HealthEdge implements technical controls that monitor and enforce password policies and multifactor authentication. Network access is controlled, and principles of least privilege are enforced. This means that even trusted users with authorized network access are limited to only the access required to do their job. When access is granted, logs are collected from across the environment, which gives us the ability to monitor changes that could impact preservation of confidentiality, integrity, or availability. Our team’s cybersecurity habits, and best practices strengthen our administrative and technical controls; each component is critical for cybersecurity maturity.

A Holistic Approach

Our team prides itself on keeping up with the latest cybersecurity news and updates. We follow industry best practices, monitor third-party intelligence, implement technical and administrative controls, and most importantly we keep the cybersecurity discussion going. Our holistic approach allows our team to be prepared to protect the HealthEdge workforce network as the first line of defense, and also empowers them to practice good cyber hygiene at home. Security awareness for everyone, every day, everywhere.