HIMSS15 Day 3 Recap

Post by Azam Husain

Senior Product Manager, Caradigm

After three jam packed days of activity inside and outside our booth, HIMSS15 came to a close. Our final panel presentation of the week focused on the important topic of healthcare data privacy and security. Marianne Kolbasuk McGee, Executive Editor of Information Security Media Group (ISMG) moderated and shared information from ISMG’s annual information security study. Also on the panel were Steve Shihadeh, Senior Vice President of North America Sales Caradigm, Mac McMillan, Chief Executive Officer CynergisTek, and Shane Whitlatch, Executive Vice President FairWarning. The survey results that Marianne shared were really interesting because they showed that despite the high profile breaches that have occurred over the past couple of years, there’s still plenty of room for healthcare organizations to give information security greater focus. Some of the statistics shared were:

  • Only about half of organizations indicated that preventing and detecting breaches is a top priority in 2015.
  • Just 31 percent of healthcare organizations have “high” or “somewhat high” confidence in the security controls of their business associates and subcontractors.
  • Nearly 80 percent of organizations rely on usernames and passwords as the dominant method of authentication used for on-site and remote access to clinical data with use of more advanced forms of authentication still rare.
  • 51 percent of organizations reported having no breaches of any size in 2014 compared to 37 percent in 2013.

The panelists advised that healthcare organizations need to guard against complacency in order to stay ahead of security risks. Everyone should be doing more because of the continuous presence of insider threats and increasing hacking threats that are targeting healthcare heavily because of the value of the data and intellectual property. The panel also stressed the importance of tools to help control identity and access management and ongoing workforce training that needs to be put into greater context for how employees do their jobs.

Another very cool event that took place today was that patient rights advocate and renowned artist, Regina Holliday was in the Caradigm booth painting a mural on population health to raise awareness for the Society for Participatory Medicine. The mural is inspired by the idea that healthcare needs powerful and disruptive change and was completed in a single day. To learn more about Regina’s patient advocacy, I recommend reading her blog and following her on Twitter.


Regina HIMSS


HIMSS15 Day 2 Recap

Post by Vicki Harter

Clinical Product Manager, Caradigm

I value my time spent at HIMSS. It allows me to reconnect with long-time colleagues, meet new people, and check the pulse of the industry in a few short days. This year, I’ve noticed a shift in the types of conversations I’m having on population health management. Healthcare organizations have a more mature interest in discussing the opportunities and challenges of value-based care and the IT solutions that can help. An increasing number of providers are looking to take the next step with population health, scaling programs they have implemented over the last couple of years. It’s exciting to hear that the question has shifted from “should we make the shift?” to “how can we do it more efficiently and effectively?”

Caradigm had another superb day of educational presentations in our booth. I participated on the panel entitled “DSRIP Program – Enabling Participation for Performing Provider Systems.” The panel included several other experts on the program: Todd Ellis, Managing Director KPMG, Wendy Vincent, National Practice Director Beacon Partners, and Paul Contino, Chief Technology Officer NYC Health & Hospitals Corporation.

Todd Ellis kicked things off by providing an overview of the Delivery System Reform Incentive Payment (DSRIP) program. DSRIP aims to improve the Medicaid program, improving the quality of care for the underserved while better managing the more cost of that care. He claimed that the goal can be reached through an increased focus on primary care, preventive measures and patient engagement; together they can reduce the need for high-cost hospital services. Given the billions of dollars that are available to participants in the program, DSRIP represents a significant opportunity to build the systems needed to truly transform care delivery, and implement the IT solutions that can make it happen. 

Succeeding within the DSRIP program, however, does present some significant challenges. Paul Contino shared his perspective of a provider that is leading a large Perform­ing Provider System (PPS). Paul outlined two of the most important things to get right: 1) gathering and sharing data across a large number of providers using a variety of different systems and 2) developing standardized and integrated workflows. He reminded the audience that this change won’t happen overnight as it takes a significant, long-term investment of time and resources. 

As one who has helped clients structure and prioritize their DSRIP programs, Wendy Vincent added a consultant’s perspective. She stressed that a PPS needs clear transparency and communication among all its partners.  They need to agree on goals and processes before implementation. As providers often participate in several population health initiatives, she recommends that they take a step back and take a holistic view of all their programs to find areas of improvement and synergies that cut across multiple activities.   

Lastly, the panel also talked about solutions that are needed to ensure success with DSRIP initiatives. I believe that providers must take a long-term view as they try to improve the health of a population. They need tools that are both flexible and extensible. As Paul stated, transformation will not happen overnight. Programs will change and evolve over time, and what works for one provider may not work for another. As opposed to point solutions not intended to scale beyond a narrow focus, end-to-end enterprise population health solutions give providers the flexibility and extensibility they need.

If you’re at HIMSS15 and would like to talk more about your DSRIP or other state funded strategies, then please stop by our booth #7307. You can also drop us a note here to schedule a conversation at another time. 


 Tuesday Panel 3PM


HIMSS15 Day 1 Recap

Post by Scott McLeod

Director of Product Marketing, Caradigm

It’s always enjoyable to be at the Health Information Management Systems Society (HIMSS) Annual Conference, which kicked off today in Chicago. The sheer volume of people (around 38,000+) who come from all over the world to learn about and discuss innovation in healthcare is amazing, and makes HIMSS the industry gathering.  

Caradigm had a bustling opening day in the exhibition hall as we hosted the first two of a series of outstanding interactive panel sessions to be held in our booth this week. Here are the highlights from today’s panels:

Population Health Trends and Insights Panel

Panelists were Ken Kleinberg, Senior IT Analyst from The Advisory Board Company, Dr. Peter Edelstein, Author and Patient Advocate, Brian Drozdowicz, Caradigm SVP of Global Population Health and Patty Enrado, Senior Editor, HIMSS Media who served as the moderator. To initiate discussion among the panelists, Patty shared preliminary results from a HIMSS Analytics population health research study and asked the panelists to respond. It was a lively discussion centered around where organizations are today with population health and where they are headed in the future. Some of the key points that came up in the discussion were:

  • 22 out of 25 respondents said population health would be a high organizational priority by next year. The panelists agreed that we have reached the tipping point for organizational awareness of population health, but are not there yet on execution because population health is complicated and requires new tools.
  • Respondents indicated that the top challenges providers are having are related to data aggregation, change management, and budget constraints. While the panel agreed that budget and resource constraints are common, providers can mitigate the challenge by honing in on programs and tools that can help them achieve quick wins such as data aggregation.  
  • Initial successes in population health are coming from a variety of different areas such as patient engagement and outreach, building IT infrastructure and care and case management. The panelists commented that experimentation with different population health programs is an effective approach until a provider learns what strategies are working for them. Aligning on goals and how to measure success is important to establish before implementing a program.
  • To further mature population health strategies, respondents indicated that they need to keep bolstering their IT infrastructure, form more partnerships and affiliations to expand coverage, and be adaptable. The panelists talked about how providers should take the long view and build infrastructure that can scale. An ACO that manages a few thousand lives today needs a clear technology and strategy path forward to grow to hundreds of thousand lives managed.

Succeeding In Accountable Care Panel

Panelists were Wendy Vincent, National Practice Director Beacon Partners, Sameer Bade, Caradigm VP of Clinical Solutions and myself as the moderator.  This panel was an excellent follow up to our earlier pop health session as the conversation centered on specific foundational strategies ACOs should be considering to drive quality and lower costs. Some of the recommendations discussed included:

  • Start by obtaining a deep understanding of your population, and use predictive modeling to identify patients who are most likely to become high risk in the coming year in order to prioritize interventions.  
  • Build a strong foundation of primary care and patient centered medical homes (PCMH) that can help improve outcomes for a targeted population.     
  • Establish strong physician leadership in the ACO and also restructure physician compensation to align provider incentives with value-based care.
  • Remember that you can’t manage population health with an EHR alone. As providers scale programs and form clinical networks, the amount of data that needs to be aggregated from disparate systems multiplies very quickly. Providers also need a higher class of population health analytics and workflow tools to help them drive results.

If you’d like to receive the complete research reports from the panels today, send us a note here. Also, check back tomorrow for a recap of Tuesday’s activities as Caradigm will be hosting three more panel presentations in booth #7307.


 Caradigm HIMSS

Advisory Board National Meeting Day 2: Redefining the Value Proposition

Post by Scott McLeod

Director of Product Marketing, Caradigm

I recently had the opportunity to attend the second half of the Advisory Board’s two-day national meeting in Seattle where the presentations went deeper on the central theme of how health systems must adapt to the shift in how they are paid. These systems face four imperatives necessary for success in the new world—competitive unit prices, total-cost control, geographic reach and clinical scope, and clinical and service quality.  These are the attributes necessary for providers to succeed by, as noted in David Lee’s blog, winning at two distinct points-of-sale:

1) They must be the network chosen in risk-based agreements with payers and employers 

2) They must be chosen by patients who need healthcare services

One requirement to winning the first point is assembling a low-cost, high-quality network. Recruiting the appropriate providers is dependent on the evaluation of clinical performance data, e.g. mortality rate, complication rate and readmission rate, making sure that providers included in the network can deliver the high-quality care expected by payers and employers.  Other factors for evaluation include their per-capita cost of care, efficiency of care utilization and care experience—helping to make sure that the providers included also can deliver low-cost care.

Assembling the appropriate network is also critical to building the geographic reach and clinical scope to provide healthcare access that meets the demands of patients.  In addition to competing on price (driven by increased price transparency) and convenience (offering services that meet diverse patient demands), health systems can differentiate themselves from their competitors by offering enhanced management. Increasingly, employers are purchasing health management solutions for their workforce, and patients are opting for direct primary care and concierge services. Successful networks need providers who can deliver services such as preventive screening, disease treatment and lifestyle management. 

Once assembled, it is important to continuously monitor and manage the network. Quality analytics are required to identify gaps in care or measures and surface them to providers so the gaps can be closed. Performance analytics are necessary to measure the behavior of providers and evaluate patterns of activity for areas of improvement. Utilization analytics are needed to monitor network leakage and promote appropriate steerage—driving patients to seek care within the network of low-cost, high-quality providers.

The Advisory Board meeting provided a good perspective on the state of the industry leading in to HIMSS15. Caradigm will be hosting several panel discussions in our booth (#7307) that will feature industry experts as well as the sharing of third-party survey research related to population health, ACO best practices, DSRIP and Data Privacy and Security. You can check out the full schedule of Caradigm events at HIMSS here.

Advisory Board National Meeting Day 1: Balancing Population Health and Fee-for-Service

Post by David Lee

Product Marketing Manager, Caradigm

I had the pleasure of attending the Advisory Board’s national meeting recently in Seattle where the central theme was how healthcare must adapt to the channel disruption it is facing with value-based reimbursements. The shift to value-based reimbursements has changed the fundamental mechanics of healthcare, which in turn has changed the rules for success. It’s really channel disruption on the scale of what Amazon did to retail and what Netflix did to video rentals.

One of the biggest takeaways from the meeting was that healthcare organizations can benefit from rethinking their value propositions as they operate in both a value-based and fee-for-service (FFS) environment.  It doesn’t have to be an either or proposition. In fact, providers that can identify the sweet spot between them can achieve the greatest success in terms of being innovators of quality, serving the most people in their region and in achieving financial growth.

Here’s how the two models can co-exist. For providers to succeed, they have to win at two distinct points-of-sale:

1) They must be the network chosen in risk-based agreements with payers and employers 

2) They must be chosen by patients who need healthcare services

To succeed in the first point of sale, providers need to extend their reach through new partnerships or clinical integration, and establish strong population health management capabilities – data control, healthcare analytics, care coordination and patient engagement. They can then leverage these capabilities to become a low cost, high quality and high access provider that gets selected for more public and commercial contracts. The addition of new contracts plus the ability to generate shared savings from those contracts is an attractive proposition for providers.   

To succeed in the second point of sale, providers have to innovate by appealing to patients as consumers of healthcare services. Providers can increase utilization of preventive and other necessary services by considering patient needs and solving the dissatisfaction with how they obtain healthcare services today. There’s many different ways a provider can approach this such as by offering telehealth services, or creating specific packages tailored towards certain conditions such as diabetes management that includes blood tests, exams and nutritional services.  It can be as simple as communicating better with patients and reminding them to come in for regular exams. Providers that appeal to patients as customers can build loyalty, which is critical because it’s often easy for patients to change where they get their health services.

The Advisory Board national meeting was a great check in on the pulse of the industry leading in to HIMSS where I look forward to continuing the discussion. Caradigm will be hosting several panel discussions in our booth (#7307) that will feature industry experts as well as the sharing of third party survey research related to population health, ACO best practices, DSRIP and data privacy and security. You can check out the full schedule of Caradigm events at HIMSS here.

The Future of Healthcare – Patient Engagement is Due for a Paradigm Shift

Post by Beth Sutherland, RN, BSN

Clinical Product Manager, Caradigm

Just as healthcare is making the shift from volume to value, the concept of Patient Engagement needs to be reimagined in several important ways:

View patients as healthcare consumers with varying levels of engagement in their own care…
Some patients will actively choose how, where and when to access healthcare based on cost, quality data and other patient’s reviews. They expect personalization and patient-centricity from their healthcare providers, and make decisions based on being directly responsible for healthcare costs.

Other patients may feel overwhelmed by managing their health and will require a more guided and supportive approach to understanding, monitoring and potentially confidently managing their conditions at some point.

Acknowledge the impact of factors such as behavioral economics in decision-making…

The reality is people often don’t make rational decisions – in fact, many irrational factors influence thinking such as:

  • Status Quo bias: “This is what I’ve always done…”
  • Complexity Aversion bias: “Too many factors to consider…”
  • Present Time bias: “Going to the gym now is too hard…”
  • Peanuts effect: “It was only 1 donut a day (for 10 years)…”

Important health-related behavior changes need to be framed for patients in recognition of these biases – the long-term impacts of old habits can be re-framed relative to current goals, incentives can be created to establish more immediate payoffs for difficult changes and seemingly overwhelming tasks can be broken into a series of smaller, achievable wins that build confidence and belief that “Yes, I can do this.”

Health goals and behavior changes must be made relevant to each patient by relating them to individual, personal priorities:
For behavior change to occur, care has to fit meaningfully into patient’s lives. Patients are motivated more by personal goals rather than potentially overwhelming healthcare metrics. Patients care more about spending time with their grandkids or being able to walk their dog rather than controlling blood glucose levels or lowering blood pressure. By understanding these priorities and reaching patients with relevant, personalized messages at the right time outside of the care setting, the likelihood of successfully triggering positive health-related behaviors increases dramatically.

For success in population health management to be achieved, Patient Engagement must evolve from being a non-essential, ‘nice to have’ function to a critical driver of success. By clearly demonstrating the value and ROI that patient engagement can bring to the management of populations, the role that patients play will finally be recognized – for the impact it can have in their own success and that of care teams. When patients are truly activated to participate in their own care and own the management of their health, the industry will be transformed.

How Some Accountable Care Organizations (ACOs) are Taking the Lead

Post by Christine Boyle

Senior Vice President of Marketing, Caradigm

The number of Accountable Care Organizations (ACOs) in the Medicare Shared Savings Program (MSSP) has continued to grow steadily as there are now approximately 405 participants after the latest wave of 89 newly accepted applicants.[i] Participating as a MSSP ACO gives healthcare organizations a low-risk means to start transforming to value-based care while they change processes and acquire new health IT infrastructure. Although the program is still fairly new, having only been around since 2012, about 25 percent of ACOs have started to separate themselves from the pack by being able to generate shared savings.[ii]

Being able to generate shared savings is crucial for ACOs because the underlying premise of value-based care is that coordinated, preventive and evidence-based care will both improve the health and  lower the per capita cost of a defined population. Furthermore, the sharing in cost savings helps offset reductions in fee-for service revenue, pay for new health IT infrastructure, and builds organizational momentum for the expansion of risk-based contracting. However, generating shared savings has been an elusive goal for the majority of MSSP ACOs to date.    

Dr. Randall Williams, MD wrote an interesting article on this topic recently on Pharos Innovations discussing why most ACOs have fallen short of generating cost savings. His hypothesis is that “…most ACOs are still working on basic organizational issues like:

  • Integrating their doctors
  • Getting CMS claims data into a format that can be analyzed
  • Documenting and reporting quality performance metrics

While that work is necessary, it is not at all sufficient. It won’t generate the cost savings required to get to the shared savings bonus opportunity.” [1]

Dr. Williams believes that the ACOs that have been successful in generating shared savings have focused heavily on reducing avoidable admissions and readmissions.  He makes an excellent point that ACOs need to transition from a tactical focus on operationalizing their ACOs to a strategic one that will drive greater results. 

Transforming to value-based care is a complex process because it impacts the entire organization. For ACOs to achieve greater results they have to move away from siloed efforts and approach value-based care as a series of interconnected activities. It is not just solely about data, not solely about analytics and not solely about clinician workflows. It’s about all of those activities operating in an integrated manner and augmenting each other. This is known as an enterprise population health approach that integrates data, analytics, and workflows across the entire organization to support new care models. An enterprise approach leads to synergies and efficiencies across the organization that are the difference makers when trying to drive results as quickly as possible for a targeted population.

2015 is a critical year for ACOs to hone in on the strategies and health IT infrastructure that will help them move into the leaders group of ACOs generating shared savings. We have just published a new whitepaper entitled “ACO Best Practices for Shared Savings” that explores this topic more by profiling the strategies used by a few successful ACOs and recommending what ACOs could be doing differently this year.

Download the whitepaper here.

[i] Evans, M. (2014, December 22) 89 ACOs will join Medicare Shared Savings Program in January. Modern Healthcare. Retrieved from http://www.modernhealthcare.com/article/20141222/NEWS/312229929

[ii] Kocot, S., Mostashari, F., White, R. (2014, February 7) Year One Results from Medicare Shared Savings Program: What it Means Going Forward. Brookings.edu. Retrieved from: http://www.brookings.edu/blogs/up-front/posts/2014/09/22-medicare-aco-results-mcclellan

[iiI] Williams, Randall, MD. Want to win with value based purchasing? Start with the fundamental challenge. PharosInnovations.com. February 2015.

The Future of Healthcare: Innovating Coordinated Care

Post by Scott McLeod

Director of Product Marketing, Caradigm

One of the most impactful developments in healthcare today is the movement towards coordinated care. It’s essential as more healthcare organizations engage in population health management and participate in a broader health network with a variety of partner providers. Many providers have recognized that the care of a high-risk patient is a team-based activity that requires the coordination of a variety of clinicians and care givers serving different roles. It also involves a series of processes – intake, screening, assessment, developing a plan of care, reviewing a plan of care, making contact with care givers, reviewing medications, etc. To deliver the best patient outcomes possible, providers need to ensure that these processes are being completed efficiently and consistently across the team.  

The idea of coordinated care is not new, but being able to deliver it effectively is starting to become a reality as new health IT emerges to help enable it. A care team is made up of a diverse group of clinicians and family members that can include primary care physicians, specialists, a lead case manager, an in-patient case manager, a field coordinator that works on non-clinical tasks, a pharmacist, community organizations, and family and friends that may be providing support such as transportation or helping pick up medications. That’s a lot of people and a lot of information that is needed to properly care for just a single patient. Multiply that by potentially thousands of patients in a care management program, and it becomes clear why coordination and efficiency can be challenging.

Here’s how health IT can innovate care coordination. First, it brings together all the data and information needed to care for a patient from all systems across the health network. All care givers have a 360 degree view of the patient that includes the plan of care, medications, lab results, vitals, documents, immunizations etc. When an update is made, all care givers have that update in real-time. With a full 360 degree view of patients, the care team can see longitudinal data and patient responses over time, identify and address subtle changes and deliver patient-centered care by incorporating patient personalized goals.

Second, it transforms the efficiency of clinician workflows, which leads to increased productivity and consistency of care. Physicians can see care gaps and close them while still in the presence of a patient. Care plans, task lists and interventions can be automatically generated from the patient’s clinical information and assessment responses. Complete medication histories can be brought into single patient views that display order and fill history for easier review. Patients that may need immediate attention can also be tracked across the continuum through event-based alerts (e.g. admissions, discharges or Bluetooth device alerts). Lastly, all of the needed tasks are being assigned to the right team members assuring “top of license” activity.  

From the patients’ perspective, they’re on a better path to become healthier as they receive care focused on wellness and preventive measures. They’ll also receive a better patient experience as they don’t have to repeat answers and all care givers are up-to-date on their information. Care coordination is one of the foundational strategies healthcare organizations must employ to achieve the Institute for Healthcare (IHI) Triple Aim of 1) Improving the patient experience 2) Improving the health of populations and 3) Lowering the per capita cost of care. With a little help from innovative new health IT, coordinated care can become a reality.

The Future of Big Data in Healthcare

Post by Neal Singh

Chief Technology Officer, Caradigm

The idea that there could be undiscovered insights residing in large data sets that can be used to drive innovation is fascinating. That’s why Big Data has so many people excited, including myself. In healthcare, Big Data is essentially a core component of population health management, a strategy that is helping healthcare organizations transform to value-based care. Although most healthcare organizations are still in the early stages of both strategies, there is no question that Big Data and population health will play major roles in shaping the future of healthcare. Let’s explore this issue further to better understand what steps healthcare organizations can take to realize the full promise of Big Data.

Getting to Big Data

The traditional healthcare organization is evolving beyond the walls of the hospital. Providers must now coordinate care across a broader health network that can include a large number of clinical partners often using a variety of technology systems. Although it can be a challenge to bring data together, it is the first required step towards gathering large quantities of data. It is also important to consider that clinical data is only the starting point. Where Big Data in healthcare starts to get really innovative is when clinical data is combined with other types of information such as claims, financial, lab, pharmacy, unstructured data (e.g. clinical notes), etc.  Providers that can establish the processes and tools to automate the aggregation and normalization of data regardless of the system or structure they reside in will be set up for Big Data success.

From Data to Insights

After an organization achieves data aggregation, it should celebrate because that is a major accomplishment. However, that is only step one in the journey because the data has to be turned into insights that can drive improvement. One of the most powerful uses of healthcare data is in predictive modeling, which helps providers understand their patient populations and anticipate where they can have the highest return on intervention. For example, providers can measure patient motivation, and use it to predict which patients will follow physician instructions and benefit most from targeted interventions. They can also predict which patients will become the sickest next, i.e. those that are most likely to transition from low to high clinical and financial risk over the next 12 months, so they can intervene proactively. As risk has shifted from payers to providers, this ability to understand the risk in a population has become essential.

From Insights to Action

The last, but most important, step is to surface insights and information within clinician workflows in real-time so that they can take action and improve outcomes. For example, a physician can see gaps in care for patients and close those gaps while still in their presence. A care manager can be alerted when a high-risk patient is admitted to the emergency department to ensure proper transition of care. A clinical analyst can monitor patient data on a large number of patients who have had catheters inserted, and alert a nurse when the data shows that a patient is showing signs of a potential infection.  

Most exciting is that all of the above use cases are not hypothetical or years away from becoming reality. They are all possible with today’s health information technology. These innovations stemming from Big Data are starting to take hold, but it will take time for them to truly become the norm in healthcare. There is no doubt, however, that momentum is building for both Big Data as well as population health, and that they will play leading roles in healthcare’s future.

What The Anthem Breach Teaches Us About Access Control

Post by Azam Husain

Senior Product Manager, Caradigm

As more details continue to emerge from the Anthem breach, the incident has put all healthcare organizations on notice. The estimated cost of the breach could be in excess of $100 million with as many as 80 million people impacted.[1] A breach of this magnitude is an important learning opportunity to think about healthcare security best practices and in particular, how to control access to sensitive data in organizations.  Here are several key takeaways from the breach for healthcare organizations.

Data thieves are looking for soft targets

Healthcare organizations are prime targets for cyberattacks not only because healthcare data is valuable, but because healthcare organizations have a reputation for being susceptible to breaches. In this HealthcareIT News article discussing the breach, Lynne Dunbrack of IDC Health Insights said “Cybercriminals view healthcare organizations as a soft target compared with financial services and retailers because historically, healthcare organizations have invested less in IT, including security technologies and services than other industries, thus making themselves more vulnerable to successful cyberattacks.” Until healthcare as an industry improves its adoption of security practices including data access control, cybercriminals will continue to view healthcare data as a vulnerable target.     

Improper access is a top security vulnerability

Investigators believe hackers accessed Anthem’s information by stealing system administrator credentials of five different employees. They also believe that the breach had been in progress for several years.  Benjamin Lawsky, Superintendent of New York State Department of Financial Services, said in this article that “Anthem is a wake-up call to the insurance sector really showing that there is a huge potential vulnerability here.”

Some have pointed out that Anthem should have encrypted the information, however, the greater shortcoming was the lack of proper access controls. Encryption would not have stopped attackers who had gained authorized credentials. The vulnerability was not in the software, operating system or hardware, but in the process of managing proper access controls based on business and operational requirements. 

Three types of safeguards are needed to control access to sensitive data

Managing access control can be challenging, especially with respect to preventing insider data breaches or simple mistakes by users with high level access. Anthem is not alone as many organizations need to tighten system access.  When providers are considering what strategies to employ to improve access control, they should consider three broad types of safeguards.  

1)      Technical safeguards – Grant role-based access to data and applications on a need-to-know basis.

2)      Physical safeguards – Control of physical workstation access and access to clinical applications.

3)      Administrative safeguards – Create comprehensive policies and auditing tools that allow a compliance manager to report on who has access to which systems, applications and patient records as it applies to their role.

Caradigm is the leader in Identity and Access Management (IAM) solutions, and is focused exclusively on healthcare organizations. If you’d like to discuss your access control needs further or see a demo, contact us here.   

[1] Osborne, Charlie. “Cost of Anthem’s data breach likely to exceed $100 million.” Retrieved from http://www.cnet.com/news/cost-of-anthems-data-breach-likely-to-exceed-100-million/. 2.12.15