OpenText Fax & Document Distribution Group

Words, ideas, technologies, people and even food travel greater distances more quickly every day. Some things translate perfectly between cultures, and HIMSS is hoping that will be the case for a new partnership announced May 2 with the British Computing Society (BCS).

The HIMSS electronic medical record adoption model (EMRAM) has already seen great success in both US and Canadian healthcare systems, and now it’s time to see if the same approach can work for hospitals and other healthcare institutions in Britain’s public health network, the National Health Service (NHS).

The program is especially important in the US as healthcare institutions approach the 2015 deadline to comply with the meaningful use requirements set down by the 2009 HITECH Act. The act requires healthcare providers to implement the broad use of electronic medical records (EMR) in an effort to improve patient care. HITECH provides incentives for compliance, and fines for failure.

Based on comments made in the HIMSS press release, both parties seem eager to get started.

BCS Health Chair Matthew Swindells had this to say: “We’re delighted to be working with HIMSS Analytics Europe on this project. We believe information and technology are crucial to the challenge of transforming our healthcare service. The HIMSS Analytics EMRAM model will enable hospitals to measure their progress in the implementation of health IT and benchmark themselves against the rest of the NHS and internationally.”

To ensure the program is appropriately structured and targeted, HIMSS Europe and BCS have formed a steering committee of British healthcare experts including health IT leaders, medical professionals and scholars.

Agencies like NHS Connecting for Health have been trying for many years to come up with a way to centralize and digitize patient records and connect some 30,000 providers to 300 hospitals across Great Britain. Due to several challenges including cost and unstable management, none have yet been able to do so.

HIMSS monitors health IT adoption in 25 countries, and rates institutions on a seven-point scale that grades their “meaningful use” of new technologies to improve patient care. To date, HIMSS has identified only 68 Stage 7 institutions worldwide. A Stage 7 facility is a “fully digitized, virtually paperless environment with a broad range of interoperability and data exchange capabilities with other organizations.” Just 1.2 percent of US hospitals earn that grade, and about 70 percent are still Stage 3 or lower. HIMSS has recognized 15 Stage 7 institutions in Europe as a whole, but have not yet identified any in Great Britain.

OpenText’s Fax and Document Delivery Group (FDDG) follows HIMSS closely because of the central role of fax in the exchange of EMR including protected health information (PHI). To address the requirements of meaningful use, many physicians and healthcare organizations (including NHS Manchester) have turned to an automated software-based electronic fax delivery system to manage sensitive patient records.

Continued improvements in fax over IP (FoIP) technology have brought the security and reliability of fax transactions to the desktop, and even to mobile devices. With most health IT professionals citing cost as the biggest barrier to EMR adoption, the immediate savings on paper and the time saved by automating fax from a single central, searchable server makes fax an ideal solution for healthcare.

Just a week ago, Emory Healthcare in Atlanta, GA became the latest victim of a major data breach involving protected health information (PHI). The health network announced it was unable to locate 10 computer discs containing PHI for more than 300,000 patients treated between 1990 and 2007.

According to a local news article from the Atlanta Journal-Constitution, Emory President and CEO John Fox admitted that the discs had not been properly stored. Although they were in an office with restricted access and nightly lockdown, the cabinet they were in was not locked.

We can hope that the discs were simply misplaced rather than stolen or destroyed, but incidents like this still occur far too often in the healthcare industry. At risk is not only the privacy of the patients whose health information could now be anywhere, but also Emory itself, because it is bound by strict regulatory mandates like HIPAA and HITECH. Non-compliance can result in crippling fines and a loss of public confidence. Emory has already committed to providing identity theft resources to all of the affected patients.

This latest breach comes just six months after an internal breach in which an employee perhaps unwittingly printed medical records that eventually found their way to an identity theft ring. Nine of 32 affected patients reported that their identities had been stolen, and Emory alerted another 7,200 patients who had been in their care at the time. All told, industry analysts calculate the average cost per breached document at $240. Though the employee was let go, Emory spokesperson Lance Skelly said the printed documents were within the scope of the employee’s job duties. In other words, the paper was the problem. To see how OpenText helps medical facilities of all sizes tackle this issue, watch last month’s webcast with TMCnet.

While many healthcare providers are making great strides in effectively managing today’s patient information, how many of them are effectively evaluating the risk associated with “misplacing” historic documents that fall outside the scope of their EMR deployment? For many organizations, it’s unlikely that their next data breach will result from a virus or a group of teenage hackers. The real threat may simply come from the theft of unattended paper documents or an overzealous cleaner diligently “cleaning up.”

OpenText has a solution designed for problems exactly like this. Alchemy, our document server solution, can capture document images from paper or just about any electronic file format, file them or route them to specific users, and track every instance of access: where, when, and who sees them. Had the files on those discs or the leaked paper medical records been scanned into Alchemy, the physical media could have been safely destroyed and Emory would be in the clear.

Click here to check out Alchemy’s latest release, version 9.0.

Recently we co-sponsored a well-attended webinar highlighting the current state of security and compliance in the healthcare industry. Speakers Rebecca Herold (the Privacy Professor), privacy, security and compliance guru , and Chris Patterson, IT Administrator at Florida Heart and Vascular Associates, were extremely helpful in enlightening the audience using real-world examples and the most up-to-date data.

We’ve had some time to reflect on the webinar, and also to take a look at the responses to the polling questions. Here are a few realities we can take away from these resources:

■ Security and compliance remain the most important issues in healthcare after quality
patient care

■ The healthcare industry is not yet where it needs to be in terms of securing
private health information

■ Solutions do exist to mitigate the problems

■ Digital fax and document delivery will continue to play a central role in these solutions

The problems
Healthcare providers need to maintain a high level of data security for three main reasons: patient care, patient privacy and regulatory compliance. The rise in the use of fax to securely manage and deliver electronic medical records (EMR) solutions are  helping institutions address these concerns, but even fax is vulnerable to tampering if not properly protected, and data leaks continue to plague the industry.

Rebecca shared several real-life examples of recent breaches in fax security including hacking of fax servers, wrong numbers/email addresses, use of standalone fax machines and public networks, and improper document disposal. These problems come from a mixture of human and technological error and often lead to costly failures of compliance with government mandated regulations like HIPAA and HITECH.

According to the poll, about half of healthcare providers are unsatisfied with their ability to comply with HIPPA using digital documents, and more than half of physicians still rely primarily on paper charts.

The success stories 
The good news is that digital fax and document management solutions like Fax Appliance, RightFax and Alchemy are working for thousands of healthcare professionals, including Patterson. After deploying an OpenText fax solution, Patterson reported that security has improved and the hospital has enjoyed savings of more than $200,000 in the three years since implementation. Patterson also said his fax solution paid for itself within two months and has effectively replaced the work of two-and-a-half full-time employees.

The security of Protected Health Information (PHI) is a primary concern for healthcare institutions. PHI management is important not just for patient care and privacy, but also to meet strict regulatory compliance mandates. In the third installment of a bi-annual survey of healthcare providers, a report published in April details the current state of patient data security. The report was commissioned by Kroll Advisory Solutions, a leading risk consulting firm, and published by HIMSS Analytics, a world leader in healthcare IT reporting.

The reason for the report stems from concern over patient data security in light of increased adoption of mobile technology for the exchange of electronic health records (EHR) and, more specifically PHI. By moving PHI to mobile devices, it becomes more vulnerable to breaches. In fact, 31 percent of survey respondents indicated that “information available on a portable device was among the factors most likely to contribute to the risk of a breach.”

An earlier report by the Department of Health and Human Services (HHS) found that 207 data breaches in 2010 affected 500 people or more and were caused by:

• Theft
• Loss
• Unauthorized access/disclosure
• Human/technological error
• Improper disposal

Theft accounted for almost half of all breaches that year and affected an estimated 2,979,121 individuals. In the HIMSS survey, more than half of all breaches were internal, but third-party sources were also recorded. Almost all respondents require third parties to sign a business agreement before handling EHR, but only about half indicated they ensure that their third-party vendors conduct regular risk analysis to identify vulnerabilities.

The HIMSS Analytics report found that on top of security issues, healthcare institutions are being torn in two directions. On the one hand, they are tasked with protecting PHI, but on the other they are expected to comply with a multitude of strict regulatory mandates like HIPAA and HITECH. “While organizations are actively taking steps to ensure that patient data is secure, they are so focused on meeting compliance requirements that they have little awareness of the efficacy of their security programs.”

Debate also remains over who exactly oversees which elements of EHR: “As organizations struggle to address data and privacy breaches, a lack of ownership for the issue across the industry remains. Various titles hold responsibility for pieces of the compliance puzzle, ensuring that their organizations meet the mandates and regulations set forth, but the overall security picture continues to elude most.”

The keys then are:

• Controlled document access
• Confidence in third-party vendors
• Clearly defined security and privacy roles

The good news, according to the report, is that the priority of compliance has raised awareness about the gaps in patient data security. Respondents ranked their preparedness at an average of 6.40 on a scale of one to seven in 2012, compared to 6.06 in 2010 and 5.88 in 2008.

While mobile devices remain a concern, technology isn’t always to blame for data breaches, and can in fact be the solution. Such is the case for the thousands of healthcare institutions using fax and document delivery solutions to manage their EHR. Fax is still the preferred method of secure document delivery for healthcare institutions worldwide, and new fax technologies are changing the way we interact with fax.

No longer are workers sending and receiving paper documents at a fax machine in a public area. Instead, they can fax securely via encrypted email, or securely over IP from private, password-protected workstations. Other technologies include archiving tools that can capture, file, distribute and manage millions of documents from a single repository, and can control exactly which users can see a particular record. This allows only the appropriate healthcare professionals easy and immediate access to EHR not only to provide faster, better care for patients, but also to respond quickly to external requests for information.

Tasked with both patient data security and regulatory compliance, digital fax technology can solve problems for the smallest clinic to the largest healthcare network. In light of the HIMSS report’s findings, implementing a secure document management system is good for patients and good for business.

See the full report here.

To learn more about EHR management solutions for healthcare providers, visit OpenText’s Fax and Document Delivery Group healthcare page.

Tens of thousands of businesses around the world already use OpenText’s Alchemy Server to manage their critical documents. On April 18, 2012 new features in the areas of capture, access, workflow and retention were released as Alchemy 9.0. See the full press release here.

Alchemy 9.0 is a simple solution for managing documents. Any business that relies on thorough and precise tracking of records will benefit from Alchemy’s unique capabilities. Here are a few of them:

• Alchemy 9.0 captures and archives paper or electronic documents from MFP, desktop, back-office and third-party applications.

• All of your documents reside in a single, centralized database.

• Full-text search allows “Google-style” search of all documents just by plugging in a word or phrase.

• Alchemy 9.0 helps you create simple workflows so documents are automatically routed to the correct decision-makers depending on their status (e.g. “accepted” or “rejected”).

• Retention utilities let you manage the lifecycle of your documents from creation to deletion based on any criteria you choose (e.g. you can tell Alchemy to delete certain records days, weeks, months or years after a chosen event).

Immediate benefits include reduced payroll burn from manual document management like faxing and filing; reduction of paper and paper-related supplies; less hardware and maintenance on MFPs and fax machines; and audit-readiness for less risk of compliance failure.

Alchemy is particularly useful for small- to medium-sized businesses with an internal or mandated need for secure document management. Healthcare, legal, financial and manufacturing institutions in particular face severe fines for improper, inaccurate or incomplete document access and management.

We are very excited about this release and the enhanced capabilities of Alchemy 9.0, and you should be too!

Check us out at http://getdocumentmanagement.com or to view more fax and document solutions, see OpenText’s full suite at http://faxsolutions.opentext.com.

Darren Boynton
Product Marketing Manager
OpenText Corporation

We recently partnered with Healthcare IT News on a new survey report titled, Digital Document Delivery and Management: Achieving Compliance, Security and Improved Patient Care. The report details key findings from a survey investigating trends in the adoption of digital document management systems by healthcare institutions since the rollout of the HITECH Act’s financial incentive programs. The report was based on a January survey of 288 healthcare professionals ranging from senior IT managers and their staff to medical and clinical professionals. Respondents were chosen from healthcare institutions of all sizes. The diverse sample offered a unique insight into the current state of the healthcare IT marketplace and the internal and external drivers that allow some healthcare institutions to keep up with new regulations and IT solutions, and prohibit others from doing so. The survey answered five main questions:

• Who currently has a digital document delivery and management solution?
• What drives organizations to adopt new technologies?
• What challenges do healthcare professionals face regarding document management?
• What are the primary obstacles to adopting a digital document management solution?
• How do organizations primarily share protected health information (PHI)?

The survey looked at a wide range of barriers to the adoption of new health IT in general. Respondents overwhelmingly cited lack of resources as the biggest deterrent, followed by lack of support or buy-in from medical staff and integration problems.

When asked specifically about health record digitization, the survey found that more than a third of respondents had already adopted a digital document management solution and another third were testing, researching, or planning implementation. However, that left about a third of respondents without any solution, and many still weighing their decision.

Digital document delivery is not yet in every hospital and clinic, but the survey did find that 56 percent of office-based physicians used an electronic medical record (EMR) in 2011, a six-percent increase from 2010, indicating a move in the direction of increased adoption on the practitioner side.

Healthcare institutions still rely heavily on faxed documents due to their legal properties and ubiquity, but traditional faxing creates a lot of paper that is difficult to track and vulnerable to tampering. The study said, “Given that many faxed documents contain protected health information (PHI), and two-thirds of respondents share PHI via their EMR systems, it is critical that healthcare organizations integrate their faxing solutions with their EMR systems.” Indeed, security and searchability were cited by almost half of all respondents as the biggest challenge they face when managing documents.

Several case studies were included in the report focusing on the benefits enjoyed by healthcare facilities that do digitize their health records. The study concluded that “the secure and efficient electronic capture, management and delivery of patient information are the foundation to achieving the transformative goals of improving quality of care and patient safety.”

View the report by Healthcare IT News and OpenText here.

The complex and dynamic healthcare IT marketplace was on full display at HIMSS12 in Las Vegas last month. After spending a few days interacting with partners, customers and healthcare IT consumers as a representative of OpenText’s Fax and Document Distribution Group (FDDG), three main trends stood out to me that I feel are important to share with those unable to attend, whether health professionals with IT problems or vendors with IT solutions.

The Cloud
Despite early fears that managing and exchanging sensitive documents like patient information in the cloud would be too unstable or vulnerable, the sentiment is shifting as businesses across all industries become better informed – and consequently more comfortable – with the emerging medium.

Quite a few healthcare IT vendors have done a commendable job of demonstrating that cloud computing can be secure. Although many hospitals and other healthcare providers are realizing they need to step outside of traditional technologies in general, their initial hesitation to embrace cloud is understandable. Many of these institutions have spent a lot of time and money building an IT infrastructure that, while perhaps not as efficient or up-to-date as they would like, makes them feel confident that their sensitive documents are safe. It was great to see more hospitals getting out of their comfort zones and investigating new technologies.

Mobility
To some people, a PDA or other mobile device is simply a phone, a scheduling tool, or even just a neat gadget. But to a growing number of healthcare professionals, these mobile devices have become critical to managing and sharing documents, and, more importantly, delivering quality care.

The continually expanding capabilities and security of mobile devices are making them more and more attractive to healthcare professionals, especially those that need to share sensitive information quickly and without being tied to a desk or a fixed appliance.

HL7 Messaging
Health Level-7 (HL7) messaging is beginning to generate a lot of renewed attention. Originally developed in the U.S. more than 20 years ago as a standard for healthcare information systems, it was quickly adopted by many other nations and remains an important way of managing healthcare information in a unified manner.

Security and compliance has become one of the most daunting challenges for healthcare providers, but their need to communicate quickly and often internationally is growing as well. HL7 is being revisited as a cornerstone for sharing medical records and other health documents.

With these and many other changing trends in mind, our healthcare IT solutions must keep pace. OpenText FDDG will continue to develop document interchange technologies that meet the needs of the Healthcare industry.  Fax remains important, and even as electronic interchange of records grows in Healthcare, fax will still be a backstop.  OpenText continues to put a major focus on secure operability in the cloud, access to critical documents via mobile device, and compatibility with the widest range of applications possible. As Healthcare IT requirements evolve, you can be certain that OpenText will be there to provide superior solutions.

Managing excessive paper-based medical records is not for the faint of heart — especially when compliance violations can result in fines that well exceed seven figures. Healthcare organizations that employ a virtually “paperless” EMR or EHR solution may believe that they are immune to penalties but that’s simply not the case. Send a fax to the wrong person or leave a fax in whole or part at an unattended fax machine and you could be subject to costly fines. In fact, the number and amount of compliancy fines in the US is at an all-time high.

Join OpenText on April 12th at 2:00PM Eastern / 11:00AM Pacific for an educational webinar, where you will hear from security and privacy expert Rebecca Herold, AKA the Privacy Professor, and learn about the risks associated with paper-based communications and processes. During the webcast, attendees will also hear from Chris Patterson, the IT Administrator for Florida Heart and Vascular Associates, and see how they integrated an OpenText digital faxing solution to achieve HIPAA compliance, improve processes, and dramatically lower costs.

Who should attend?

• Healthcare Compliance Officers adopting new healthcare compliance initiatives
• Healthcare Professionals wanting to protect and secure patient information
• Healthcare Practice Managers seeking to improve productivity and patient care
• Healthcare Informatics roles searching for ways to improve workflow and streamline business processes

Register today!

Think of the HIMSS tradeshow as the supermarket of healthcare IT–anything and anyone you might be looking for is there. I showed up this year representing OpenText RightFax and took advantage of a valuable chance to locate and interact with people who can benefit from a fax solution. I also attended to keep up to date on the ever-changing trends in healthcare IT.

One trend that is not changing is the importance of compliance. Compliance continues to stand out as one of the biggest challenges faced by healthcare providers. Fortunately, it’s a challenge we have been able to help many of them meet and conquer. Broad-reaching regulatory mandates like HIPPA make it imperative that they always know where their documents are, as well as who has access to them. That’s exactly the solution RightFax provides and that is why we are doing so much of our business in the healthcare sector.

Still, it’s amazing to see the number of physicians’ offices, clinics, and hospitals that still use paper records. In many cases, they are receiving documents from a bank of old-fashioned fax machines, putting them on a cart, and wheeling them to another room to be scanned and filed…and sometimes lost. This type of system is hardly secure. In a sense, every time you generate a piece of paper, you generate a business problem. It’s these kinds of people I went to HIMSS12 to talk to.

As the largest gathering of its kind in North America, HIMSS remains the best annual venue for me to meet with the most important players in healthcare IT.

Visit OpenText at HIMSS12 – the largest annual healthcare IT conference and exhibit in the US. Over 20 current and former OpenText staff (including our former and recently retired CEO John Shackleton) will be on hand to showcase our company’s full line of healthcare solutions spanning healthcare records management to secure private health information exchange.

Stop by booth# 2474 at any time to view product demonstrations or to speak with OpenText healthcare experts. We encourage attendees to learn about our solutions and discover how they have helped thousands of healthcare organizations capture and streamline their paper-based clinical and business processes, manage compliance, mitigate risk and enhance delivery of services. If you’d like to schedule an appointment with us during HIMSS12, click here!

To learn more about OpenText healthcare solutions, visit our new healthcare microsite.

OpenText at HIMSS12 (Booth# 2474)
Venetian Sands Expo Center, Las Vegas
Exhibition Dates: Feb. 21 – 24, 2012

• Tuesday, February 21 – 1:00pm -6:00pm
• Wednesday, February 22 – 9:30am-1:00pm & 2:30pm-6:00pm
• Thursday, February 23—9:30am-1:00pm &2:30pm-6:00pm

Get Social at HIMSS12
Make sure you follow us on Twitter (our handle is @faxsolutions) and join the conversation using #HIMSS12 hashtag.