A doctor showing a patient medical information on a tablet

A Tech Checkup: Keeping Patients Healthy During an M&A

17 Dec 2015 by Sally Clasen

It’s a “go big or go home” mentality in the healthcare industry as a record number of mega mergers and acquisitions (M&A) were reported in 2015, and the list continues to build in 2016. Aetna’s plans to purchase Humana for $37 billion and Anthem’s proposal to buy Cigna for $54 million are among the recording-breaking deals.

But it’s not just the big names making the news. Diverse community hospitals, hospital chains, information technology companies, software firms, individual practices, specialty groups and medical service vendors are also maximizing their value with buyouts and consolidations.

Many industry analysts believe the Affordable Care Act is fueling the flurry of M&A negotiations, which proponents suggest will improve efficiency and interoperability, and reduce costs. The collaborative trend will undoubtedly transform healthcare delivery, but it is unclear how healthy the outcome will be for patients. One thing is certain — IT will need to perform a balancing act to implement and design technology solutions that protect its well-being. 

Charting a healthy course

A significant challenge is how to keep lines of communication open and establish connectivity among a new influx of patients, physicians, insurers and other parties who join the continuum of care.

The CORE Institute, which provides orthopedic and neurological care across Michigan and Arizona and recently purchased a practice in Lafayette, Louisiana, is reacting to its growth spurt by upgrading existing systems and launching new tech platforms.

Currently, it uses various integrated web and mobile efficiencies (accessible via standalone or any mobile device such as a smartphone or tablet) to manage patient-provider relationships such as online registration, appointment text reminders and prescription refill notices, as well as an automated call-back feature during high-call volume times.

The CORE Institute also relies on a scheduling assistant tool to ensure patients are scheduled with the appropriate providers using standardized pathways and to upload payer contract requirements.

“Online registration is functional through a patient portal whereas scheduling is available internally with plans to integrate the functionalities with the registration,” explains chief medical information officer, Michel Dagher, DO, MBA. “For example, a patient would be able to schedule an appointment with a specific physician based on his or her availability.”

In addition, plans to distribute system-wide kiosks will help streamline office visits and administrative functions like insurance payments to improve the front-end experience. Once installed, patients can bypass the registration process by printing a bar code pass that is available at home through a pre-registration application and then check in via a kiosk once they arrive at a location, as well as view their co-pay and pay up front without the aid of a cashier.

Connecting the dots

Another M&A concern is how to effectively track patient conditions and manage treatments through coordinated Electronic Health Records (EHR), picture archiving and communication systems, and ancillary databases and files spread across distributed workforces, clinics, labs and hospitals.

Not every organization will need to integrate all systems into a central clinical archive or replace traditional legacy platforms, which is a complex interface and maintenance effort. Some will have to determine how to optimize patient data and health records and images like ultrasounds, X-rays and MRIs within their existing framework.

To consolidate vital medical information, The CORE Institute plans to over-arch technologies to help facilitate patient progress depending on the care given. “Currently, portals are used by patients to enter basic information,” Dagher says. “We are planning on creating interactive patient-reported data, such as patient-reported outcomes for surgical and non-surgical patients. In addition, we are reviewing current technology for virtual physical therapy and wearable applications for continual patient monitoring. The benefit is to decrease unnecessary visits and early warning symptoms, such as wound infection.”

Examining cybersecurity

Of course, the safety of patient information and data is at the core of any storage or transfer of EHR, particularly as the risk of personal identity theft grows.

Since 2009, 29.3 million patient health records have been compromised in Health Insurance Portability and Accountability Act (HIPAA) data breaches. Yet a digital landscape creates a perfect cyberthreat storm in healthcare, says Adam Boone, chief marketing officer of Certes Networks, a global information security company based in Pittsburgh whose clients include several hospitals, healthcare data networks, healthcare regulatory bodies and insurers.

“Information that used to reside on paper is now data that is digitized and placed on network-connected servers,” he says. “The applications handling this data are supposed to deliver what we call the ‘frictionless enterprise’ because these technical advances have made business dramatically more efficient. Physicians, pharmacists, nurses, administrators, service providers, contractors and many other users can access and utilize this data on a range of devices and in a variety of locations, bringing great efficiencies to the extended healthcare enterprise.”

The dark side is the ease of data sharing also makes it easy to hack. “The security architecture commonly deployed by companies using the sensitive data has essentially become obsolete,” Boone explains. “The traditional architecture has been to create a secure perimeter using firewalls then manage access into the ‘trusted’ internal network for authorized users. But the firewalls and other devices making up these perimeters have not kept pace with how applications are being shared and how new devices are being used to access sensitive data. Hackers have leapfrogged that generation of security products and now routinely bypass firewalls and other systems.”

Plus, hacking is a lucrative business. The only truly safe strategy is to adopt a “No Trust” model and assume a breach will happen and plan accordingly, suggests Boone. “This means using strong network segmentation and application isolation techniques that limit the damage a hacker can do when they compromise your network and systems. Firewalls are still deployed and used, but they are no longer the centerpiece of the security architecture.”

Reducing risky outcomes
The stakes are high for patients of the modern healthcare era. Now more than ever, it will require a proactive investment in tech decision-making and ingenuity so consumers of medicine will not be left unchecked in the shuffle of headlining business deals.

This article originally appeared in Volume 1, Issue 2 of Technically digital magazine.