Part 2: Recapping ‘The 2018 HCEG Top 10 Healthcare Opportunities, Challenges & Issues’ Webinar

By | Executive Leadership Roundtable, HCEG Top 10, Webinar Series, Pharmacy, Privacy & Security | One Comment

The theme of last month’s HCEG Webinar Series event was The 2018 HCEG Top 10 – Healthcare Opportunities, Challenges & Issues. In a previous post, highlights of the following two topics that were discussed by moderator Kim Sinclair, HCEG board chair and CIO at Boston Medical Center Health Plan, and panelists Ferris Taylor, HCEG’s Executive Director and Consultant to Arches Health Plan and David Gallegos, Sr VP of Consulting Services at Change Healthcare, were reviewed:

  • Which three items on the 2018 HCEG Top Ten list three areas were of most interest?
  • What’s the state of healthcare consumerism and what’s being seen in the industry?

This second post recaps highlights from the second half of the webinar where the topics of Cybersecurity (Ranked #6 on the 2018 HCEG Top 10) and Addressing Pharmacy Costs (Ranked #9) were discussed. The webinar presentation materials and a recording of webinar can be found here.

Cybersecurity – 2018 HCEG Top Ten Item #6

Topic #3: How are you seeing cyber security and cyber threats impact healthcare organizations beyond the tactical day-to-day prevention activities?

HCEG Healthcare Executive Group Webinar-Top-10 Trends Cybersecurity

Ferris Taylor: “I think it’s (cybersecurity) fundamental that we need to innovate and improve cybersecurity in all of our healthcare processes. That really means giving people a confidence that their personal information won’t be used in ways that a person doesn’t want it to be used. So, it ties back to consumerism.

Real World Impact of Medical Identity Theft

“Here in Utah, about three years ago, there was a baby born in the hospital that was heroin addicted. And of course, the Department of Social Services immediately went to the home and removed the three other children from that home. The fundamental problem was that the mother of that heroin baby was not the mother in that home. And it took that mother three months to get her children back. It was a case of medical identity theft where the baby was born. The real mother checked out.  We can understand the personal impact that that lack of security around medical information caused for that family.”

David Gallegos: “The world has gotten a lot smaller and technology a lot more complex over the past decade. And clearly cyber terrorism is a big part and a growing concern that every organization needs to take seriously. But you need to keep in mind that the safest computer is one that’s turned off and unplugged. And clearly that’s not very useful.

“We need to balance both security and usability and the sharing of clinical information. It’s going to be critical to our care model redesigns and our clinical collaboration. This data is also going to be important for us to leverage artificial intelligence and, to help us determine optimal courses of treatment. In some cases, this information is even going to be needed to help really define how whole populations are treated.”

Addressing Pharmacy Costs – 2018 HCEG Top Ten Item #9

Kim Sinclair shared that pharmacy costs continue to rise and is a topic constantly in the news, noting that non-profit hospitals have stated intent of joining together to form their own pharmacy organizations.

Topic #4: What are your thoughts about what healthcare leaders can do about rising pharmacy costs?

Ferris Taylor: “I saw some statistics on pharmacy costs that struck me to the heart. It was from the Health Care Cost Institute over the last four years. It was actually 2012 to 2016 and the cost of prescriptions in the marketplace had gone up by 25%. But the utilization of prescriptions had only gone up by 1.8%. And it wasn’t just pharmacy costs. Emergency Room prices have gone up by 30% and visits went up by 2%.”

Free-Market Economy and Governance

“So, I think, once again, we haven’t transitioned from the buyer being the employer to the consumer becoming more and more important in that purchasing decision. As we discuss pharmacy costs, the other thing that I think we need to recognize is that we have a free-market economy. But industries have responsibilities to govern themselves. And I know some of the bad players in the pharmacy industry are outside of the Pharmacy Association. So, it’s hard to regulate them. But I use those key issues as the things to help us start to address the pharmacy costs”

David Gallegos on the State We’re in with Pharmacy Costs

pharmacy costs increases hceg healthcare executive group

“What I look at the state we’re in with pharmacy costs. To me it’s entirely self-made. We’ve created these regulations that allow schemes like pay to delay, or evergreening – that’s really pushed generics out further in terms of their development. We create, in a sense, quasi monopolies.”

“We criminalize the ability to negotiate for larger population blocks. I mean it seems ridiculous to me, actually, that drugs that were invented and manufactured here in the United States can often be purchased cheaper outside of our country.”

“Clearly drugs are very important. They reduce admissions that would use other high cost care. And some of them are miracles. They can literally cure diseases – cure the incurable. So, I understand this is not a simple problem. But if a drug cost a million dollars and the person can’t afford it, is it really a miracle?”

“And in any other market, if there was a product that nobody could afford, the supplier would price it differently. And that’s what we have in our market.”

Previous Webinar: Strategies to Address Rising Pharmacy Costs

For more about pharmacy costs, see this recap of last December’s webinar titled “Strategies to Address Rising Pharmacy Costs” presented by our sponsor partner Cumberland Consulting Group.

Check out the Webinar Recording for More

For more insight on 2018 HCEG Top 10 and the perspective of healthcare executives, check the webinar recording and subscribe to our eNewsletter where we’ll be sharing more information, insight, opinions and ideas of value to healthcare executives and thought leaders. Our newsletter will also share information on future webinars and events like our Executive Leadership Roundtable in Las Vegas this coming May 9th.

Is Your Organization Exposed to a Data Breach?

By | HCEG Top 10, Privacy & Security

Data_Breach_Blog_Banner_6_28

 

 

 

 

 

 

 

Too often the theft of personal health information (PHI) or personally identifiable information (PII) can go undetected before law enforcement or FBI intervention. Last year alone, the healthcare industry experienced its largest healthcare data breach in U.S. history, compromising the data of nearly 80M health insurance members.

While insurers continue to be the target of sophisticated cyber-attacks, there are several ways to combat this threat. To start, the industry must learn to better understand both current and future threats and vulnerabilities. They must place a greater emphasis on cyber security to protect the information and data they are entrusted to mange by their customers, members, and patients.

In the individual health insurance market, payment facilitation relationships among health plans and other software companies are common, and assist with the facilitation of premium payment transactions paid by health plan members or the buyers. Serving as the merchant,the health plan may offer its benefit products both on and off public health insurance exchanges. To facilitate the large quantities of payments received, these relationships offer unique advantages to the health plan, shifting many functions and risks to the payment facilitator.

What is a Payment Facilitator

Payment Facilitators possess not only the power to accept payments, but also to disburse payments to third party entities. Offering services to a wide array of clientele, payment facilitators open up new doors for their stakeholders whom would otherwise not be able to perform critical business functions that affect their payment and transactional processes.

At the core of many businesses, including PayPal and Square, the payment facilitator model is typically employed by independent sales organizations, transactional processors, payment gateways, third party marketing firms, and/or web hosting companies. This model offers not only the power to accept payments but also to disburse them to third party entities.

Facilitating the credit and debit payments within payment ecosystems, payment facilitators or payment service providers (PSP) aggregate real-time transactions on behalf of merchants. And, without their services, small businesses, individuals, organizations, and charities would be incapable of fulfilling their transactional needs at the same level of ease. In turn, partnerships among individuals and/or organizations and payment facilitators have grown in both frequency and popularity.

In the individual health insurance market, payment facilitation relationships among health plans and other software companies are common, and assist with the facilitation of premium payment transactions paid by health plan members or the buyers. In this scenario, the health plan serves as the merchant, offering its benefit products both on and off public health insurance exchanges. To facilitate the large quantities of payments received, these relationships offer unique advantages to the health plan, shifting many functions and risks to the payment facilitator.

But how does this affect cyber security?

Becoming a payment facilitator is no easy feat. The process is undoubtedly complex and requires confirmation of the organization’s financial status and viability, proof of insurance, as well as other documentation obligatory for entering into a binding agreement with an acquirer. The payment facilitator must also contemplate the kind of customer relationship management (CRM) platform it will secure and utilize to manage its merchants, undergo stringent background and credit verifications, as well as acquire the necessary tools for regulatory compliance and data credibility much as fraud prevention instruments to reduce the payment facilitator’s liability and risk.

But perhaps the most important step surrounds the payment facilitator’s requirement to validate its PCI DSS compliance, which is set by the PCI Security Standards Council. The PCI Security Standards Council, a global open body that is composed of representatives from the five founding global payment brands and strategic members, creates and enforces stringent payment security measures that merchants, financial institutions, and point of sale vendors must adhere to.

What is PCI DSS?

The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded credit cards (Visa, MasterCard, American Express, Discover, etc.). Formerly referred to as the Payment Application Best Practices (PABP), PCI DSS was established to provide a definitive data set for software vendors to deploy payment applications.

PCI DSS offers a benchmark of technical and operational requirements to protect and secure cardholder data, utilizing twelve core requirements:

July_Blog_Chart_Figure_3ver3

 

 

 

 

 

 

 

 

 

 

 

Figure 1 PCI Data Security Standard: 12 PCI DSS Requirements

With PCI DSS, the risk of data hacks and breaches are significantly reduced. From customers to merchants and financial institutions, the security of cardholder data affects everybody and can lead to devastating outcomes. Likewise, the concept of payment facilitation has also become critical to numerous small business, charities, and other organizations in meeting the demands of their customer base and their desired payment acceptance methods. Embracing new payment approaches and data exchanges, the payment facilitation model delivers a unique value proposition to its stakeholders fulfilling business functions that the merchant would otherwise not be able to meet.

Read more on the steps required to become a payment facilitator and the significance of PCI DSS in Softheon’s whitepaper:Payment Facilitators & Aggregators: The Payment Facilitator Model Stakeholders & Considerations.

https://www.pcisecuritystandards.org/documents/pci_dss_v2.pdf

https://www.pcisecuritystandards.org/documents/pci_dss_v2.pdf

https://www.pcisecuritystandards.org/pci_security/