1 ohip hie state plan - amazon...
TRANSCRIPT
2010
Ohio Health Information Partnership 7/31/2010
HIE State PlanStrategic and operational plans for a
statewide health information exchange
Approved January 25, 2011
Primary Contact: Fred Richards, CIO/COO 614.664‐2600 [email protected]
ii
iii
TABLE OF CONTENTS
Table of Figures [Tables] .............................................................................................................................. vi
Table of Figures [Diagrams] ........................................................................................................................ vii
Table of Appendices .................................................................................................................................... vii
1 STRATEGIC PLAN ........................................................................................................................................ 1
1.1 Introduction ................................................................................................................................... S ‐ 1
1.1.1 Creation of OHIP ..................................................................................................................... S ‐ 1
1.1.2 Ohio’s Efforts For Health Reform ............................................................................................ S ‐ 2
1.1.3 Executive Summary ................................................................................................................. S ‐ 5
1.2 HIE Development and Adoption .................................................................................................. S ‐ 12
1.2.1 Vision ..................................................................................................................................... S ‐ 12
1.2.2 Goal ....................................................................................................................................... S ‐ 12
1.2.3 Objectives.............................................................................................................................. S ‐ 12
1.2.4 Primary HIE Drivers ............................................................................................................... S ‐ 13
1.2.5 Environmental Scan .............................................................................................................. S ‐ 16
1.2.6 Proposed HIE Model ............................................................................................................. S ‐ 34
1.3 Federal and State Coordination ................................................................................................... S ‐ 48
1.3.1 Regional Extension Center Services ...................................................................................... S ‐ 48
1.3.2 Federally Funded, State Based Programs ............................................................................. S ‐ 54
1.3.3 Public Health ......................................................................................................................... S ‐ 57
iv
1.3.4 Broadband Initiatives ............................................................................................................ S ‐ 63
1.3.5 Medicaid Coordination ......................................................................................................... S ‐ 67
1.3.6 Medicare Coordination ......................................................................................................... S ‐ 74
1.3.7 Participation with Federal Care Delivery organizations ........................................................ S ‐ 77
1.4 Governance .................................................................................................................................. S ‐ 78
1.4.1 Collaborative Governance Model ......................................................................................... S ‐ 78
1.4.2 Governance Structure ........................................................................................................... S ‐ 79
1.4.3 Staffing Structure .................................................................................................................. S ‐ 81
1.4.4 Stakeholder Involvement ...................................................................................................... S ‐ 83
1.4.5 State Government HIT Coordinator ...................................................................................... S ‐ 84
1.4.6 Accountability and Transparency .......................................................................................... S ‐ 85
1.5 Finance ......................................................................................................................................... S ‐ 86
1.5.1 Sustainability ......................................................................................................................... S ‐ 87
1.5.2 Summary of Costs and Revenues .......................................................................................... S ‐ 88
1.6 Technical Infrastructure ............................................................................................................... S ‐ 94
1.6.1 Request for Information ....................................................................................................... S ‐ 94
1.6.2 Technology Development Principles ..................................................................................... S ‐ 95
1.7 Business and Technical Operations ............................................................................................ S ‐ 100
1.7.1 Implementation .................................................................................................................. S ‐ 100
1.7.2 Project Management .......................................................................................................... S ‐ 103
1.8 Legal/Policy ................................................................................................................................ S ‐ 106
1.8.1 Privacy and Security ............................................................................................................ S ‐ 106
v
1.8.2 State laws ............................................................................................................................ S ‐ 108
1.8.3 Policies and Procedures ...................................................................................................... S ‐ 109
1.8.4 Trust Agreement ................................................................................................................. S ‐ 110
1.8.5 Oversight of Information Exchange and Enforcement ....................................................... S ‐ 112
1.8.6 Consent Toolkit and Educational Campaign ....................................................................... S ‐ 113
1.8.7 Securing Health Data .......................................................................................................... S ‐ 113
2 OPERATIONAL PLAN ............................................................................................................................. O ‐ 1
2.1 Introduction to Operational Plan .................................................................................................. O ‐ 1
2.1.1 Project Plan ............................................................................................................................ O ‐ 1
2.1.2 Risks and Mitigation Strategy ................................................................................................ O ‐ 1
2.2 Coordination with Other ARRA Programs ..................................................................................... O ‐ 4
2.2.1 Regional Extension Center ..................................................................................................... O ‐ 4
2.2.2 Coordination with Medicaid, Medicare and Federally Funded, State‐Based Programs ........ O ‐ 6
2.2.3 Participation with FCDOs and Coordination with Other States ............................................. O ‐ 7
2.3 Governance ................................................................................................................................... O ‐ 7
2.4 Finance .......................................................................................................................................... O ‐ 9
2.5 Cost Estimates ............................................................................................................................. O ‐ 10
2.5.1 Staffing Plans ........................................................................................................................ O ‐ 11
2.5.2 Controls and Reporting ........................................................................................................ O ‐ 14
2.6 Technical Infrastructure .............................................................................................................. O ‐ 15
2.6.1 Standards and Certification ................................................................................................. O ‐ 15
2.6.2 Technical Architecture ......................................................................................................... O ‐ 18
vi
2.6.3 Technical Deployment ......................................................................................................... O ‐ 19
2.7 Business and Technical Operations ............................................................................................. O ‐ 19
2.7.1 Current HIE Capacities ......................................................................................................... O ‐ 19
2.7.3 Standard Operating Procedures for HIE .............................................................................. O ‐ 24
2.8 Legal/Policy ................................................................................................................................. O ‐ 25
2.8.1 Establish Requirements ....................................................................................................... O ‐ 25
2.8.2 Privacy and Security Harmonization .................................................................................... O ‐ 25
2.8.3 Federal Requirements .......................................................................................................... O ‐ 25
TABLE OF FIGURES [TABLES]
Table 1 Ohio Health Care Statistics ........................................................................................................ S ‐ 17
Table 2 OHIP Board of Directors ............................................................................................................ S ‐ 81
Table 3 OHIP Projected HIE Revenues and Expenses ............................................................................ S ‐ 90
Table 4 OHIP Revenue Model Assumptions .......................................................................................... S ‐ 93
Table 5 Proposed Core Infrastructure Services Implementation Model ............................................. S ‐ 101
Table 6 Projected Risks and Mitigation Strategies .................................................................................. O ‐ 2
Table 7 Federal, State and OHIP Committee Alignment ......................................................................... O ‐ 8
Table 8 OHIP HIE Budget ....................................................................................................................... O ‐ 10
Table 9 OHIP Staff (Current and Planned) ............................................................................................ O ‐ 12
Table 10 Summary of HIE Services by Existing HIOs in Ohio ................................................................. O ‐ 23
vii
TABLE OF FIGURES [DIAGRAMS]
Diagram 1 Primary HIE Networks In Ohio (Source: 2010 EHR/HIE Survey) ........................................... S ‐ 23
Diagram 2 HIE Business Model .............................................................................................................. S ‐ 35
Diagram 3 ‐ Major Payers and Managed Care Plans in Ohio ................................................................. S ‐ 47
Diagram 4 OHIP Regional Partners ........................................................................................................ S ‐ 50
Diagram 5 Broadband Coverage with Physicians by Zip Code ............................................................... S ‐ 65
Diagram 6 Broadband Coverage with Hospitals by Zip Code ................................................................ S ‐ 66
Diagram 7 National Level Repository Narrative ..................................................................................... S ‐ 75
Diagram 8 Project Management Coordination .................................................................................... S ‐ 104
Diagram 9 Project Management Reporting Structure ......................................................................... S ‐ 105
Diagram 10 Key Responsibilities of OHIP Board and Advisory Committees ........................................... O ‐ 8
TABLE OF APPENDICES
Appendix A – Health IT Regulatory, Certifications and Other References1
Appendix B – EHR/HIE Survey Tool
Appendix C – Regional Partners
Appendix D – EHR Request for Proposal (RFP)
Appendix E – HIE and REC Committee Members
Appendix F – HCCQC Health IT Task Force
Appendix G – Stakeholders Who Submitted Letters of Support
Appendix H – HIE Request for Information (RFI)
1 See Appendix P, Amendment #15
viii
Appendix I – HIE Project Plan2
Appendix J ‐ HISPC Model Permission Form
Appendix K – HIE White Paper3
Appendix L – Behavioral Health Subcommittee Information4
Appendix M – EPrescribing Task Force Members5
Appendix N – Privacy and Policy Committee Members6
Appendix O – OHIP Financial Policies and Procedures7
Appendix P – HIE State Plan Amendment Table
Appendix Q – HIE Implementation Model8
2 See Appendix P, Amendment #12 3 See Appendix P, Amendment #16 4 See Appendix P, Amendment #13 5 See Appendix P, Amendment #2 6 See Appendix P, Amendment #11 7 See Appendix P, Amendment #14 8 See Appendix P, Amendment #17
S ‐ 1
1 STRATEGIC PLAN
1.1 INTRODUCTION
As the state‐designated entity (SDE) to lead health information technology (HIT) development for Ohio,
the Ohio Health Information Partnership (OHIP) is pleased to submit its health information exchange
(HIE) State Plan to the Office of the National Coordinator (ONC) under the State Grants to Promote
Health Information Technology Planning and Implementation9 grant.
This plan outlines the strategic and operational direction to develop a statewide HIE for the purposes of
improving the healthcare quality, outcome and experience for the citizens of Ohio. By facilitating timely,
secure and accurate exchange of health information:
Patients will be better positioned to become true partners in managing their health;
Providers will be able to gain a more holistic view of healthcare needs;
Adverse treatment practices can be avoided; and
The healthcare system as a whole can address current costly and inefficient administrative and
clinical practices.
While OHIP and its stakeholders have invested a great deal of effort in the development of this plan, it is
recognized that the healthcare environment is highly dynamic and subject to rapid evolution in the
areas of clinical advancement, workforce, public policy, funding and technology. Therefore, the
approach outlined in this document is conceptual and will evolve with ongoing strategic guidance from
ONC, stakeholders and consumers as tasks are completed and deliverables are met. The one constant is
the consensus for the need to remain fluid and agile as we progress with this important scope of work to
achieving improved health quality and outcomes for Ohio.
1.1.1 CREATION OF OHIP
In September 2009, Governor Ted Strickland designated OHIP as the SDE to lead the implementation
and support of health information technology (HIT) initiatives established by the American Recovery and
9 Appendix A, Reference # S15
S ‐ 2
Reinvestment Act (ARRA)10 throughout Ohio. To help cultivate these programs, OHIP has created a two‐
pronged mission:
Support the adoption and meaningful use of electronic health records (EHRs) by Ohio’s health
care providers through regional partnerships with industry experts to provide outreach,
educational, technical and quality improvement services.
Facilitate and develop a statewide HIE that improves the timeliness and efficiency of data
exchange while ensuring patient privacy for the purposes of advancing the safety, quality,
accessibility, availability and efficiency of health care for citizens of Ohio.
In support of its mission, OHIP completed submission of two ARRA Health Information Technology for
Economic and Clinical Health (HITECH) grants in October and November 2009. The State Grant to
Promote Health Information Technology Planning and Implementation11 provides funding to states or
state‐designated entities for the development of statewide HIEs. The Health Information Technology
Regional Extension Center (REC) program12 offers funding to entities to provide education, outreach and
technical assistance to help providers in their geographic areas to select, successfully implement and
meaningfully use certified EHR technology to improve the quality and value of health care. In addition,
the state’s 2010‐11 biennial budget allocates $8 million in non‐general‐revenue funds to the Ohio
Department of Insurance (ODI) to support OHIP’s efforts. ODI will work with OHIP to oversee the use of
this money and the application for federal resources.
1.1.2 OHIO’S EFFORTS FOR HEALTH REFORM
Historically, Ohio has endorsed multiple initiatives to improve the quality and efficiency of our
healthcare system, including:
Healthy Ohio13 – Healthy Ohio is a program managed by the Ohio Department of Health (ODH)
to improve the health of all Ohioans by creating a better quality of life, assuring a more
productive workforce and equipping students for learning about their health, while increasing
the efficiency and cost‐effectiveness of medical services. Healthy Ohio’s three core program
areas are:
10 See Appendix A, Reference # R2 11 See Appendix A, Reference # S15 12 See Appendix A, Reference # S14 13 See Appendix A, Reference # S16
S ‐ 3
- Health promotion;
- Disease prevention; and
- Health equity.
Health Information Privacy and Security Collaboration (HISPC)14 – Ohio participated in a
nationwide effort led by RTI International to identify the state and federal laws that create
barriers to information exchange within and between states, and to recommend solutions to
overcome those barriers. A summary of the HISPC findings for Ohio and other midwestern states
is available in a final report produced in July 2009 (see
http://hispc.pbworks.com/f/Intrastate_Interstate_FinalReport_20090911.pdf)
House Bill 125 Advisory Committee on Eligibility and Real‐Time Claim Adjudication15 – The Ohio
General Assembly instructed an advisory committee to report its findings and recommendations
for legislative action to standardize eligibility and real‐time claim adjudication transactions
between providers and payors. The committee convened its first meeting in July of 2008 and
held monthly public meetings through December of 2008. The charge of the committee was to
study and recommend standards to enable providers and payors to communicate electronically
with each other regarding patient insurance eligibility. The committee also was asked to address
the challenges involved with real‐time claim adjudication and present any possible solutions. A
copy of the committee’s final report is available at
http://www.insurance.ohio.gov/Legal/Documents/hb125‐finalreport.pdf.
Medicaid Information Technology System (MITS)16 – Beginning in 2004, Ohio embarked upon an
initiative to replace its Medicaid Management Information System (MMIS) with the newly
released Medicaid Information Technology Architecture (MITA). Key components of MITS are in
place, including front‐end support for managing the exchange of administrative transactions
between trading partners and an enterprise service bus (ESB). Use of the system for production
claim adjudication is targeted for early 201117. This new framework will position Medicaid to
work with OHIP in exchanging permissible information with HIE stakeholders, both for the
efficiency and effectiveness of patient care and population health purposes.
The Health Information Partnership Advisory Board (HIPAB) – In 2007, the Governor convened a
workgroup of healthcare stakeholders who produced a list of high‐level recommendations
14 See Appendix A, Reference # R16 15 See Appendix A, Reference # S5 16 See Appendix A, Reference # S13 17 See Appendix P, Amendment # 6
S ‐ 4
regarding HIE adoption, governance, finance and exchange. The committee’s interest in HIT
adoption was very high and many of the participants continued as engaged stakeholders of OHIP
following its formation.
The Ohio Health Care Coverage and Quality Council (HCCQC)18 ‐ Following its initial creation by
an Executive Order from Governor Ted Strickland, the Ohio General Assembly established the
HCCQC in July of 2009. The council was designed to improve the coverage, cost, and quality of
Ohio’s health insurance and healthcare system and includes four task force workgroups:
- Payment reform;
- Patient‐centered medical homes (PCMH);
- Consumer engagement; and
- Health IT.
Ohio’s Implementation of State and Federal Health Care Reforms19 ‐ On March 23, 2010,
President Barack Obama signed The Patient Protection and Affordable Care Act20 (PPACA) into
law. One week later, he signed The Health Care and Education Reconciliation Act of 2010, which
made numerous changes to PPACA. The healthcare reforms in this legislation aim to expand
healthcare coverage to millions of Americans, which will require a number of changes to health
insurance products and the regulations that govern them. There are more than a dozen key
provisions that are scheduled to take effect in 2010, including:
- The creation of a national high‐risk pool program for people with pre‐existing conditions
that cannot buy insurance on their own;
- Tax credits for small businesses that obtain health coverage for their workers; and
- Assistance for Medicare beneficiaries with high drug costs who fall within the drug
benefit’s coverage gap or “doughnut hole.”
Other provisions will continue to take effect through 2014, when major reforms to expand
access to health coverage are fully implemented. The federal reform measures complement the
reforms to state law, as passed in the 2010‐2011 State of Ohio budget. Those within the state
who are currently analyzing the federal legislation are determining the required next steps so
that Ohio takes full advantage of all of the opportunities and resulting benefits. Ohio has
designated state team leads for every provision of the bill and looks forward to working with the
18 See Appendix A, Reference # S12 19 See Appendix A, Reference # S11 20 See Appendix A, Reference # R22
S ‐ 5
US Department of Health & Human Services (HHS) as further guidance and regulations are
crafted.
Additionally, Ohio has three participants in the National Health Information Network (NHIN),
numerous operational HIEs and several of the nation’s top‐ranked hospital systems in the
country. Through these efforts, Ohio has invested both time and resources in advancing HIT to
increase the safety and quality of care delivery and to reverse the trend of rising healthcare
costs. While many efforts are underway, there are still many areas where additional HIT
resources are needed.
1.1.3 EXECUTIVE SUMMARY21
Ohio is ready to build on its Regional Extension Center (REC) structure, which is providing assistance now
to physicians, hospitals and other healthcare providers to meaningfully use electronic health records
(EHRs). The creation and implementation of a statewide health information exchange (HIE) will allow the
secure, virtual sharing of patient information both within Ohio and across the nation. OHIP is pleased to
submit this State Plan to the Office of the National Coordinator (ONC) under the State Grants to
Promote Health Information Technology Planning and Implementation. This plan lays out the strategic
and operational goals, objectives, deliverables and deployment plan to create an HIE platform that can
improve the delivery of health care to 11.5 million Ohioans.
1.1.3.1 GOVERNANCE AND STAKEHOLDER COLLABORATION
Ohio’s strength lies in the collaborative creation of OHIP, the state‐designated entity (SDE) founded by
medical and healthcare partners who have a vested, critical interest in the use of EHRs and the creation
of an HIE infrastructure. OHIP is a private, nonprofit organization. Founders include top leadership from
the Ohio State Medical Association, the Ohio Osteopathic Association, the Ohio Hospital Association,
BioOhio and the State of Ohio. The leaders of this nonprofit organization serve as the Executive
Committee on the 15‐member OHIP Board, also made up of information technology, medical, hospital,
behavioral health and health insurance leaders. Ohio is one of six SDEs that also is a Regional Extension
Center (REC) awardee, so its governance involves experts who have a local, grass‐roots interest in the
integration of EHRs into an HIE infrastructure.
21 See Appendix P, Amendment #1
S ‐ 6
The board’s diverse membership means medical and healthcare communities across Ohio have clear
representation, and these leaders have the clout to create and implement an HIE that their
organizations will use. For instance, the Cleveland Clinic, United HealthCare and a member of AARP sit
on the board, all representing different perspectives and issues. Two committees – the Regional
Extension Center Committee and the Health Information Exchange Committee – form the umbrella for
various subcommittees and workgroups in such areas as privacy and behavioral health, and other areas
as needed.
All of these committees and workgroups involve active and committed professionals who will eventually
use the HIE system. The governance of OHIP involves a medley of partners with an interest in ensuring
everyone who wants to be part of the HIE gains access to it. This means that a small, rural hospital in
Appalachia, or a clinic in an impoverished neighborhood in Toledo, or a home healthcare worker at the
bedside of an elderly farmer can gain access to the HIE across the state. Because OHIP itself is a
nonprofit, its staff remains a neutral and trusted source to coordinate efforts in health information
technology (HIT) under the direction of the OHIP board and its committees.
The 17‐member HIE Committee helped write this State Plan, which reflects the perspectives, visions and
tactical strategies of diverse board members. This HIE Committee also includes representatives in
hospital administration, health plans, medicine, public health, information technology, and rural,
university and urban hospitals. . A subset of the HIE committee members will evaluate and select the
HIE vendor and ensure the infrastructure is secure, streamlined, integrated and cost effective. As part of
the State Inter‐Agency Council (SIC) comprised of 17 state agencies and boards, government writers
also shared how an HIE could potentially save the State of Ohio time and money by finding efficiencies in
the exchange of clinical information, claims payment, licensing, record keeping and federal reporting. In
addition, OHIP is engaged in a large statewide effort, the Health Care Coverage and Quality Council,
which involves 30 public and private representatives whose task is to improve the quality and cost of
health care in Ohio.
The diversity on the OHIP board, its committees and workgroups, and the cooperation of state
government agencies, ensures Ohio’s plan is not only collaborative, but represents the best ideas of
Ohio’s experts on how to provide better health care to Ohioans through technology.
S ‐ 7
1.1.3.2 ENVIRONMENT AND TIMING
While Ohio utilizes sophisticated HIT – the Cleveland Clinic, Premier Health Systems, HealthBridge,
among others – it lags behind other states when it comes to actually sharing that information statewide.
Traditionally, Ohio has had HIEs and networks function in isolation, a bifurcated system where regions
handled their own patient health information. A significant catalyst for change occurred with the influx
of 2009 American Recovery and Reinvestment Act funding and financial incentives, followed by an
additional $8 million in non‐general revenue state funds. These monies led to the formation of OHIP to
help physicians and hospitals create the technological infrastructure for the meaningful use of EHRs.
Simultaneously, HealthBridge – an existing HIE – also received federal funds and covers a tri‐state area
that includes Cincinnati and southwestern Ohio. OHIP’s intent is not to compete with existing
infrastructures, but rather, create systems that can interact and integrate with one another.
Although Ohio might have been conservative in its approach in developing a statewide HIE, timing has
allowed OHIP to incorporate two important factors in its planning process that may not have been
available to other early adopter states. These factors include linking recent ONC announcements
regarding strategic, national direction for HIE with the significant HIT investments already made by
medical and hospital communities in the state so that investments going forward are leveraged and
aligned with the current national vision.
Between 2008 and 2014, Ohio will have spent an estimated one billion dollars in private monies for HIT.
This tremendous investment and involvement of hospitals allows Ohio to leverage the existing health
information organizations (HIOs) and hospital infrastructures so that medical and healthcare
professionals within those communities can exchange information. The intense interest of doctors,
hospitals and health plan leaders to talk in real ways about how to create a statewide HIE and deploy it,
exemplifies the spirit of collaboration in Ohio and shows that the timing is right.
Many of Ohio’s doctors and healthcare professionals have not yet embraced EHRs and new HIT. A 2010
OHIP survey of 2,000 of Ohio’s 25,342 physicians shows that 45 percent still are entirely paper‐based or
use only a practice management system. EHR use among behavioral health providers is low – at 20
percent. Of the physician offices and hospitals that do have EHRs, about 70 percent have been certified,
but not under the new national standards. While Ohio has five of the top 10 largest hospitals in the
country, more than 50 percent of physicians are either practicing alone or in small group practices with
two or three physicians. The challenge for OHIP’s REC is to reach out to independent and small‐group
S ‐ 8
physicians to help them implement EHRs. Ohio’s ultimate goal is to assist 6,000 providers and physicians
throughout the EHR adoption process.
As for exchanging information and records, only 48 percent of hospitals, 23 percent of physician offices,
and five percent of behavioral health entities use a primary HIE network to exchange data. The majority
of these 16 networks are hospital‐based, where exchange is primarily limited to affiliated organizations
or common system platforms. There are four networks that are either university or regionally based, but
desire the capability to exchange information on a statewide or national level with a broader range of
providers, labs, health plans and pharmacies. The survey shows that when physicians currently exchange
data, it is largely for administrative purposes or to support the exchange of lab orders or results. The
statewide HIE would integrate existing networks and expand their range of exchange capability
geographically, by type of data exchanged, and among providers and payors involved in a patient’s
continuum of care.
1.1.3.3 HIE DEVELOPMENT AND DEPLOYMENT
The vision for the HIE is that it is sustainable, secure, and allows physicians and other healthcare
professionals access to patient authorized health information. But ultimately, the more altruistic vision
is to improve the overall level of health care provided by providers in Ohio.
The four drivers for OHIP’s HIE development strategy include:
Helping physicians achieve meaningful use within the ONC incentive timeframe;
The use of national standards for interoperability and frameworks;
Balancing core services with regional flexibility; and
Ensuring that the HIE is sustainable.
Core services will include how to look up patients, how to find a physician, lab, or entity using the HIE,
and how to locate where patient records are in the state. Patients will need to provide consent so that
their records can be exchanged electronically and only authorized users will be able to access those
records.
OHIP’s initial deployment strategy for the HIE is to reach out to 200 key technology partners and
healthcare entities so that 80 percent of Ohio’s population potentially could be reached by the end of
the first year. This strategy allows physicians to achieve meaningful use within the ONC’s timeframe and
take advantage of the Medicare/Medicaid financial incentives. These 200 “touch points” will become
S ‐ 9
both participants and users of the HIE. This opens the door of opportunity to improve patient diagnosis
and coordination of care.
OHIP’s integration strategy will move providers and vendors from basic data exchange functionality to
full standards‐based capability aligned with the national standards. OHIP will define a technical model,
clarify integration standards necessary to connect to the statewide HIE, and offer tiered connectivity
options for providers to participate in the HIE at a level compatible with their existing architecture. Not
all users of the HIE will be at the same level of sophistication. This tiered connectivity approach will
offer: web portal access through the provider’s browser; access to a shared repository to facilitate data
exchange; and the ability to access records on demand while the data remains at its original source.
During the first phase of deployment, OHIP will work with its five preferred vendors to ensure
integration capability. In addition, the HIE will connect with Ohio hospital EHR market leaders, regional
health information organizations, pharmacy and lab market leaders, and other ambulatory EHR vendors.
During Phase II of deployment, federally qualified health centers, major health insurance companies and
Medicaid managed care plans will be included in this strategic integration outreach. Public Health will
also participate in the HIE.
1.1.3.4 TECHNICAL INFRASTRUCTURE FOR STATEWIDE HIE SERVICES
OHIP intends to create a trusted HIE platform that ultimately enables the secure exchange of patient
information electronically and in real time. The HIE will not be a centralized repository or huge database;
instead, it will be a hybrid model that maximizes access to data while retaining that data at the original
source whenever possible.
Ohio is very fortunate to have many knowledgeable and actively engaged stakeholders interested in
OHIP’s technical development strategy, who have been very clear and consistent in their message to
OHIP regarding their desires for infrastructure design. These messages have been the foundation of
OHIP’s technology principles and development strategy and include:
A sustainable technical infrastructure that connects and leverages existing HIE activity as
well as links providers, health plans, labs, pharmacies and other healthcare stakeholders
currently not connected;
Desire for a hybrid model (i.e., only persist data within the HIE necessary to facilitate
exchange);
S ‐ 10
Desire for discovery and location services that streamline the identification of trusted
sources both inside the state and across state borders;
Clear and consistent use of federally endorsed interoperability standards where defined
and, where not defined, the standard is set by OHIP;
Assurance of the privacy and security of patient data consistent with Ohio and federal laws;
A recognition of the rapidly evolving standards environment and the need to select an
innovative and easily adaptable technical platform;
A recognition of the incremental interoperability among stakeholders (i.e., the varying
degree of technical capability of stakeholders);
A recognition that the historically separate administrative and clinical data flows are
blending together and will have significant impact on the future cash flow of providers; and
The strong desire for execution, action and deliverables.
These messages have formed these action steps for OHIP toward the development of a statewide HIE
infrastructure:
Release of Request for Information (RFI) in First Quarter 2010
Selection of 8 HIE vendors to participate in Request for Proposal (RFP) process in April 2010
Completion of HIE State Plan in July 2010
Release of RFP in September 2010
ONC Approval of State HIE Plan in December 2010
Selection of HIE vendor in January 2011
Implementation of core services in June 2011
OHIP and its stakeholders are anxious to begin and want ONC’s support to execute this strategy in a
timely manner.
1.1.3.5 PRIVACY AND POLICY
Because of the sensitivity of exchanging health information, one of the most prestigious law firms in
Ohio, Bricker and Eckler LLC, has worked alongside OHIP since its foundation in fall 2009. The firm’s
lawyers have provided legal advice and have assisted in the creation of contracts, RFPs for the preferred
EHR vendor program, end‐user contracts and other legal documents. These attorneys continue to
provide guidance as Ohio prepares to implement the statewide HIE.
OHIP’s original Privacy and Security Committee redefined itself as the Privacy and Policy Committee
after several meetings when members realized the complexity of Ohio’s statutory and case law related
to privacy alone. The Privacy and Policy Committee, where many legal experts sit at the table, is
handling the patient privacy and policy issues surrounding the HIE. The OHIP HIE Committee will provide
S ‐ 11
guidance on the technical security of the infrastructure and will receive monthly updates from the
Privacy Committee on evolving policies.
During Phase I, the committee reviewed the work of the Health Information Security Privacy
Collaboration (HISPC) and also completed a comprehensive assessment of Ohio privacy case law to
determine legal issues involved in the creation and implementation of an HIE. Phase II will be a review of
Ohio and federal law, as well as best practices from other states, to develop a standard “consent”
solution. The committee is writing a white paper that includes a legal analysis of privacy and
foundational policies for the HIE, which will include consent forms, business associate agreements, and
participant agreements for the full board’s approval in December. The paper will then be sent out to all
stakeholders for comments and feedback. OHIP will create an educational toolkit on consent and privacy
for physicians, providers and the public as part of an awareness campaign about the exchange of patient
health records.
1.1.3.6 OHIP’S SUSTAINABILITY STRATEGY
OHIP will leverage federal grant money to offset the initial build‐out and core services of the statewide
HIE to encourage stakeholder participation. Concurrently, OHIP will use its REC program to expand
provider EHR adoption, directly increasing the possible user base of the HIE. As the HIE attains a critical
mass of users, additional, value‐added services will be phased in, so they can be purchased by current
users and secondary data users who may not require bi‐directional functionality.
To reduce costs for hospitals, providers, payors and patients, OHIP intends to sustain the HIE through
innovations in eligibility verification, coordination of benefits, real‐time claims adjudication and real‐
time payment. To provide value‐added services, OHIP sees significant opportunities arising from the
convergence of three historically separate provider processes: timely identification of disease‐specific
treatment protocols, clinical documentation workflows and administrative workflows to secure
payment. In the past, providers followed entirely separate electronic or manual processes to perform
these three functions, all of which were analyzed for errors retroactively. Until recently, technology was
not widespread enough to support a more sophisticated set of protocols using timely clinical and
administrative data to ensure better outcomes for both the patient and provider.
For example, through the statewide HIE, OHIP envisions the real‐time capability to validate clinical data
against treatment protocols, benefit coverage and payor edits to achieve a 99 percent propensity for a
S ‐ 12
provider to be paid on a first pass. More importantly, the on‐demand merging of clinical and
administrative data flows allows patients to obtain point‐of‐service authorization and a clear
understanding of the cost of treatment. Deployed in an “open model” that supports all payors and
providers throughout the state, these future workflows also align with healthcare reform models such as
accountable care organizations and PCMHs.
It is this future vision that has driven OHIP to select a sustainability strategy that incorporates the clinical
and administrative exchange services further described within the HIE State Plan.
1.2 HIE DEVELOPMENT AND ADOPTION
1.2.1 VISION
OHIP’s vision is to create a secure, sustainable HIE that guarantees the protection of all patient records,
enables providers to access necessary, patient‐authorized health information and improves the overall
level of health care provided across the State of Ohio.
1.2.2 GOAL
The goal of OHIP is to create a trusted and sustainable statewide HIE, offering a value‐added, integrated
and seamless structure for enabling the exchange of health information to improve measureable health
outcomes for Ohioans.
1.2.3 OBJECTIVES
Promote Ohio providers’ ability to reach meaningful use, improving the quality of health care
delivered;
Provide a financially sustainable HIE that is not reliant on long‐term public or grant support;
Provide a technical architecture that ensures private and secure exchange of health information
with regional health information organizations (RHIOs), HIEs located in other states and with
disparate EHR systems using federally‐endorsed standards and integration protocols;
Develop a governance structure that is able to operate in a manner that is fair and efficient for
all stakeholder groups throughout the state;
Harmonize Ohio laws and regulations encompassing the exchange of health information with
national standards and requirements; and
S ‐ 13
Provide de‐identified and aggregate clinical health data in an administratively efficient manner
to address population health issues in Ohio.
1.2.4 PRIMARY HIE DRIVERS
There are four primary drivers influencing OHIP’s strategy for statewide HIE adoption. These drivers are
fundamental to the planning process regarding the development of a statewide HIE:
Meaningful Use
National Standards Development
Sustainability
Balancing Core Services with Regional Flexibility
1.2.4.1 MEANINGFUL USE
The term “meaningful use” describes a set of objectives that providers must accomplish to demonstrate
that they are using their certified EHR software in a meaningful way. The measures that are used to
gauge meaningful use are meant to improve
healthcare quality, efficiency, and patient safety.
Additional payments will be available to eligible
providers who meet these objectives through the
Medicare or Medicaid programs beginning in 2011 to
further incentivize the adoption of EHRs.
The milestone stages are defined in the Medicare and
Medicaid EHR Incentive Payment Program Final Rule22.
Some of these objectives require providers to
exchange information securely between two unaffiliated, but authorized and consenting parties, for the
purpose of care coordination23.
Consistent with the requirements of the federal planning grant, OHIP is in the process of creating a
trusted, integrated statewide HIE infrastructure that will enable providers to reach meaningful use
objectives with HIE implications in the timeframes directed by ONC. To support this goal, OHIP must
22 See Appendix A, Reference # R18 23 See Appendix A, Reference # S3
S ‐ 14
establish core support services that will facilitate, not replicate, the exchange of data between trusted
partners. These services will identify trusted partners, locate the necessary data, identify the consumer
preferences for sharing that data and enable the exchange in a secure and standard manner.
NATIONAL STANDARDS DEVELOPMENT
OHIP recognizes that ONC has been active in introducing new interoperability frameworks to support
long‐term strategies and directions for HIE. These frameworks involve harmonizing many previous and
current national efforts to create standard exchange protocols to facilitate HIE within and across state
boundaries. To quote Dr. David Blumenthal, National Coordinator of Health Information Technology, “To
make meaningful use possible, including the necessary exchange of information, we need to meet
providers where they are and offer approaches that are feasible for them to support meaningful use.”
Some of the past and present national standards development efforts include:
National Health Information Network (NHIN)24 – The NHIN is a set of open standards, services
and policies that intend to accelerate the use of the Internet for secure and standard transport
of health information to improve health care. This framework includes multiple parts:
- NHIN Exchange: a group of public and private entities that have agreed to a common
framework;
- NHIN Connect: an example of the open source technology layer required to perform the
exchange of health information;
- NHIN Direct: a pilot project to develop a set of protocols designed to simplify the “push”
of health data between two trusted parties; and
- The Data Use and Reciprocal Support Agreement (DURSA): a contract that provides the
legal framework governing participation in NHIN exchange.
National Information Exchange Model (NIEM)25 – The NIEM is a framework developed by the
Department of Homeland Security and currently used by the Department of Justice (DOJ) and
several other federal agencies to send information with standardized data semantics and
structures across domains. Investigation into its possible cross application with HIE is being
24 See Appendix A, Reference #S7 25 See Appendix A, Reference #S8
S ‐ 15
considered through a series of 11 private contracts to possibly further harmonize and clarify
current HIE implementation standards.
Health Information Technology Standards Panel (HITSP)26 – HITSP paved the way for a great deal
of standards development for HIE before being disbanded. This was achieved by designating a
series of priorities for exchange (i.e., use cases) and producing related, highly detailed
interoperability specifications. HITSP brought together many existing standards development
organizations (SDOs), government bodies, consumer groups and professional associations to
complete this work, which could be leveraged to develop a more streamlined set of protocols
for structured data exchange.
Certification Commission for Health Information Technology (CCHIT)27 – Founded in 2004, CCHIT
was created to assist providers with the purchase of EHRs, by certifying them based upon
required functionality, interoperability and capabilities. Since 2006, the CCHIT has voluntarily
certified EHR vendor solutions using criteria developed through a consensus‐based process
engaging diverse stakeholders.
National Institute of Standards and Technology (NIST)28 – As noted in the Health IT Standards
and Certification Final Rule, ONC separates the notions of testing and certification of EHRs into
two parts. Testing relates to tools and procedures that will be used to provide objective data
about EHR solutions, which will then be evaluated during the certification process. Since the
NIST has significant experience in the development of similar testing tools and procedures for
other industries, ONC is seeking input from them as it relates to the testing process for EHRs.
Integrating the Healthcare Enterprise (IHE) 29– The IHE leveraged and organized a number of
integration standards by clinical domain, providing a technical framework for application of the
specifications developed through HITSP. Examples of clinical domain profiles published by the
IHE include cardiology, pathology and radiation oncology.
All of these development efforts boil down to one important factor for OHIP to consider in developing
its HIE model: Change is a constant. This is a basic premise in OHIP’s development strategy and will be a
fundamental driver in the selection of our future HIE vendor partner.
26 See Appendix A, Reference # S4 27 See Appendix A, Reference # C1 28 See Appendix A, Reference # S9 29 See Appendix A, Reference # S6
S ‐ 16
SUSTAINABILITY
The notion of how to sustain a statewide HIE beyond core ARRA funding has been the single most vetted
topic through the OHIP stakeholder engagement process. The good news is OHIP and its stakeholders
wholeheartedly concur that the statewide HIE’s ability to add value to the existing HIE environment in
Ohio is a critical consideration in establishing the priorities of OHIP.
Much has been written about the notion of sustainability in HIE; however, few models are proven,
particularly in the context of recent national standards development activity. Are there HIE services that
are both desirable and sustainable at the statewide level as national standard protocols progress? OHIP
believes the answer to that question is “yes” and elaborates further on the proposed sustainability
model in the Proposed HIE Model (S‐34), Finance and Sustainability (S‐86) sections of the strategic plan.
BALANCING CORE SERVICES WITH REGIONAL FLEXIBILITY
While recognizing that the majority of data exchange occurs within a community, OHIP plans to pursue
an HIE development strategy that provides core infrastructure services to allow for statewide or
interstate exchange, while maintaining support for community‐based exchanges as desired. This
concept is consistent with OHIP’s REC regional partner approach, which was designed to engage
stakeholders at a community level in establishing priorities, providing strategic direction and
encouraging HIT adoption.
1.2.5 ENVIRONMENTAL SCAN
1.2.5.1 OHIO’S HEALTH CARE SYSTEM
Currently, there is no single RHIO supporting exchange services statewide today; however, Ohio is home
to numerous nationally acclaimed universities, hospital systems and RHIOs that engage in administrative
and clinical HIE. To understand Ohio’s healthcare environment, it is important to acknowledge Ohio’s
substantial size in terms residents, healthcare providers and payors as well as their geographic
distribution.
Table 1 provides basic Ohio metrics regarding the number of residents, estimated healthcare coverage
levels, physicians, hospitals, ancillary providers and health plans in the state.
S ‐ 17
Table 1 Ohio Health Care Statistics
Reference Value Source
Total Residents (2009) 11,542,645 http://quickfacts.census.gov/qfd/states/39000.html
- % Under 5 years 6.5% http://quickfacts.census.gov/qfd/states/39000.html
- % Under 18 years 23.8% http://quickfacts.census.gov/qfd/states/39000.html
- % 65 years or older 13.7% http://quickfacts.census.gov/qfd/states/39000.html
Coverage Estimates (2008)
- % below poverty level 13.3% http://quickfacts.census.gov/qfd/states/39000.html
- % Medicaid enrollment 18% www.statehealthfacts.org
- % Medicare enrollment 16% www.statehealthfacts.org
- % uninsured 21% http://grc.osu.edu/ofhs/
Total Physicians 25,342 http://www.med.ohio.gov
- Priority Primary Care (MDs) 8,113 http://www.med.ohio.gov
- Priority Primary Care (DOs) 1,387 http://www.med.ohio.gov
Hospitals 225 http://www.odh.gov
- Critical Access Hospitals (CAHs) 34 http://www.odh.gov
- Rural Hospitals 33 http://www.odh.gov
Health Information Organizations 16 OHIP’s EHR/HIE 2010 Survey
- Hospital‐Based 11 OHIP’s EHR/HIE 2010 Survey
- University‐Based 2 OHIP’s EHR/HIE 2010 Survey
- Regional HIOs 3 OHIP’s EHR/HIE 2010 Survey
Special Population Providers
‐ Behavioral Health Providers 549 http://mentalhealth.samhsa.gov
‐ FQHCs 3530 http://www.ohiochc.org
‐ VA Medical Centers 5 http://www.visn10.va.gov/Health_Care_Services.asp
‐ DoD Medical Facility 1 http://www.wpafb.af.mil/units/wpmc/index.asp
HIE Program Information Notice (PIN) Identified Organizations
- Local Health Departments 130 http://www.odh.gov
- Laboratories (CLIA) 10,639 http://www.odh.gov
- Pharmacies 2,165 http://pharmacy.ohio.gov/
- Health Insurance Providers 300 http://www.odi.gov
Geographically, Ohio’s healthcare community is not centralized, but rather dispersed among Ohio’s
primary metropolitan areas (Cincinnati, Cleveland and Columbus) as well as secondary metropolitan areas
such as Toledo, Youngstown, Akron, Dayton and Athens. Although Ohio’s healthcare system has grown in a
30 See Appendix P, Amendment #7
S ‐ 18
decentralized manner, due to the close proximity of the communities with each other, there is a significant
amount of patient interchange across them and across state borders where these primary and secondary
cities are located. In addition, hospital systems have been expanding their networks outside their
communities in recent years, and there are an increasing number of providers offering specialty services
that attract patients from outside their typical healthcare community.
1.2.5.2 EHR/HIE SURVEY PROCESS
As noted in Primary HIE Drivers section (S‐13), the ability for providers to achieve meaningful use is a
primary driver of OHIP’s strategic plan. To gauge the current situation of Ohio providers, OHIP conducted a
survey in June 2010 that assessed the current level of HIT adoption and type of assistance needed for
providers to achieve meaningful use.
The survey was administered using an interactive online survey tool31 and was directed to hospitals and
providers of all specialties. The tool was designed to be completed by a practice manager or hospital staff
person with knowledge of both clinical operations and HIT. It directed the respondent to additional
questions based on prior responses to minimize the amount of time necessary to complete the survey.
OHIP used multiple channels to inform providers across the state about the survey. These channels
included:
The Ohio Hospital Association (OHA);
The Ohio Osteopathic Association (OOA);
The Ohio State Medical Association (OSMA);
The Ohio Academy of Family Physicians (OAFP);
The Ohio Academy of Pediatricians (OAAP);
OHIP’s REC Regional Partners (RPs); and
Distribution channels specific to obstetrics and gynecology, internal medicine and behavioral
health.
31 See Appendix B, 2010 EHR/HIE Survey Tool
S ‐ 19
1.2.5.3 COMPOSITION OF RESPONDENTS
Despite the number of concurrent demands
on providers and the limited timeframe for
response due to tight HIE and REC deadlines,
the environmental scan yielded responses
from 356 physician offices, hospitals and
behavioral health service providers.
The following items are interesting details to
note about respondents of the survey:
Over half of the responses received were from physician’s offices.
In total, approximately 2,000 physicians
are represented in the responses.
There are high rates of solo practitioners
in Ohio and, when coupled with the
percentage of 2‐5 doctor offices, very
high numbers of small office practices.
A significant number of rural hospitals
responded to the survey indicating
high interest in HIT adoption.
1.2.5.4 EHR/HIE SURVEY RESULTS
For the purpose of the state plan, the survey data was analyzed in the context of meaningful use. To
achieve meaningful use and thereby qualify for related incentive payment programs, providers must:
S ‐ 20
Use a certified EHR in a meaningful way (e.g., ePrescribing)
Connect the technology in a way that provides electronic exchange of health information to
improve the quality of care
Submit clinical quality measures to Centers for Medicaid and Medicare Services (CMS)
1.2.5.5 CURRENT USE OF EHRS
Several questions in the survey were created to assess the respondent’s current level of EHR adoption
and progress towards meaningful use.
What is interesting about the data from a
meaningful use perspective is:
Forty‐five percent of respondents are
either entirely paper‐based or use a
practice management system only.
Of those who have EHRs, a significant
number of providers and hospitals are
either actively using or in the process of
implementing certified EHRs. The term
“certified” refers to software that has
been certified by CCHIT.
S ‐ 21
Certified EHR adoption rates among behavioral health providers is very low. Reasons for these low
adoption numbers in Ohio are well known and further described in the Coordination with Other
ARRA Programs, Coordination with Behavioral Health section (O‐4) of the operational plan.
Data from the survey indicates an increase in the number of providers and hospitals actively
implementing EHRs. This is encouraging because it shows that providers are not waiting for
implementation of the incentive payment programs to proceed with new health IT investments.
Although a significant
number of physician offices
are using certified EHR
software, a substantive
number are using solutions
that were implemented prior
to 2005. The number of early
adopters is encouraging and
reflects a level of
commitment by Ohio
providers. For vendors who have kept pace with technology changes, this is a good statistic.
However, standards for ePrescribing, interoperability, security and other functionality have
significantly changed over the past five years.
S ‐ 22
CURRENT USE OF HIE
The survey also was designed to analyze the current level of HIE adoption in Ohio as well as the primary
network facilitating this exchange. The significance of this data is:
Among entities that have purchased EHRs, high rates of adoption for administrative transaction
exchange such as eligibility and claim information exist. This statistic is not surprising in that,
historically, healthcare organizations have been driven by financial incentives, which existed to
encourage this type of exchange. Until recently, financial incentives minimally existed to
encourage clinical data exchange for purposes of improved patient outcomes.
Although administrative transaction use is high, constituents report that there are many
opportunities for streamlining this exchange as well as improving the quality of data exchanged
to reduce costs and improve the speed and accuracy of the information.
EPrescribing is on the rise in Ohio, although the hospital environment is a bit behind the
physician environment. For more information on this topic, see the Specific HIE Service Issues
section below (S‐27).
There are opportunities to expand the exchange of lab orders/results, immunization data,
clinical summary information (even if only in human readable form) and reportable lab results.
The latter two areas have been historically hampered by a lack of interoperability standards.
S ‐ 23
Only 48 percent of hospitals, 23 percent of physician offices and 5 percent of behavioral health
entities are using a primary HIE network in Ohio to facilitate data exchange. These networks are
either hospital‐based, university‐based or regional HIOs and are mapped in Diagram 1 below:
Diagram 1 Primary HIE Networks In Ohio (Source: 2010 EHR/HIE Survey)
S ‐ 24
INTEREST IN INCENTIVE PAYMENT PROGRAMS
In addition to reporting their level of
EHR or HIE adoption, respondents
denoted their current intentions
regarding participation in the
Medicare and Medicaid incentive
payment programs. Worth noting is:
Hospitals can choose to
participate in both programs,
if they meet the eligibility
criteria. This would explain the larger percentage of “not sure” responses.
The majority of physician offices expressed interest in the Medicare incentive payment program.
Reasons may include that the majority of physician offices have a larger Medicare patient mix,
there are no minimum volume requirements to participate, and Medicare’s benefits and related
billing/reimbursement program is generally better understood due to less diversity by region or
implications of managed care.
QUALITY REPORTING
Historically, Ohio providers have participated in a wide variety of disparate electronic quality reporting
initiatives spearheaded by the government, provider or hospital associations, accreditation bodies,
payors and other entities with oversight responsibility. A few of the many programs are highlighted in
this document.
One example is CMS’ Physician Quality and Reporting Initiative (PQRI). Stakeholder input indicates that
Ohio provider participation in CMS’ PQRI program is increasing; however, quantitative figures for 2010
participation will not be available until February 2011. Historically, Ohio physicians have been slow to
adopt the Medicare quality reporting process due to concerns about the costs to implement and the
reporting of measures was tied to claim submission. With the recent announcement of CMS’ proposed
rule to align the PQRI program with meaningful use reporting,32 features such as direct integration with
32 See Appendix A, Reference # R6
S ‐ 25
EHRs and the unbundling of the process from claim workflows should allow providers to become more
engaged in this process.
Another example is Ohio’s Cancer Incident Surveillance System (OCISS). To assess the burden of cancer
in Ohio, state law requires the reporting of all new cancer cases diagnosed among Ohio residents to
OCISS. Any physician, dentist, hospital, or person diagnosing and/or treating cancer cases is required to
report them to the OCISS within six months of diagnosis. Additional information is collected over the
two‐year period post diagnosis to obtain the most accurate and complete data on each case. Thus,
incidence data for 2002‐2006 was the most recent available at the time of ODH’s Ohio Cancer Facts and
Figures 2009. The percentage of cancer cases diagnosed among Ohio residents that were reported to
the OCISS is referred to as “completeness.” Completeness of case reporting is estimated to be 94
percent for 2002‐2006, based on Ohio mortality rates and the Surveillance, Epidemiology, and End
Results (SEER).
In addition, the American Osteopathic Association’s (AOA) Clinical Assessment Program, which has been
accepted as a CMS registry, is currently being used in all of the AOA‐approved residency programs in
Ohio and has been expanded for use by practicing physicians. This assessment program measures and
compares current clinical practices with evidence‐based practice guidelines representing state‐of‐the‐art
professional standards of care. The AOA has contracted with Applied Health Services (AHS), Inc. in
central Ohio to design and manage the project and provide reports and assistance to participating
programs.
Providers and payors as a whole are looking forward to efforts by ONC and other federal and state
agencies to streamline and standardize quality reporting such that data is more timely, consistent,
accurate, less costly to produce or manage and non‐redundant.
S ‐ 26
HIE BARRIERS AND OPPORTUNITIES
In the survey, OHIP also asked respondents what their largest challenges were to using HIE as well as
what they saw as potential opportunities.
The most commonly noted barrier was the historical lack of integration between HIEs and EHR software.
Even those entities that have adopted EHRs with structured integration capability, currently report
receiving the same data in multiple ways (direct integration, fax and email) leaving the physician with
the sense of being barraged with information. Other barriers include privacy and security concerns as
well as lack of knowledge about HIE options. OHIP, as both an HIE and REC service provider, is well
positioned to address these top concerns.
In terms of opportunities for the HIE, the vast majority of survey respondents expressed interest in the
HIE streamlining the exchange of referral and related prior authorization information followed by
disease registry data. Members of OHIP’s HIE Committee concur with these suggestions, but the
business workflows and related policies between providers, patients and payors in the area of referral
and related authorization management are varied and disparate. The policy and workflow issues would
need to be addressed first to sufficiently and effectively automate the process within the HIE. In
addition, improved timeliness of eligibility information and more effective use of referral/prior
S ‐ 27
authorization transactions would be needed, the latter of which is not addressed in any published
standards.
Other suggestions noted:
Further electronic integration with public health for immunization or HIV reporting;
Broader exchange among the behavioral health community including justice system,
Penal system, local boards and state agencies;
Automating patient medical record requests; and
Exchanging imaging and use of telemedicine.
Several respondents noted interest in exchange but a lack of funding was a major concern.
1.2.5.6 SPECIFIC HIE SERVICE ISSUES33
EPRESCRIPTION
BACKGROUND IN OHIO ON EPRESCRIBING
SURESCRIPTS STATISTICS
In addition to the information available through the survey, Surescripts’ reported the following level of
ePrescribing activity in Ohio as of their latest state progress‐reporting period (2009):
Surescripts Statistic 2009 % Change
from 2008
% Physicians Routing Prescriptions Electronically 18% ˄ 5%
% of Patients with Available Prescription Information 75% ˄ 5%
% of Pharmacies Activated for ePrescribing 95% ˄ 7%
% of all Prescriptions Routed Electronically 10% ˄ 5%
33 See Appendix P, Amendment #2
S ‐ 28
OHIO BOARD OF PHARMACY STATISTICS ON EPRESCRIBING CAPABILITY IN OHIO
As of October 2010, the Ohio Board of Pharmacy (BOP) has tracked the following statistics about retail
pharmacy capability to receive ePrescribing transmissions:
Retail: There are 2,169 retail pharmacies in Ohio. The BOP estimates that approximately 90 percent
of all the pharmacies in Ohio can accept electronic prescriptions, which closely aligns with
Surescripts’ estimates.
Chains: Of the 1,605 chain store pharmacies, all but one are approved by the BOP to accept
ePrescriptions. The one chain pharmacy that is not approved can currently receive ePrescriptions by
fax only and is in the process of obtaining approval to receive ePrescriptions directly into its
computer system.
Individual and Small Chains: Of the 564 pharmacies with 1 – 11 stores, 80 percent or more accept
ePrescriptions.
RESEARCH GRANTS ON EPRESCRIBING IN OHIO
The Ohio University College of Osteopathic Medicine, in partnership with other universities and
associations, received three grants from the Ohio Medical Quality Foundation from 2001 through 2008
to evaluate the impact of ePrescribing on patient safety, patient satisfaction, physician satisfaction and
pharmacist satisfaction. The project included a statewide survey of pharmacists and physicians to
identify perspectives and barriers of ePrescribing. The survey was followed by a prospective study
involving the implementation of ePrescribing in both urban and rural settings to evaluate safety and
attitudes of physicians, pharmacists and patients. The results from all three phases of the project
demonstrated that ePrescribing provided benefits, but not without challenges.
OHIO STATUTES AND REGULATIONS GOVERNING PRESCRIBING AND EPRESCRIBING
In Ohio, physicians are authorized prescribers. Nurse practitioners and physician assistants have
prescriptive authority only when they have taken additional classes and received certification for
prescribing medications. In addition, Ohio pharmacists may substitute generics for brand name drugs,
when available, unless the prescriber expressly indicates on the prescription that substitution should not
occur.
S ‐ 29
Ohio Administrative Code (OAC) requires prior approval by the BOP34 of all electronic prescription
transmission systems intended to be used in Ohio. Historically, the BOP’s requirements and certification
process has been independent of CCHIT or other national voluntary certification programs.
OHIO BOARD OF PHARMACY EPRESCRIBING APPROVAL PROCESS
The BOP approves the complete ePrescribing transmission system—both the systems that are used to
originate ePrescriptions in the physician office or hospital setting, as well as the systems used to receive
the prescriptions in the pharmacy setting. To date, the BOP has approved approximately 75 ePrescribing
systems for hospitals and office settings in Ohio (this includes installations that are site‐specific, such as
nine different Epic systems installed through nine different hospital systems and their affiliated hospital
networks). The pharmacy ePrescribing systems approved for use by the pharmacies number around
25.Ohio’s system of ePrescribing approval by the BOP is both unique and more stringent than any
criteria existing in other states. Under BOP’s review, an ePrescribing system must have positive
identification of the user to be on the approved list of vendors. Positive identification can include any of
the following: a) a manual signature on a hard copy (this record must be maintained for three years); b)
a magnetic card reader with a password; c) a bar code reader with a password; d) a thumbprint reader
or biometric method; e) a proximity badge reader with a password; f) a list of randomly generated
questions with a password; g) a printout of every transaction that is verified and manually signed within
a reasonable period of time by the individual who prescribed, administered or dispensed the controlled
drug (the printout must be maintained for three years).
FUTURE OF EPRESCRIBING IN OHIO
Up until 2010, the positive identification requirement was a disincentive for some hospital EHR systems
to implement ePrescribing. Also, if an ePrescribing vendor selected the use of a printout as the method
of positive identification, the follow‐up documentation required after the prescription was written (i.e.,
the printing out, signing and maintenance of records for three years) seemed excessive and contrary to
the intent of ePrescribing.
With the issuance of the DEA Interim Final Rule of Electronic Prescriptions for Controlled Substances (75
FR 16236, March 31, 2010), many of the same issues have arisen at the national level. Due to the DEA
requirement for two‐factor authentication for ePrescribing controlled substances, much of the work
34 See Appendix A, Reference #R19
S ‐ 30
done in Ohio will put Ohio in the forefront of ePrescribing. The vendors that have already been certified
in Ohio should be able to meet the DEA standards quickly. Consequently, the BOP has voted to accept
the DEA’s certification standards for ePrescribing for its vendor approval system and not require a
separate approval through the BOP, effective January 1, 2011.
The DEA’s rule also addresses the retention of ePrescriptions. Under the rule, records are to be retained
electronically for a period of two years. The DEA regulations do not allow a paper record to be used to
document positive identification or two‐factor authentication. This should encourage more physicians
and practitioners to adopt ePrescribing.
EPRESCRIBING TASK FORCE IN OHIO
OHIP has created a task force with representatives from the BOP, the Ohio State Medical Association,
the Ohio Hospital Association, the Ohio Osteopathic Association, the Ohio Pharmacists Association,
numerous individual hospital pharmacists and CIOs, physicians and a representative from AARP (see
Appendix M). These groups have met to determine what barriers there are to ePrescribing and what
needs to be done to encourage ePrescribing in Ohio. The task force addressed issues of the BOP review
and determined that aligning Ohio’s EHR review system with the DEA system will create a much more
equitable system for hospitals and physicians in Ohio.
The task force is also in the process of developing education and outreach materials/presentations that
can be offered to prescribers regarding ePrescribing. Many groups are submitting the educational
materials they have developed to use for broader educational programs.
The task force is working on education strategies to teach both physicians/practitioners and pharmacists
about potential errors that can be made using ePrescribing tools and how to minimize those errors.
ELECTRIONICALLY DELIVERED LAB RESULTS
OHIP has identified four major lab suppliers in Ohio representing 70 percent of the current electronic
exchange of lab results today: LabCorp, Quest Diagnostics, MedPlan and hospitals. Both LabCorp and
Quest are currently supporting structured lab result exchange using HL7 v2.x.x as well as the ability to
incorporate these results into a continuity of care document (CCD).
S ‐ 31
The difficulty arises with integration necessary to exchange results. The majority of consumers of lab
results have systems that are unique or out‐of‐date, requiring custom interfaces. Interfacing individual
systems together requires time and money. With the hundreds of different interfaces between
physician offices, hospitals and other care delivery organizations, these lab organizations can only
develop so many interfaces per year. In some areas of the state, the only place that performs lab tests is
the local hospital. Referring providers who are not affiliated with the local hospital or do not have robust
EHRs are able to obtain results electronically.
Instead of requiring multiple, costly, point‐to‐point interfaces, OHIP has engaged these lab organizations
to consider offering a single standard integration solution. The integration standards to be used will be
clear, consistent, published and identical to requirements for EHR vendors. This strategy will improve
the availability of lab results among all providers. In addition, lab market leaders report other potential
benefits of integration with the statewide HIE. Currently, they have limited capability to confirm or
validate patient demographics or insurance coverage for self‐insured or highly transient populations.
Additionally, they are challenged to integrate lab orders and results with paper‐based offices. Through
planned administrative exchange functionality and web portal access, OHIP can provide opportunities to
help lab market leaders improve their ability to deliver services.
PATIENT CARE SUMMARIES
Although OHIP’s environmental scan survey indicated currently low levels of CCD exchange,
stakeholders have stated this is the most desired clinical HIE service. Ideally, the information would be
exchanged in a structured manner so it can be easily integrated into the patient’s electronic chart, but
providers are willing to accept it in human readable form to begin care coordination and achieve Stage 1
Meaningful use.
Several of the existing HIE networks in Ohio report being able to exchange a care summary of some type
(discharge summary, emergency room report, CCD, CCR, etc.), most often in human readable form.
Where HIE networks have expressed interest in OHIP’s assistance is:
Broadening the range of care summary exchange beyond the scope of the current HIE networks
(e.g., beyond the HIE network’s geographic region within the state or across state borders);
Facilitating the identification and location of patient care information from trusted sources
beyond their region via discovery and location services;
S ‐ 32
Connecting EHRs to allow for more advanced structured integration of care summaries using
clear and common standards;
Facilitating exchange with providers involved in the patient’s care continuum who have limited
connectivity currently, such as behavioral health, long‐term care and home health so that a true
total picture of a patient’s care can be realized.
Leveraging use of a patient care summary to facilitate payment of services to providers by
comparing information with treatment protocols consistent with the patient’s condition
OHIP has adopted the following strategies to broaden the level of exchange:
A Behavioral Health Subcommittee was formed in August 2010 to help behavioral health
providers adopt EHR solutions and have the capacity to fully participate in the statewide HIE
Members of the subcommittee are behavioral health representatives who serve as liaisons to
each of OHIP’s REC regional partners as well as state agency, provider association and county
board association representatives. For more information regarding this subcommittee’s work,
please see Section 2.2.1.1
A representative from Ohio’s AHIMA chapter who has extensive long‐term care experience is a
member of OHIP’s Privacy Council along with two attorneys who specialize in behavioral health.
These experts have been instrumental in addressing special challenges regarding the exchange
of information for these populations in Ohio.
OHIP is engaged in discussions to add two industry representatives to its HIE Committee; one
representing long‐term care and the other representing home health. The committee is
considering specific strategies to deploy mobile applications to home health providers so they
can participate in the HIE in a cost effective and feasible manner.
OHIP is currently preparing an integration statement that will detail all of the standards EHR
vendors must support to connect to the statewide HIE. The integration statement will align with
the Standards and Certification Final Rule, where defined, and where not defined, OHIP will
choose standards consistent with industry standards.
S ‐ 33
PAYOR DATA EXCHANGE
Beginning in 2009, Aetna, Anthem Blue Cross and Blue Shield, CIGNA, Humana, Kaiser Permanente,
Medical Mutual of Ohio, UnitedHealthcare and WellCare Health Plans began a one‐year pilot with
Availity to allow for eligibility verification and standardized claims submission through a common payor
portal. This pilot, initiated by the American Health Insurance Plans (AHIP) association, allows for
improved quality metrics reporting, a reduction of redundant testing when records are not easily
available and integration with health plan medical policies for benefit. The goal is to diminish the
administrative burden on both providers and payors. With these eight different insurance plans
involved, this pilot portal will allow payors and providers to exchange eligibility and claims data for
approximately 90 percent of the commercially insured in Ohio.
The payor community supports the transformation of provider record keeping and data exchange from
an historical paper record to an electronic format that allows for standardized reporting, claims
information and an EHR that is calculable and searchable. A great deal of administrative overhead is
currently involved on the part of health plans in obtaining pertinent medical information from providers
pertaining to insured members. An established HIE is viewed as a vehicle to allow for seamless and
automatic transfer of relevant health information without placing an undue burden on providers. Given
a broader adoption of EHRs, the fundamental information infrastructure is created for the adoption of
comprehensive care models, such as the PCMH. The EHR allows for integration of best practices and
clinical pathways, as well as ePrescribing. Future integration with health plan cost data and medical
policies will empower providers to not only make the most clinically appropriate choice, but also the
most cost‐effective one, maximizing the patient’s benefit.
There is also broad support for a standards‐based approach for data exchange and the adoption of a
national protocol standard such as NHIN by payors. The historic limitation of the EHR was a lack of a
standard data format, requiring payors to adopt several different platforms for data transmission. Given
the mobility of members and those who obtain health services in multiple locations and sites across the
country, interoperability with other state and regional HIEs is viewed as important by health plans.
Benefit eligibility integration and coordination of benefits is another important focus for both providers
and payors. Since employment status is a key driver of healthcare benefits from a commercial payor
perspective, HIE integration with employer information is a requisite component from a payor
perspective. Ultimately, employee status verification is a function of the employer, which provides this
S ‐ 34
information to the health plan. In addition, many employers conduct wellness programs and provide
biometric screenings. The collected information should be integrated with an employee’s EHR,
empowering providers to act on the results of such screenings.
1.2.6 PROPOSED HIE MODEL
Given the current healthcare environment and related primary drivers, OHIP is seeking to develop a
statewide HIE in a phased manner while acknowledging the need to remain fluid in the planning process,
given the dynamic nature of Ohio’s environment. It is important to note that, while diagrams and
priorities are outlined below, these are conceptual in nature and will be contingent upon many factors
including further ONC guidance, selection of an HIE vendor, deadlines and requirements of the HIE grant
and ongoing stakeholder input.
Diagram 2 depicts the proposed business model, denoting the core support and HIE services OHIP is
proposing35.
35 See Appendix P, Amendment #10
S ‐ 35
The core support and HIE service priorities contained in this diagram are outlined below. It should be noted that a
major requirement of OHIP’s active procurement process will be to not only identify a vendor capable of
supporting a substantial statewide HIE, but one that demonstrates flexibility, sustainability and innovation in
supporting this type of HIE development model.
1.2.6.1 CORE SUPPORT
Core support refers to the components of the “engine” of the statewide HIE that must be in place to
support future HIE services. Core support includes:
Discovery/Location Services
- Master Patient Index (MPI)
- Master Entity Index (MEI)
Diagram 2 HIE Business Model
S ‐ 36
- Record Locator Service (RLS)
Trust Enablement Services
1.2.6.2 HIE SERVICES – PHASE I
Phase I HIE services are those that meet the following criteria:
Necessary to support Stage 1 meaningful use objectives with direct HIE implications,36 direct HIE
implications are those objectives which are not currently supported at the EHR level or through
existing channels;
Necessary to support OHIP’s sustainability plan; and
Services not requiring integration with the new State Medicaid MITS system scheduled to go‐live
in phases beginning early 201137. The state’s administration felt it be important to stabilize the
MITS environment before pursuing integration with the statewide HIE. However, it was
considered feasible and beneficial to consider integration of Medicaid eligibility information
during Phase I of HIE development.
PROPOSED PHASE I HIE SERVICES INCLUDE:
Exchange services required to support Stage 1 meaningful use with direct HIE implications at a
statewide level ;
Community‐based web portal and branding support with access to statewide HIE;
Centralized insurance eligibility verification;
Integration with OHIP’s preferred EHR vendor solutions; and
Centralized mailing address verification service.
1.2.6.3 HIE SERVICES – PHASE II
Phase II HIE services are those that meet the following criteria:
Necessary to support Stage 2 meaningful use objectives with direct HIE implications;
Necessary to support exchange with other states and federal care delivery organizations; and
36 See Appendix A, Reference # S3 37 See Appendix P, Amendment #6
S ‐ 37
Services that integrate with state agency systems such that administrative and clinical
efficiencies can be achieved.
PROPOSED PHASE II HIE SERVICES INCLUDE:
Support for Stage 2 meaningful use with HIE implications at a statewide level;
Integration with state level and other registries;
Advanced data aggregation and reporting tools; and
National standards protocol development and support.
1.2.6.4 HIE SERVICES – PHASE III
Phase III HIE services are those that meet the following criteria:
Necessary to support Stage 3 meaningful use objectives with direct HIE implications;
Services that require additional time to stabilize environments or streamline related business
processes before integration can occur; and
Services that may require additional time to address legal or technical development required to
ensure effective implementation and use.
PROPOSED PHASE III HIE SERVICES INCLUDE:
Support for Stage 3 meaningful use with HIE implications at a statewide level;
Other centralized administrative transaction support;
- Centralized coordination of benefits
- Centralized referral, pre‐authorization and certification coordination
- Centralized claim adjudication, remittance advice, and claim status verification
Expanded integration with Medicaid and other state agencies;
Other payor/employer clinical data exchange; and
Consumer PHR integration.
Details regarding the proposed core support and HIE services are further described in the Business and
Technical Operations/Implementation Plan section of the strategic plan.
1.2.6.5 IMPLICATIONS OF RECENT PROGRAM INFORMATION NOTICE (PIN)
S ‐ 38
On July 6, 2010, ONC released additional guidance to state HIEs regarding responsibilities, roles and key
deliverables38. In particular, states were instructed to focus on the following three HIE capabilities in the
next year:
ePrescribing – OHIP has included this service in Phase I under the umbrella of support for Stage
1 meaningful use; however, OHIP acknowledges that many stakeholders see this as a function of
the EHR solution (i.e., SureScripts integration with EHR solution) as a first step and the
aggregation of medication history data as a second step via the statewide HIE. OHIP also notes
that shifts are occurring in federal and state regulations related to ePrescription adoption such
as the recent changes to permit providers to prescribe controlled substances electronically 39and
efforts to align the BOP certification program with national standards and certification
requirements. For this reason, OHIP’s strategy is to leverage40 its preferred EHR vendor program
that requires participating vendors to offer ePrescription modules certified by the BOP as well as
standards‐based integration with the statewide HIE. As a second step, OHIP will offer the ability
to exchange prescription data to any HIE participant.
Receipt of structured lab results – This is also a service included in Phase I under the support for
Stage 1 meaningful use and has strong support by stakeholders. During its HIE RFI process, OHIP
evaluated the current standards supported for the exchange of lab data by responding vendors
and will strongly consider this capability in its (RFP process. In addition, ODH is currently
receiving reportable lab information and is working with the Centers for Disease Control (CDC)
to standardize this type of exchange using NHIN protocols.
Sharing patient care summaries across unaffiliated organizations – For Stage 1, it is not a
requirement to exchange patient care summary data via structured integration with an EHR,
but, ultimately, a goal of OHIP’s stakeholders. Universally, support for the exchange of care
coordination data is a high priority among stakeholders and is seen as having significant
potential to improve patient outcomes. Much of this data exists today, however, not necessarily
in consistent data vocabularies or terminology. OHIP sees opportunities in offering initial
exchange of human readable information and data management services that could normalize
and aggregate the data until widespread adoption of interoperability standards among
providers is achieved.
38 See Appendix A, Reference # S17 39 See Appendix A, Reference # R3 40 See Appendix P, Amendment #4
S ‐ 39
All of these services are further discussed in the following sections of the strategic plan: Federal and
State Services Coordination, REC services, EHR Preferred Vendor Program (S‐51); Technical
Infrastructure, Request for Information (S‐94), Business and Technical Operations, Implementation (S‐
100).
1.2.6.6 HIE DEPLOYMENT STRATEGY41
The goal of OHIP’s HIE deployment strategy will be to connect as many of the early adopters as possible
to the statewide HIE so that an estimated 80 percent of Ohio’s population can be supported by the end
of the first year of deployment. This strategy not only allows providers to achieve meaningful use
objectives with HIE implications within incentive program timelines, but also creates the opportunity to
truly transform patient outcomes. To achieve this, OHIP sees a number of opportunities to deploy
services in a manner that maximizes early adoption.
For the initial phases of adoption, OHIP will focus on offering discovery, location, trust enablement and
Stage 1 meaningful use services. These deployment strategies are described in order of priority under
Service Phase I Deployment. For subsequent phases of adoption, strategies for deployment are
described under Service Phase II and III.
Since a large part of the adoption strategy is contingent upon OHIP’s integration strategy, a basic
discussion of OHIP’s approach to integration is discussed below.
EHR INTEGRATION STRATEGY
Consistent with the goals of meaningful use, OHIP is pursuing an integration strategy that aligns with
interoperability standards and frameworks endorsed by the ONC to maximize the number of
participating providers in the statewide HIE. Use of endorsed standards lessens confusion and minimizes
the overall cost to healthcare systems by eliminating custom point‐to‐point interfaces. However, OHIP
recognizes the following challenges in achieving this goal:
EHR vendors currently use varying degrees of technology and standards to support connectivity
to and transmission of health information across unaffiliated organizations.
41 See Appendix P, Amendment #3
S ‐ 40
Since the Standards and Certification Final Rule was finalized in July 2010, many EHR vendors
have not yet upgraded to the endorsed standards and/or achieved ONC certification.
The Final Rule does not mandate definitive standards for all use cases and technology layers.
Addressing these challenges in a cost‐effective manner requires a strategic approach to integration that
acknowledges “incremental interoperability,” (i.e., the progression of providers and vendors from basic
data exchange functionality to full standards‐based integration capability). This approach includes
defining OHIP’s technical model, clarifying integration standards necessary to connect to the statewide
HIE , and offering tiered connectivity options for providers to participate in the HIE at a level compatible
with their existing architecture.
HYBRID MODEL APPROACH
It is important for EHR vendors desiring to connect with the statewide HIE to understand that OHIP has
chosen a hybrid model approach. A hybrid model balances the need to hold data where it is created
rather than centrally, with the need to effectively exchange information among participants of varying
degrees of technology.
Ideally, all health information would be retained at the source and OHIP would simply provide HIE
participants with the discovery and location services necessary to identify the patient, the provider with
whom data is being exchanged and the location of the source data for retrieval at the time of query.
However, since there are varying degrees of capability at the EHR level, OHIP anticipates the need to
accommodate three types of connectivity levels: a) web portal; b) centralized publisher; and c)
federated publisher. A hybrid model is required to offer these connectivity options.
Web Portal Access ‐ This basic connectivity level provides access to the HIE via a web portal
available through the provider’s browser. This type of connectivity would sit side‐by‐side with an
EHR solution or practice management system not yet capable of directly generating structured
query transactions necessary to push or pull information to/from the HIE. Information accessed
through the HIE would not be consumed by the EHR solution, but could be stored or otherwise
recorded depending on the capabilities of the provider and/or their EHR solution.
Centralized Publisher ‐ In this scenario, EHR vendors may have the capability to support required
interoperability standards necessary to achieve structured integration; however, they are not
capable of making data available to the statewide HIE upon a query request without the need to
S ‐ 41
persist clinical data centrally. These vendors will need OHIP to provide a data stage or shared
repository to facilitate exchange of data when it is needed. EHR vendors at this technology level
would be considered “centralized publishers” because they cannot provide data in a true
federated configuration.
Federated Publisher ‐ Here,, EHR vendors have the capability to support the required
interoperability standards necessary to achieve structured integration and would be capable of
making data available to the statewide HIE upon query without the need to persist clinical data
centrally. These vendors are referred to as federated publishers (i.e., data will remain at the
source) and are the most likely to be certified market leaders. OHIP’s preferred EHR vendors
would fall into this category.
INTEGRATION CLARITY
In instances where the Final Rule is not definitive, OHIP’s strategy will be to select and publish the
standard to be used for the HIE rather than support multiple standards. This connectivity strategy was
chosen to keep costs competitive, provide clarity and consistency among providers and vendors, and
minimize the opportunity for errors.
OHIP is in the process of developing a detailed integration statement to clearly outline selected
interoperability standards required to connect to the statewide HIE, especially in instances where they
are not defined by ONC and/or a choice in options was offered in the Final Rule. An example of such a
choice is the use of the HL7 CCD or ASTM CCR to exchange patient care summaries. OHIP will select one
option to maintain costs and will base those options on current market support and penetration levels.
Finalization of the integration statement may be dependent on OHIP’s HIE vendor selection; however, it
is OHIP’s goal to complete this work independently. This integration statement will be made available to
all vendors desiring to connect to the HIE.
S ‐ 42
SERVICE PHASE I DEPLOYMENT
STRATEGY #1 – WEB PORTAL ACCESS
Target Number of Physicians: 1,000
OHIP’s goal is to focus on early adopters who are capable of structured integration within their EHR
solutions due to the streamline benefits provided; however, OHIP recognizes there are physicians who
have EHR solutions not capable of this type of integration but will have an immediate need for HIE
services necessary to obtain Stage 1 meaningful use objectives. For this reason and because most HIE
vendors offer web portal capability, OHIP views this as an early adoption strategy.
This strategy also offers a community‐level approach for deployment through OHIP’s regional partners,
a desire expressed by stakeholders early in the planning process. By offering to deploy web‐based access
to the statewide HIE through a regional partner website; stakeholders felt physicians would feel a sense
of community‐level adoption and support.
STRATEGY #2 – OHIP EHR PREFERRED VENDOR INTEGRATION
Target Number of Physicians: 3,000
Following a structured RFP process, OHIP’s REC program selected five preferred EHR vendors to provide
discount pricing and several other benefits to providers seeking certified EHR software. One of the
many additional benefits is assurance that the EHR vendor will achieve ONC certification and will meet
the interoperability requirements necessary to integrate with the statewide HIE without additional cost
to the provider.
OHIP is leveraging these discount offerings to encourage early adoption with the statewide HIE as
follows:
‐ OHIP’s regional partners have been provided preferred EHR marketing and pricing materials to use
as they recruit priority primary care physicians through the REC program. These materials highlight
the benefit of connection to the statewide HIE. Of the 6,000 targeted PPCPs within OHIP’s REC
regions, it is estimated that approximately 3,000 of these PPCPs will be interested in a preferred
vendor.
S ‐ 43
‐ The online EHR readiness and assessment tool purchased by OHIP, Welch Allyn, will auto‐generate
RFP‘s to one or all five of the preferred EHR vendors based on provider input. This process alone
saves providers hours in EHR selection, evaluation and negotiating steps, facilitating a more rapid
EHR/HIE adoption model.
‐ At this time, all of OHIP’s preferred EHR vendors have achieved ONC general and ambulatory
certification. ONC certification ensures EHR vendors can meet the security, privacy and
interoperability requirements necessary to connect to the statewide HIE.
‐ HIE vendors participating in OHIP’s RFP denoted structured integration capability with at least one
of OHIP’s preferred EHR vendors in their proposals and have been asked to demonstrate that
integration during their oral and use case presentations for each of the top three HIE services
(ePrescribing, structured lab results and patient care summaries). This increases the likelihood that
structured integration with our preferred vendors will be rapidly achievable.
‐ OHIP has obtained each preferred vendor’s detailed integration information and is in the process of
analyzing it to determine commonality in use of standards not defined by the Standards and
Certification Final Rule. This analysis will assist OHIP in completing its HIE integration statement.
‐ OHIP conducts routine web conferences with the preferred vendors to track certification status,
adoption levels, provider and integration issues.
STRATEGY #3 – OHIO HOSPITAL EHR MARKET LEADERS
Target Number of Physicians: 8,000
There are three large hospital EHR vendors who have a significant market share in Ohio, especially
among large integrated delivery networks who are running hospital‐based HIOs. OHIP is in the process
of reaching out to these vendors to successfully integrate with the HIE.
‐ Epic – Epic has been very successful in Ohio installing its system in approximately 80 hospitals with
about 4, 000 physicians. These installations represent about 60 percent of inpatient bed capacity in
Ohio. Epic offers products that allow for the exchange of health information among other Epic users;
however, it has not been able to exchange information outside its network historically other than
via NHIN exchange.
S ‐ 44
‐ McKesson – McKesson has been successful in maintaining its customer base in Ohio. OHIP has been
in discussions with McKesson, whose leadership has expressed strong interest in integrating with
OHIP so their customers can reach meaningful use.
‐ Seimans – Seimans has a number of installations in Ohio; however, it does not offer a clinical
exchange product.
‐ Cerner – Cerner has an active presence in Ohio and, in particular, supports a large regional
community hospital in the northern part of the state that is leading adoption efforts among critical
access hospitals.
OHIP’s interim CEO, Dan Paoletti, who is the Vice President for the Ohio Hospital Associations Data
Solutions Division, has been actively educating and engaging hospital representatives in plans for
integration with the statewide HIE.
STRATEGY #4 – REGIONAL HEALTH INFORMATION ORGANIZATIONS
Targeted RHIOs: 4
As noted in Diagram 1 of the HIE State Plan, stakeholders reported 16 HIE networks in the state during
OHIP’s environmental scan survey conducted in June 2010. The majority of these networks are hospital‐
based and will be integrated via Strategy #3; however, there are four non‐hospital‐based HIE networks:
HealthBridge, Collaborating Communities Health Information Exchange (CCHIE), Wright State’s
HealthLink and the Appalachian Health Information Exchange (AHIE).
OHIP intends to provide a conduit for each of these networks to the HIE for statewide trust enablement,
discovery and location services as well as additional wraparound services as noted in the scan analysis. It
is not OHIP’s intent to replace services being offered, but rather complement them and allow them to
reach a broader audience.
As noted previously, HealthBridge is a finalist in OHIP’s HIE Vendor procurement process as well as the
service provider for CCHIE. Communication regarding integration with the statewide HIE is restricted per
legal counsel guidance until the procurement process is complete, which is anticipated by the end of
January 2011. However, OHIP concurs it is critical to integrate with HealthBridge, CCHIE as well as
HealthLink and AHIE, and intends to pursue discussions following completion of our procurement
process.
S ‐ 45
These networks represent more than 10,000 physicians and over 80 hospitals. Since these providers are
already being served regionally, it is unclear how many of those physicians also are represented in
hospital system estimates, and OHIP does not list them as targeted numbers.
STRATEGY #5 – OHIO LAB MARKET LEADERS
Targeted Number of Labs: 3
Per commercial payors and hospital sources, LabCorp, Quest and MedPlan (a regional lab) support 70
percent of the electronic exchange of lab results in Ohio today. OHIP met with LabCorp in November
and is in the process of securing its commitment to connect to the statewide HIE. This integration would
include its specialty labs, such as Compunet.
Similar discussions with Quest and MedPlan are being scheduled to begin plans for early integration
with the statewide HIE. Through integration, these lab providers will minimize their costs by not having
to integrate individually with each EHR vendor. All three of these labs are capable of supporting
structured lab integration.
It is estimated that the other 20 percent of lab results are exchanged within hospital system networks
and will be addressed through Strategy #3.
STRATEGY #6 – OHIO PHARMACY MARKET LEADERS
Targeted Number of Pharmacies: 2,165
According to SureScripts, approximately 95 percent of community pharmacies were activated for
ePrescription in 2009. Since SureScripts supports the majority of ePrescription exchanges in Ohio today,
OHIP is reaching out to SureScripts to negotiate both a cost‐effective integration strategy for the HIE as
well as addressing the remaining percentage of paper‐based pharmacies in the state.
OHIP recognizes the need to integrate with hospital‐based pharmacies. Even though they may not be
dispensing large volumes of medication, they are critical in offering a complete view of a patient’s
medication history. Negotiations with hospitals are occurring to determine alternatives for providing this
linkage.
S ‐ 46
STRATEGY #7 – OTHER AMBULATORY EHR VENDORS
Target Number of Physicians: 3,000
OHIP has contact information for more than 40 ambulatory EHR vendors who submitted proposals for
the preferred EHR vendor RFP. OHIP will reach out to these vendors who showed early interest to share
its integration strategy so they have adequate time to prepare for integration. In prior discussions,
vendors have expressed enthusiasm to connect to the statewide HIE and are busy obtaining ONC
certification.
‐ Note: Stakeholders indicate significant EHR marketplace confusion over the term “certification”.
Historical certification tracks, such as CCHIT’s voluntary program, are being confused with ONC
certification. Some vendors who achieved prior CCHIT certification are not necessarily forthright in
making the distinction between CCHIT voluntary certification status and ONC status when they
approach providers about using their products. There is also a general lack of knowledge about
ONC’s website for tracking ONC EHR vendor certification status and the granularity of certification.
OHIP has added the link to its website and is using education and awareness materials to make
these distinctions more clear.
SERVICE PHASE II DEPLOYMENT
STRATEGY #8 –FEDERALLY QUALIFIED HEALTH CENTERS
Targeted Number of Providers: 500
Currently, eight of Ohio’s 35 FQHCs have fully implemented certified EHRs, with several additional
centers in the queue for completion by spring 2011. The remaining FQHCs anticipate full EHR
implementation by 2013.
One of OHIP’s board members, Jeff Lowrance, is CIO for Ohio Shared Information Services (OSIS), the
health‐care controlled network that provides centralized IT support to the majority of Ohio FQHCs. OSIS
uses a NextGen platform, who is also one of OHIP’s preferred EHR vendors. Through a single integration
of the OSIS NextGen platform, the majority of Ohio’s 35 FQHCs and their related providers will be
connected to the statewide HIE quickly.
S ‐ 47
Based on 2009 data, the Ohio Association of Community Health Centers (OACHC) reports there are 27
FQHCs in OHIP’s REC region, who employ approximately 265 providers. Given several recent grant
opportunities, OACHC projects there will be closer to 500 providers statewide in the near future.
STRATEGY #9 – OHIO PAYOR MARKET LEADERS
Targeted Number of Payors: 10
Ohio has five major payors and five major managed care plans operating in the state as noted in
Diagram 3.
Diagram 3 ‐ Major Payers and Managed Care Plans in Ohio
Ohio’s Major Payors Ohio’s Medicaid Managed Care Plans (MCPs)
WellPoint CareSource
Aetna Molina HealthCare of Ohio
CIGNA Centine (Sold as Buckeye Community Health Plan)
Medical Mutual of Ohio UnitedHealthcare (Sold as Unison Health Plan)
Amerigroup Ohio
WellCare of Ohio
Paramount Advantage
One hundred percent of the major payors are exchanging eligibility data electronically. None of the
MCPs are. Since approximately 74 percent of Medicaid consumers are enrolled in managed care, OHIP
see opportunities in facilitating electronic eligibility verification for these organizations.
Two of these payors, Medical Mutual of Ohio and UnitedHealthcare are represented on OHIP’s board.
One of them is a board member of the Ohio Association of Health Plans. They are all very interested in
connecting to the statewide HIE and streamlining their administrative processes as well as providing
treatment costs analysis to providers at the point of service.
STRATEGY #10 – MEDICAID AND PUBLIC HEALTH INTEGRATION
Targeted Number of Local Health Departments: 128
S ‐ 48
Both of these large state agencies are committed to integrating with the statewide HIE, since there is
recognition of the potential for significant administrative and clinical savings. Medicaid sees potential in
streamlining eligibility verification, coordination of benefits and reporting. Public Health is anxious to
streamline its existing reportable lab, immunization and syndromic surveillance programs through the
statewide HIE.
These agencies are listed in OHIP’s second phase of deployment for two reasons: a) the planned
implementation of Medicaid’s new claim adjudication system (MITS) in early 2011 and the need to
stabilize that system before integration; and b) the potential for significant restructuring among state
health agencies following the recent change in government administration and budget deficit issues.
Currently, 84 percent of emergency departments in the state are providing syndromic surveillance data
to ODH. That data represents 94 percent of all emergency department visits and is accessible to all local
health departments. For reportable lab results, ODH received 55,000 reports in the first three quarters
of 2010 and is anticipating 100,000 reports in 2011. ODH’s immunization system, Impact SIIS, contains
vaccination records for over 9 million Ohioans, representing more than 80 percent of the state’s
population. Ohio Medicaid estimates 3,000 to 4,000 providers will qualify for the Medicaid EHR
Incentive Payment Program. Since many of these providers may be represented in targeted numbers
listed previously, OHIP did not list them as an additional targeted figure.
1.3 FEDERAL AND STATE COORDINATION
1.3.1 REGIONAL EXTENSION CENTER SERVICES
1.3.1.1 HIE AND REC STRATEGY
There is an inherent relationship between the value of an HIE and the adoption of EHRs. The value of an
HIE is directly related to the number of exchange participants using EHRs. For many healthcare
providers, especially small practices and primary care providers, the cost and effort associated with
purchasing, implementing, and utilizing an EHR is only justified if an HIE is available. Due to this direct
relationship between the HIE and EHR adoption, it is important that these two roles be intimately
related.
S ‐ 49
As a recipient of both the State Grant to Promote Health Information Technology Planning and
Implementation and the Health Information Technology Regional Extension Center Program, OHIP is in a
unique position to coordinate both efforts closely. This dual‐service capacity provides a distinct
opportunity for OHIP to engage in HIE outreach and stakeholder involvement through existing,
structured REC channels of communication.
S ‐ 50
1.3.1.2 REGIONAL PARTNERS APPROACH
For OHIP to coordinate efforts across the awarded REC region, it created seven multi‐stakeholder groups
called Regional Partners42 (RPs) that are responsible for assisting providers in their areas with the
implementation of certified EHRs and achieving meaningful use. These RPs are a consortia of provider
representatives, hospitals, universities, community colleges, vendors, workforce development and
quality improvement organizations. Each RP has an identified area of service (counties) and has received
REC funding based on the targeted number of priority primary care providers (PPCPs) that have been
identified as requiring assistance (See Diagram 3).
OHIP meets weekly with its RPs to coordinate EHR and HIE adoption efforts, share marketing, outreach
and education materials, discuss best practices and to coordinate resources. The eighth region of the
42 See Appendix C for a list of Regional Partner Primary and Secondary Contacts
Diagram 4 OHIP Regional Partners
S ‐ 51
state is supported by HealthBridge, an RHIO that was also awarded a REC grant for 11 counties in
southwestern Ohio as well as northern Kentucky and southeastern Indiana. Since HealthBridge is one of
eight vendors invited to participate in OHIP’s HIE RFP, communication with them is limited to the
procurement process.
1.3.1.3 EHR PREFERRED VENDOR PROGRAM
OHIP will require its RPs to meet established milestones to ensure that providers, regardless of
geographic location, receive the assistance necessary to adopt EHRs and achieve meaningful use. These
four milestones are:
Signed Technical Assistance Contracts;
Documented EHR Go‐Live Date;
Meeting Meaningful Use; and
System Maintenance and Optimization.
To assist with the first two milestones, OHIP issued an RFP43 in April 2010 to select a handful of EHR
vendors to offer robust solutions at a discount to providers. The vendors selected to participate in
OHIP’s preferred EHR program are44:
Sage Intergy Suite 6.0
NextGen Ambulatory EHR v5.6
eClinicalWorks v8.0
Allscripts Professional
eMDs Solution Series v6.3.0
OHIP’s preferred EHR vendors are contractually committed to integrate with the statewide HIE and use
the standards created and adopted by ONC. All of these vendors are currently ONC certified for all
general and ambulatory criteria. In addition, preferred vendors must tie payment terms to the
achievement of milestones and receipt of incentive payments rather than the passage of dates and
adopt warranties protecting the provider from classic vendor implementation or support issues.
43 See Appendix D, OHIP REC EHR RFP document 44 See Appendix P, Amendment #4
S ‐ 52
OHIP intends to leverage the preferred EHR vendor program to cultivate the ePrescribing objective for
meaningful use, since most providers use their EHR solutions for this purpose. All preferred vendors are
required to support the ePrescribing capability accordingly. The BOP was represented on OHIP’s
preferred EHR vendor selection team and is working closely with OHIP to ensure alignment with BOP
certification requirements. For more information on additional strategies OHIP is planning to leverage
the preferred EHR program for HIE deployment, see Section 1.2.6.6.
1.3.1.4 REGIONAL LEVERAGE AND FLEXIBILITY
While OHIP has established EHR milestones consistent with the federal Health Information Technology
Regional Center (HITRC) guidance, OHIP does not plan to specify the process by which RPs achieve them.
The goal is to ensure that each region is receiving the same quality of services while allowing RPs the
flexibility to develop delivery models that meet their specific geographic needs.
The goal of OHIP is to deploy HIE services and support in a similar fashion, providing core services
statewide, while supporting the specific needs to develop community‐centered exchange efforts. This
balance of core infrastructure and regional flexibility is important when taking into account the cultural,
market and political differences within healthcare delivery in each region. For example, the way in which
services are delivered in one metropolitan area will be different from the way in which services are
delivered in a rural area and both may differ from how services are delivered in another metropolitan
area. OHIP's strategy would allow different approaches in different regions while still achieving the same
milestones.
Using this structure, OHIP is uniquely positioned to deploy HIE outreach, education and service adoption
across the state in an organized, efficient manner leveraging the expertise, communication channels,
market knowledge and stakeholder relationships of their RPs. Community exchanges desiring additional
HIE infrastructure support can be coordinated through RPs so that close alignment with provider EHR
adoption can occur.
1.3.1.5 IT WORKFORCE DEVELOPMENT
In order to meet OHIP’s goals, Ohio needs a trained and qualified health IT workforce, and yet, there is a
lack of such professionals across the nation. Although there are HITECH grants for institutions of higher
S ‐ 53
education to develop and implement an HIT curriculum, these trainees will not graduate from those
programs until half way through OHIP’s goal of having 6,000 physicians meaningfully using EHRs.
SHORT‐TERM WORKFORCE SOLUTION
OHIP has convened a statewide team charged with developing a short‐term solution to the trained
workforce problem. The team consists of staff from several state agencies: Board of Regents (OBR)
(higher education), Department of Development (ODD), Department of Jobs and Family Services
(ODJFS). Also at the table are representatives from community colleges, private career colleges, the REC
RPs, and several professionals who have done EHR implementation before and are considered experts in
the field. The team will work on four areas:
Creating a job description and related curriculum
Developing a student/trainee recruitment plan
Seeking additional funding streams
Determining logistics for delivering the training
OHIP is looking to recruit trainees from several sources. Many qualified Ohioans are out of work and
have some of the skills OHIP is seeking in HIT professionals. Through federal retraining programs in the
state, these people will be recruited and screened for suitability OHIP also will look at students and
recent graduates of some of the allied medical programs in our community colleges.
For funding, OHIP intends to capitalize on the federal retraining funds through Ohio’s One Stops and
Ohio Skills Bank. ODJFS, ODD and OBR have been brought in as partners, realizing that this is a job
creation opportunity. OHIP’s intention is that the RPs, as well as the EHR vendors, will hire these
trainees.
LONG‐TERM WORKFORCE SOLUTION
Cuyahoga Community College was awarded the HITECH Community College Consortium grant for the
Midwest. Representatives from the college are also on the workforce development team. They have
designated four community colleges in Ohio to deliver the curriculum in both classroom settings and
through distance learning. As mentioned above, OHIP is concerned that trainees from this program will
not be available until OHIP has passed the midpoint of the REC and HIE grant cycles, and that is why
OHIP is developing a short‐term solution as well.
S ‐ 54
OHIP will remain in regular contact with Cuyahoga Community College as the program develops and will
coordinate with its program to the extent possible with the option of transitioning students from the
short‐term program into that program for further training.
OHIP will also continue to work with OBR to ensure that HIT is included in the current medical
professions curricula in Ohio institutions of higher education.
1.3.2 FEDERALLY FUNDED, STATE BASED PROGRAMS
1.3.2.1 ROLE OF STATE INTERAGENCY COUNCIL
In April 2010, the State HIT Coordinator formed the State Inter‐Agency Council (SIC) to explore
opportunities for leveraging the use of the HIE to meet the state’s health quality objectives and to
improve administrative efficiency. The SIC also serves as the forum for coordinating co‐occurring efforts
across agencies that are involved in federally funded, state‐based programs with HIT implications.
The SIC is comprised of representatives from the state’s health oversight and coverage agencies who
have a good understanding of the data already being collected in their agencies and the potential uses
for streamlining data that will be available through the HIE. The council’s task is to address the use of
health information from two perspectives: Policy and Operations. On a policy level, the SIC will work to
identify how each agency currently uses health care and patient‐related information to make decisions
and how the HIE can enhance these functions.
Agencies will concentrate on how they can consolidate the collection of data from providers to
reduce repetitive data requests.
Agencies will also address what data they currently do not have access to and how that data
would improve policy and decision‐making with access.
Agencies will coordinate statewide HIE efforts with federally funded, state‐based programs that
have health IT implications under their purview.
Identify any other opportunities for cost‐savings or streamlining systems through OHIP.
Operationally, the SIC will address how the statewide HIE can help each agency do business better,
streamline data collection and improve customer service. The council will perform a complete analysis
of other IT systems containing information across all agencies that the HIE can facilitate. They will then
work with each agency to determine any potential for cost savings and reorganization once these
S ‐ 55
systems are incorporated in the HIE. Since the SIC’s inception, the council has added representatives
from both Ohio’s Medical and Nursing Boards to coordinate efforts45. In addition, the council felt it was
best to divide into four teams based on the role of the state agency or board and their needs in relation
to the statewide HIE.
The focus of each team was defined by members as:
Data Exchange – Agency representatives discussed the need for an efficient and effective way to
exchange data between agencies. This effort would require no new data collection, but rather a way to
know what data each agency has and an easy way to share that data. Ultimately, it is the desire of
stakeholders for these agencies to streamline their data collection processes across agencies, which is a
service OHIP is well‐positioned to facilitate. It is projected that Ohio could save a significant amount in
costs currently spent to send same or similar data multiple times to multiple agencies in different
45 See Appendix P, Amendment #5
S ‐ 56
formats. Long‐term, thousands of dollars could be saved in the enhanced ability to identify fraud and
abuse patterns.
Licensing – Representatives in this team found a significant overlap in managing the issuance or renewal
of licenses for healthcare professionals. They expressed the need to do this processing and record
keeping in the HIE to save time and money. OHIP and the licensing boards see a win‐win opportunity in
working together, since OHIP has a need to identify and validate individual providers who may use the
HIE. They are currently undergoing discussions about technology options to achieve this win‐win.
Claims – The agencies in this team all manage or administer benefit and claim adjudication processes.
They would like to explore opportunities to leverage use of the statewide HIE to streamline and simplify
their processes and provide more timely and accurate eligibility information.
EHR
Several agencies provide clinical care and would like to implement a certified EHR solution that could
also meet the specific requirements of state agencies. Most often, these agencies provide not only
medical care, but social and public health services. Their clients are frequently indigent homeless or
transient, receiving cross agency services and interfacing with the criminal justice system. Historically,
systems that support these agencies were either developed in‐house by each agency or supported
through niche vendors with limited scalability and interoperability. Since state government cannot
capitalize on IT investments, securing funds to purchase a robust EHR requires special legislative
approval, which is a challenge in tough budget times.
These agencies are excited to finally have a viable opportunity to identify and purchase a certified,
robust EHR that could be scaled to meet their needs and allow them to participate in the statewide HIE,
something they have wanted to do for a long time and have not been able to. With OHIP’s preferred
EHR vendor program, strong hospital stakeholder support and other relationships developed with
vendors for integration with the statewide HIE, this desire can become a reality. OHIP can also assist in
negotiating a fair price for a system usable across agencies, which can reduce the state’s current costs
for maintaining separate systems and ensure connectivity to the HIE. The latter will help these agencies
reduce their overall costs through avoidance of adverse drug events, duplicative tests or services and
identification of other treatment patterns difficult to discern without HIE.
S ‐ 57
These four teams were in the process of developing tasks and deliverables to address their specific
needs; however, due to the recent gubernatorial and legislative transition, their work is currently on
hold. OHIP will continue to monitor developments so discussion regarding these efforts can resume as
soon as new leadership for these agencies are identified.
1.3.3 PUBLIC HEALTH
1.3.3.1 IMMUNIZATION AND DATA REGISTERIES
Ohio’s statewide Immunization Information System, ImpactSIIS, is a secure, web‐based information
system managed by the ODH. ImpactSIIS contains over 41 million recorded vaccinations for nearly 9
million Ohioans. Immunizations administered are both directly entered by participating providers via a
web portal and imported from other electronic sources (e.g., local immunization registries, electronic
health record systems, Medicaid claims data) using HL7 v2.5.1., ImpactSIIS has many beneficial features,
such as the ability to generate immunization reminder notices, forecasting immunizations that are due
and managing vaccine inventory.
1.3.3.2 REPORTABLE LAB AND SYNDROMIC SURVEILLANCE
REPORTABLE LAB
The Ohio Disease Reporting System (ODRS), Ohio’s information system for infectious disease
surveillance, was enhanced in 2007 to allow for electronic lab reports (ELR) for communicable diseases
to flow seamlessly from labs into ODRS. Although several other states are receiving ELR data from labs,
Ohio is one of only a handful of states that have automated this process.
Approximately 40,000 ELR reports were received and directed into ODRS in 2009, almost double from
2008. Roughly, 85 percent of these disease reports flowed directly into ODRS without manual
intervention – either creating a new person and disease report, a new disease report for a person
already in ODRS, or adding new information to an existing disease report already in ODRS.
At the end of 2009, participating ELR facilities included several regional labs (ARUP, LabCorp, and the
Mayo Clinic), several state agency affiliated labs (Corrections Medical Center and ODH), as well as many
labs within the Cleveland Clinic hospital system. ODH is in the process of working with Quest, another
S ‐ 58
regional lab, as well as the hospital labs at Western Reserve Care and MetroHealth. These entities will
likely be certified to send disease reports via ELR, rather than paper, before the end of the year.
ARRA funding will allow extending ELR to several additional hospital labs in the coming year, including a
pilot project to accept electronic reporting of healthcare‐associated infections. The pilot project will
enable ODH to receive HL7 v.2.5.1 messages in addition to current HL7 v.2.3.1, and test the feasibility of
receiving this data in the clinical document architecture (CDA/continuity of care) format. The statewide
HIE will ultimately provide the primary interface for public health reporting, reducing the need to
connect with each individual laboratory and other provider.
SYNDROMIC SURVEILLANCE
ODH uses syndromic surveillance to detect and track health events such as pandemic influenza,
bioterrorism, outbreaks, seasonal illnesses, injuries and environmental exposures by monitoring and
analyzing the health behavior of Ohio’s population in real time. During a health event, syndromic
surveillance can provide answers to questions such as which zip codes have increased disease levels,
which facilities are treating patients, and whether the event is affecting males, females, or a specific age
group more than others are. This information, known as situational awareness, can be used to target
resources to the most affected areas and keep the public informed of important developments.
Currently, Ohio’s syndromic surveillance system, EpiCenter (Health Monitoring Systems, Pittsburgh),
collects information from approximately 150 facilities in real time. The majority of facilities submit data
in real time using HL‐7 (all versions accepted) over secure, virtual private network (VPN) connections. All
facilities submit the following data elements: time of visit, date of visit, patient chief complaint, age, sex,
and home zip code utilizing Health Level 7 (HL7) messaging. Some facilities are able to send additional
message types (e.g. A08, A01, etc.) to provide updates including discharge disposition and diagnosis
information.
A statewide HIE will make the transfer of syndromic surveillance data simpler and more efficient.
Instead of having a data feed from each healthcare provider, the HIE will allow for one data feed from
RHIOs and other exchanges, thus reducing the amount of technical work necessary to maintain the
connections. In addition, HIE will allow physician offices and outpatient clinics to submit syndromic
surveillance information to ODH, something that is currently limited to hospital emergency departments
S ‐ 59
and urgent care centers. The additional data types will enhance Ohio’s situational awareness and event
detection capabilities.
1.3.3.3 PUBLIC HEALTH DATA
ODH collects additional public health data including disease reports through a web‐based system for a
variety of infectious diseases and outbreaks, with expanded testing, services and treatment data for
tuberculosis, sexually transmitted diseases, human immunodeficiency virus (HIV), cancer, stroke, lead
and other heavy metals, occupational conditions, birth defects and genetic disorders. Surveillance
reports come primarily from hospitals, laboratories, clinics, physician offices, emergency medical
services and local health departments. The ODH laboratory receives electronic submissions from
providers and submits results to both the providers and ODH surveillance systems. The ODH lab is
currently piloting the receipt of an HL7 v2.5.1 messages with integrated microbiology and demographic
information.
Dispensing of antiviral agents and antibiotics for influenza or potential bioterrorism agents are reported
by hospitals, clinics and physicians. A wide array of health services and procedures data primarily for
mothers, newborns and children is reported to ODH and includes metabolic, genetic, hearing and vision,
dental, family planning, nutrition, early intervention, breast and cervical cancer and other health
assessments and services from hospitals, clinics, schools, local health departments and physicians.
Long‐term care facilities report a variety of patient and facility information and hospitals report data for
registration. Hospital quality measure reports include 96 indicators of surgical and clinical infections,
deaths and other adverse outcomes, medical and surgical procedures and patient satisfaction survey
data.
The statewide HIE will dramatically increase the quantity and quality of information available to public
health, reducing the need for costly surveys and significantly improving the capacity to monitor priority
health measures such as obesity and tobacco use.
VITAL STATISTICS AND HIE
The Vital Statistics System in Ohio has transitioned from paper to electronic data collection. The birth
certificate is initiated at delivery within birth hospitals. Birth clerks compile demographic and medical
information onto facility and mother’s worksheets from medical records. Clerks then key this data into
S ‐ 60
an electronic web‐based birth system (Integrated Perinatal Health Information System). Once the birth
record is completed at the hospital and saved, it becomes available for viewing at the local registrar and
state registrar levels. The local registrar checks the electronic record for specific items and then files the
record. At that point, the state registrar checks specific items and registers the record. The record is
available for public health use once saved at the hospital level. Out‐of‐state births and geo‐coded
residence information are added to the record, which various public health programs (e.g., birth defects
surveillance and services) utilize.
Death certificate processing is similar to that for births except that funeral directors initiate the death
record rather than hospitals. Funeral directors query informants and then enter decedent’s
demographic information into the electronic death reporting system (EDRS). Funeral directors then print
off a paper copy (drop to paper). They bring the paper copy to the certifying physician who enters the
medical information onto paper. Physicians cannot currently access the electronic death certificate
system. Once the physician has certified the death and entered the causes of death, the funeral director
delivers the completed death certificate to the local registrar. The registrar checks specific items, files
the record electronically and mails the paper copy to the state registrar. Once received in the central
state office, the state registrar keys in the paper only items and registers the death. The cause of death
statements are sent electronically to National Center for Health Statistics where International Statistical
Classification of Disease Codes 10th Revision (ICD‐10) codes are assigned to the death. Death certificate
information is available electronically once the funeral director has saved the record. This data is used
for various public health programs (e.g., child fatality review). The statewide HIE will greatly simplify
these interfaces and improve the efficiency of these processes.
1.3.3.4 OTHER PUBLIC HEALTH
MATERNAL AND CHILD HEALTH STATE SYSTEMS DEVELOPMENT INITIATIVE (SSDI) PROGRAMS
SSDI was launched in 1993 to complement the Title V Maternal and Child Health (MCH) Block Grant
Program and to combine the efforts of State MCH and Children with Special Health Care Needs (CSHCN)
Agencies. Administered by the Health Resources and Services Administration (HRSA), SSDI is intended to
assist state agency MCH and CSHCN programs in the building of state and community infrastructures
that result in comprehensive, community‐based systems of care for all children and their families.
S ‐ 61
SSDI continues to focus grant resources on the Title V Block Grant Health Systems Capacity Indicator
(HSCI) #9(A): The ability of states to assure that the MCH program and Title V agency have access to
policy and program relevant information and data. States focus SSDI resources on establishing or
improving the data linkages between birth records and 1) infant death certificates, 2) Medicaid eligibility
or paid claims files, 3) Women Infants Children (WIC) eligibility files, and 4) newborn screening files.
States give first priority to these four data linkages, and then focus on establishing or improving access
to the following four. 1) Hospital discharge surveys; 2) a birth defects surveillance system; 3) a survey of
recent mothers at least every two years, similar to the Pregnancy Risk Assessment Monitoring System
(PRAMS); and 4) a survey of adolescent health and behaviors at least every two years, similar to the
Youth Risk Behavior Surveillance System (YRBS).
The statewide HIE will provide enhanced linkage capability using its MPI to significantly reduce the cost
and time for these activities. Furthermore, the HIE will reduce the need for risk knowledge and behavior
surveys by providing timely population‐based information on these critical health factors.
AWARDS/AIDS DRUG ASSISTANCE PROGRAM FORMULA AND SUPPLEMENTAL AWARDS (HRSA)
The Ryan White CARE program keeps electronic records of client program applications and is the
repository for medical information reported by healthcare providers for clients served through the
program. The program also pays Medicaid spend‐down to allow clients to have health cards, as well as
Medicare Part D wrap‐around services (e.g., premiums, co‐pays, deductibles, etc.) managed through a
third‐party administrator and pharmacy. ODH compares program data to Medicaid eligibility to assure
ODH is the payor of last resort.
STATE OFFICES OF RURAL HEALTH POLICY AND PRIMARY CARE (HRSA)
The Health Resources and Services Administration (HRSA) funds several programs at the state‐level
designed to increase access to healthcare services for underserved populations. In Ohio, the State Office
of Rural Health (SORH) and Primary Care Office (PCO) are co‐located under ODH. They work to assure
the availability of appropriately trained health professionals in primary care and other specialties
needed to deliver health services to underserved areas and populations. They also work to develop
community‐based systems of health care and assure access to high quality interdisciplinary, culturally
competent health services.
S ‐ 62
The Ohio PCO focuses its activities on assessing the need for primary care providers by designating
Health Professional Shortage Areas (HPSAs) and on the recruitment and retention of needed providers
to work in these underserved communities. Funded through multiple state and federal provider loan
repayment and scholarship programs, much of the PCO effort is devoted to primary care workforce
development. The Ohio SORH focuses its efforts on mitigating the access disparity in rural communities
to healthcare services. Its core functions include the collection and dissemination of rural health
information; coordination of rural health resources and activities statewide; provision of technical
assistance to meet rural community health needs; and support for rural workforce development efforts.
HIT is a critical issue when addressing the health care access challenges faced by Ohio’s underserved
residents. The Primary Care and Rural Health Section (PCRHS) is actively engaged in this topic as it
relates to statewide healthcare workforce development planning efforts and in its work with the state’s
34 Critical Access Hospitals (CAHs). A statewide effort is underway to tackle many of the state’s
workforce issues, and four sub‐groups are in the process of being created.
The Unified Long Term Care System‐ Direct Service Workforce Development Subcommittee;
The Health Care Coverage and Quality Council – Primary Care Workforce Development
Subcommittee;
The Statewide Health Information Technology Workforce Development Team; and
The Interagency Team Focused on Coordination of All State Healthcare Workforce Initiatives.
The Primary Care and Rural Section Administrator and Primary Care Unit Administrator are represented
on the Interagency Team and will be working closely with the Primary Care Workforce Development
Subcommittee once formed. The PCRHS administrator collaborates closely with OHA and Ohio’s 34 CAHs
on HIT and related issues, with some funding being made available to CAHs for network
development/HIT activities.
As providers of primary care services, county health departments are also eligible for REC assistance
under the grant opportunity. ODH and OHIP are working together to explore alternatives for certified
EHR adoption in local health department settings. Ideas being explored include cost‐sharing options
through collaborating with other local healthcare providers or other health departments in the area or
region.
S ‐ 63
NHIN DEMONSTRATION PROJECT WITH THE CDC
ODH was invited by the CDC to establish a direct connection to the NHIN. The CDC will cover all costs for
this project. Ohio would become one of only a few states to connect with NHIN and will facilitate the
exchange of public health information among Ohio, CDC, other participating states (currently Indiana,
Washington and New York) and other entities in a secure and standardized manner. This would assist
the statewide HIE in establishing NHIN protocols and provide a more immediate pathway for providers
in Ohio to meet meaningful use requirements for public health reporting.
1.3.4 BROADBAND INITIATIVES
Connect Ohio is a nonprofit, technology‐neutral partnership that works with telecommunications
providers, business and community leaders, information technology companies, researchers, public
agencies, libraries and universities in an effort to help extend affordable high‐speed broadband Internet
services to every household in Ohio.
Connect Ohio is a comprehensive initiative that will improve broadband Internet access and dramatically
increase the use of related technology. The program is the result of a partnership between the State of
Ohio and Connected Nation, a national non‐profit organization that specializes in increasing technology
access and literacy.
Connect Ohio works across all sectors of the state economy in partnership with telecommunications
providers, information technology companies, public agencies, business leaders, community leaders,
researchers and universities in an effort to meet specific goals, which include:
Affordable broadband availability for all of Ohio;
Dramatically improved use of computers and the Internet by all Ohioans;
Local technology planning teams that include every Ohio community;
A meaningful Internet presence in all Ohio communities, to improve citizen services and
promote economic development through e‐government, virtual education and e‐health
solutions; and
A policy and regulatory framework that encourages continued investment in communications
and information technologies year after year.
S ‐ 64
In 2008, data provided by Connect Ohio was combined with information from healthcare resources to
produce maps overlaying broadband coverage with physician and hospital location information (see
Diagrams 4 and 5).
S ‐ 65
Diagram 5 Broadband Coverage with Physicians by Zip Code
S ‐ 66
Diagram 6 Broadband Coverage with Hospitals by Zip Code
S ‐ 67
This information shows extensive broadband access in the majority of the state with the weakest points
appearing in the south‐central and southeastern portions, an area largely represented by OHIP’s RP, the
Ohio University Appalachian Health Information Exchange (OU). OU has been proactively participating in
state broadband initiatives for several years and is still actively engaged in discussions and solutions on
this issue.
In their 2010 assessment, Connect Ohio reported that only 2.1 percent of households in the state did
not have terrestrial fixed broadband access. This figure for rural households was 4.2 percent. Both
numbers reflect increases in broadband access statewide since 2008; however, the most common
barrier reported is not access itself, but the perception that broadband is not necessary or valuable. This
is followed by a lack of computers in both homes and businesses because of persistent economic
conditions.
In addition, ComNet, Inc., was recently awarded a $30 million grant with an additional $12.9 million
applicant‐provided match to construct almost 700 new miles of high‐capacity fiber to expand an existing
network throughout 28 western Ohio counties. ComNet estimates it will create over 300 jobs through
this project. Nearly 2 million people as well as 165,000 businesses and approximately 3,000 other
community institutions stand to benefit from this project. This project will help an area that has been
impacted by the automotive restructuring and by high unemployment rates.
These broadband initiatives will be valuable to OHIP as it moves forward with its message for HIT
adoption both at the statewide and community level. OHIP and its RPs can assist in raising awareness
about the availability of existing broadband access as they encourage HIT adoption through REC
assistance and education regarding the incentive payment program.
1.3.5 MEDICAID COORDINATION46
1.3.5.1 STATE MEDICAID HEALTH INFORMATION PLAN (SMHP)
In June 2010, Ohio Medicaid submitted their Planning Advanced Planning Document for HIT (PAPD)
outlining the steps necessary to complete the State Medicaid Health Information Plan (SMHP) and its
associated Implementation Advanced Planning Document (IAPD). These plans, in combination, will
46 See Appendix P, Amendment #6
S ‐ 68
enable the implementation of Ohio’s Medicaid EHR Provider Incentive Payment Program (MPIP),
provide an assessment of Ohio’s current HIT landscape and the state’s Medicaid HIT vision and provide a
road map to accomplish the vision.
Since submission of the PAPD document, the following steps have occurred or are scheduled to occur:
CMS approved Ohio’s PAPD in July 2010
State Controlling Board approved release of funds to support MPIP program in
September 2010.
Ohio Medicaid has prepared the SMHP, which is currently being reviewed by
stakeholders and is targeted for submission to CMS before December 2, 1010
Following approval of the SMHP, Ohio Medicaid will submit the IAPD to CMS likely in
December 2010.
MPIP system build and related procurement activities will begin in January 2011.
Implement MPIP program in spring 2011
The SMHP requires Ohio Medicaid to look forward five years, anticipating technological innovations and
practice improvements. The plan is both a strategic and tactical plan, moving Medicaid participating
providers to improve both quality and efficiency, which is a goal common with OHIP’s vision. The plan
contains five sections, each with a comprehensive set of questions and answers required to obtain CMS
approval:
Documentation of Ohio Medicaid’s “As Is” state of EHR adoption, broadband availability and
electronic data exchange capacity.
Documentation of Ohio Medicaid’s “To Be” vision for HIT
Details about implementation of Ohio’s Provider Incentive Payment Program
Details about Ohio’s Strategy for Monitoring and Auditing the MPIP program
Ohio Medicaid’s HIT Roadmap, describing how Ohio Medicaid will achieve its five year vision
including annual benchmarks and indicators for each goal to measure progress
Strategies for execution of the SMHP and related coordination with OHIP include:
Resources for the MPIP project will be a combination of Ohio Medicaid staff, housed under
ODJFS and contractor staff. The cost of this phase of the project is estimated to be $1.4M and
qualifies for 90 percent enhanced federal funding. Medicaid staff denotes this amount is only to
S ‐ 69
fund the staff necessary to implement and support the MPIP program as outlined in the SMHP.
Funds were not separately earmarked for other statewide efforts toward development of the
statewide HIE or EHR adoption (e.g., entity index development, etc.). This decision was made to
allow Medicaid staff to remain focused on high‐priority implementation initiatives such as MPIP
and MITS and the limited availability of match funds due to Ohio’s budget deficit.
Ohio Medicaid has engaged OHIP about leveraging its RP channels to communicate and educate
providers on the requirements and implementation of the MPIP. This includes exploring
additional targeted strategies for participation and related EHR adoption to support providers in
rural or economically challenged urban locations.
As the initial work of outreach with Ohio’s practitioners moves to the next phase of technical
support to establish adoption ,meaningful use of certified EHR and Ohio’s MPIP implementation,
ODI/OHIP and Ohio Medicaid will examine common business practices to support federal
Meaningful Use Quality Measures. Common goals between Medicaid and OHIP include using HIT
to gather and exchange clinical information for the purpose of health quality improvement,
using HIT to increase accountability through transparent and streamlined reporting on quality
measures, transforming data into meaningful information that can engage clinicians and
patients in informed decision‐making.
National meaningful use measures are well known. Ohio Medicaid’s quality focus is exemplified
by Ohio Medicaid has several value‐based activities already underway. These efforts include its
Emergency Department Diversion project, Medicaid payment reform, Best Evidence for
Advancing Childhealth in Ohio Now (BEACON) Council, and ePrescribing, as well as participating
in the HCCQC’s avoidable hospital readmission and multi‐payor enhanced primary care home
initiatives. These activities require an enhanced decision support system at Medicaid and the
exchange of relevant health information to promote value‐based decisions. They will influence
the type of information that Ohio Medicaid seeks through exchange and the partnerships and
strategies that Ohio Medicaid pursues to promote the adoption of EHRs and the exchange of
health information.
OHIP was the source of much of the information contained in the SMHP and will continue to
assist Ohio Medicaid in its efforts to obtain approval since implementation of the MPIP program
is of critical importance to OHIP’s stakeholders and a driver of EHR adoption in Ohio. Ohio
Medicaid is also a member of OHIP’s Communications Committee and is actively coordinating
with OHIP to communicate the status of the MPIP program to stakeholders through OHIP’s
S ‐ 70
regional partner channels, media announcements, newsletters and OHIP‐sponsored
conferences.
1.3.5.2 MEDICAID INFORMATION TECHNOLOGY SYSTEM IMPLEMENTATION
As noted previously, Ohio Medicaid began planning efforts in 2004 to convert its existing claim
adjudication system [MMIS] to the new Medicaid Information Technology Architecture (MITA)47.
Following a formal procurement process, Ohio Medicaid selected a vendor (EDS, later HP) to assist in
making this transition.
Currently, key components of MITS are in place including front‐end support for managing the exchange
of HIPAA‐mandated48 administrative transactions between trading partners and an enterprise service
bus (ESB). Beginning First Quarter 2011, the new claim adjudication module of the MITS system will go‐
live for Phase I processing. Subsequent phases of implementation are also planned including integration
with sister state healthcare‐related agencies, ODJFS’ data warehouse and decision support system.
To fully support the transition of the MITS system from implementation to production and prepare for
certification, Ohio Medicaid does not intend to directly interface MPIP with the MITS system during the
first year of the MPIP. However, MITS’ portal and ESB middleware capabilities may be leveraged to
support the MPIP in a latter phase of the system lifecycle.
1.3.5.3 MEDICAID COORDINATION AND STAKEHOLDER ENGAGEMENT
To understand how OHIP is coordinating with Medicaid HIT initiatives, it is important to be aware of how
Medicaid is administratively structured in Ohio and how the leadership within this structure is engaged
in collaboration with OHIP.
OHIO’S MEDICAID STRUCTURE
As noted in a 2006 report to the state legislature conducted by the Ohio Medicaid Administrative Study
Council, ODJFS oversees Ohio’s Medicaid program along with seven other major state and federal
programs. Within ODJFS, Ohio Medicaid is administered at a “sub‐department” level and therefore must
47 See Appendix A, Reference # S13 48 See Appendix A, Reference # R14
S ‐ 71
share leadership and support services with the other major programs administered by that agency as
noted below.
In addition, specific Medicaid program services are administered through delegated arrangements with
eight other state agencies. Of these agencies, the Department of Aging (ODA), Department of Alcohol
and Drug Addiction Services (ODADAS), Department of Mental Health (ODMH) and Department of
Developmental Disabilities (DODD) fund and/or deliver specialty population‐focused services to
hundreds of thousands of Medicaid and non‐Medicaid eligible Ohioans in addition to performing
Medicaid administrative functions. Four other state agencies also involved in Medicaid or health‐related
functions: Department of Health (ODH), Department of Education (ODE), Attorney General (AG) and
Auditor of State.
Although core Medicaid medical services have historically been administered using ODJFS’ MMIS, all of
the delegated agencies have purchased or developed independent systems over the years to manage
service delivery or administer payment within their respective scope of services. These systems are not
necessarily linked across all agencies, although some do feed into MMIS or related Medicaid reporting
databases. Plans for future MITS implementation phases include adding functionality or data to support
some of these delegated arrangements.
From a policy perspective, each agency can develop its own provider licensure, certification, major and
unusual incident, population reporting and other policies, although cross‐agency coordination is
S ‐ 72
encouraged via interagency agreements. In 2007, the Executive Medicaid Management Administration
(EMMA) was created to serve as the central coordinating body to manage the Ohio Medicaid program
across all state agencies. EMMA has been active in facilitating coordination across similar policies (e.g.,
provider licensure) and plans for MITS implementation.
STAKEHOLDER ENGAGEMENT
As evidenced by Ohio’s Medicaid Administrative Structure, coordination with Medicaid programs is not
simply a matter of coordination with a single state agency or with a single benefits administration
system. Therefore, when Ohio’s State HIT Coordinator began discussions regarding the best mechanism
for coordinating with Medicaid, she first approached EMMA. The state agencies participating in
EMMA’s coordinating committee voted to establish a separate council, the State Interagency Council
(SIC) to coordinate health IT initiatives including MPIP. In total, Ohio Medicaid staff members from
ODJFS are represented on the following OHIP‐related stakeholder committees:
Committee Participating ODJFS Medicaid Staff
OHIP Board State Medicaid Director is not a board member, but an invited
guest who provides updates on MPIP, MITS and other related
HIT initiatives on a monthly basis
OHIP HIE Committee Chief, Health Services Research, Medicaid
OHIP Privacy Committee HIPAA Project Director, Medicaid
OHIP Regional Partner Committee Project Manager, Medicaid Communication and Outreach
State Interagency Council (SIC) Chief Strategy Officer; Program Manager, Public Program
Healthcare Coordination and Support; Chief, Health Services
Research
HCCQC State Medicaid Director; Chief, Policy and Health Plan services,
Medicaid
In addition to these committees, EMMA, Medicaid sub‐waiver agencies and/or State HIT Coordinator
staff are represented on the following OHIP‐related committees:
Committee Participating State Agency Staff
S ‐ 73
Committee Participating State Agency Staff
OHIP Board State HIT Coordinator, Board Chair
OHIP HIE Committee Deputy Director, Center for Public Health Statistics and
Informatics (ODH)
OHIP HIE Vendor Scoring Team CIO (ODI)
OHIP Privacy Committee Legal Counsel (EMMA); Legal Counsel (ODMH)
OHIP ePrescribing Task Force State HIT Coordinator (ODI); Legislative Affairs Liaison (Ohio
Board of Pharmacy)
State Interagency Council (SIC) State HIT Coordinator (ODI), Chair; Strategic Planning and Data
Analysis Administrator (ODI), Facilitator
Behavioral Health REC Sub‐
Committee
Medicaid Policy Director (ODMH); CIO (ODADAS)
HCCQC All state health agencies are represented
1.3.5.4 BEST EVIDENCE FOR ADVANCING CHILD HEALTH IN OHIO NOW (BEACON)
BEACON is a statewide collaboration in Ohio among individuals and organizations that seek to
encourage and support initiatives that achieve measurable improvements in children’s health care and
outcomes through improvement science. The BEACON council is co‐chaired by Dr. Alvin Jackson,
Director of ODH and Dr. Mary Applegate, Medical Director for Ohio Medicaid. The focus on children’s
health quality, outcomes measurement and research, coupled with an existing data‐sharing
infrastructure presents a unique opportunity to improve quality and enhance innovation in the delivery
of healthcare for children. It may also be an excellent avenue for input/guidance related to Ohio’s
Medicaid Health IT Plan. This initiative could clearly benefit through leveraged use of the statewide HIE
to achieve and track improved outcomes.
1.3.5.4 CYBERACCESS
CyberAccess is a HIPAA‐compliant internet portal for Medicaid providers to access pharmacy
information regarding their patients. Prescribers can also use the tool to verify a drug’s prior
S ‐ 74
authorization status and send ePrescriptions to pharmacies. Prescribers and/or their authorized staff
will have the ability to:
Review two years of pharmacy claims submitted by providers;
Identify potential care management concerns including adverse drug events, over or under
utilization and disease management best practices;
Electronically verify drug prior authorization status; and
Electronically send prescriptions to pharmacies.
Integration of this capability with the statewide HIE and direct integration with certified EHR vendors
would expand use and the related potential mitigation of prescription‐related adverse events.
1.3.6 MEDICARE COORDINATION
Medicare and OHIP efforts will intersect on the following levels:
Coordination of Medicare/Medicaid Incentive Payment Programs ‐ Eligible non‐hospital
providers must choose to pursue EHR incentive payments through either the federal Medicare
or a state Medicaid program. As noted under Medicaid Coordination efforts, Ohio Medicaid is in
the process of preparing the details of this coordination through the development of their state
Medicaid HIT Plan. Central to the process will be its integration with the National Level
Repository (NLR) being developed by CMS. The NLR will provide a single point of entry to
register providers for both incentive payment programs to:
- Prevent duplication of payments between Medicare and Medicaid and between states;
- Allows Medicare to meet its mandate for online posting requirements;
- Track EHR incentives nationally; and
S ‐ 75
- Ensure accurate and timely payments.
The NLR will collect eligible providers’ name, NPI (Type 1), business contact information,
Taxpayer Identification Number (TIN) and desired incentive program selection. This data will bi‐
directionally interface with the MPIP as depicted in the Diagram 7 above.
Further details of the NLR interface are currently being vetted through CMS and State Medicaid
agencies. As this work develops, Ohio Medicaid representatives will continue to update OHIP on
important emerging issues to enhance communication to providers through OHIP’s stakeholder
committees, RP channels and OHIP’s website.
Medicare eligibility and coordination of benefits – Ohio Medicaid providers are required to bill
Medicare and other payors before seeking reimbursement through the Medicaid program.
Providers are required to report other coverage consumers may have, if the provider is aware of
the coverage, which is captured in the Ohio Medicaid MMIS/MITS. In addition, Ohio’s current
Medicare intermediaries, National Government Services (Part A) and Palmetto GBA (Part B)
support electronic eligibility inquiry and response transactions49. OHIP intends to leverage these
49 Neither of these entities won the current contract. CMS is currently in court over their appeal. These two entities will continue to process claims until the suit is settled.
Diagram 7 National Level Repository Narrative
S ‐ 76
two sources of data to provide centralized eligibility information and ultimately the coordination
of benefits.
1.3.6.1 COORDINATION WITH BEHAVIORAL HEALTH PROGRAMS
OHIO PEDIATRIC/PSYCHIATRY DECISION SUPPORT NETWORK (OPPDSN)
The Ohio Pediatric/Psychiatry Decision Support Network (OPPDSN) is a grassroots, community‐driven
telehealth initiative launched by ODMH in May 2009 in response to growing concerns over timely access
to child psychiatric services and the detrimental impact those delays were creating for patients and the
state’s emergency care system. This highly‐endorsed program provides a technologically supported
system of consultation, communication, quality improvement and direct services designed to both
increase access to child psychiatry and triage for PCMHs, primary care, and community mental health
provider organizations and remove barriers to integrated care through system‐linking technology used
by a coordinated and competent decision support network.
The youth of Ohio are fortunate to be served by excellent children’s hospitals, in addition to an array of
pediatricians, internists, obstetrics/gynecology, family physicians and general psychiatrists who have
some experience treating children with mental illnesses. Together with primary care physicians,
advocates and others, the OPPDSN team is advancing a plan for providing a statewide network of expert
consultation by child/adolescent psychiatrists and other health professionals, including a state‐of‐the‐art
Web site focused on child and adolescent mental health, e‐visits, store‐and‐forward technology and
video/telemedicine services. A member of OHIP’s Board is an active participant in this telehealth
initiative that has received an overwhelming amount of support throughout the state’s healthcare
system since its inception.
TREATMENT EPISODE OUTCOMES SYSTEM (TEOS)
Pending award of a Data Infrastructure Grant (DIG) from the Substance Abuse and Mental Health
Service Administration (SAMHSA) in October 2010, ODMH plans to collect client level and sample data
to report the National Outcome Measures (NOMs). Each year of the grant, data will be sought from
approximately 170,000 consumers with Serious Mental Illness (SMI) and caregivers of children and
adolescents with Serious Emotional Disturbance (SED). Over the life of the grant, data will be sought
from approximately 500,000 consumers and caregivers.
S ‐ 77
ODMH plans to develop reports and/or a database that will enable local mental health authorities and
service providers to use information from the proposed Treatment Episode Outcomes (TEO) system and
from survey sampling, with the overall goal of improving access, enhancing service quality and efficiently
meeting the requirements of funders and national accrediting bodies. To measure and report the NOMs
for housing, employment/school suspensions and criminal justice involvement, ODMH plans to develop
and implement a TEO system where service providers will collect and report on consumers with
SMI/SMD at either admission/discharge or annual update.
To measure and report the NOMs for client perception of care, social connectedness and functioning,
ODMH plans to draw a random sample from enrollment records in its outpatient billing system. Staff will
conduct an annual survey of 3,000 adult consumers using the SAMSHA’s Mental Health and Statistics
Improvement Program (MHSIP) and 3,000 caregivers of child and adolescent consumers using the Youth
Services Survey for Families (YSS‐F). Information collected through sampling 18,000 consumers and
caregivers over three years will permit the ODMH to report annual changes in perception of care, social
connectedness and functioning scores from 2011 through 2013.
1.3.7 PARTICIPATION WITH FEDERAL CARE DELIVERY ORGANIZATIONS
1.3.7.1 MILITARY AND VETERAN’S HEALTH SERVICES
There are five Veteran’s Affairs (VA) Medical Centers geographically dispersed in Ohio: Chillicothe VA
Medical Center, Cincinnati VA Medical Center, Louis Stokes VA Medical Center in Cleveland, Chalmers P.
Wylie Ambulatory Care Center in Columbus and the Dayton VA Medical Center. Ohio also has two VA
outpatient clinics and 28 VA community‐based outpatient clinics. There is one Department of Defense
(DOD) medical facility at Wright Patterson Air Force Base in Dayton, Ohio (the 88th Medical Group). The
state does not have any Indian Health Services (IHS) nor does it have any tribal health facilities.
Given OHIP’s REC structure, OHIP intends to engage military and veteran’s health organizations in health
IT adoption through its RPs, who have existing relationships within their communities with these care
delivery organizations and are better position to encourage HIE adoption at a local level. In addition,
OHIP is aligning its proposed HIE model and related committee structure with national standards
development such that NHIN or other protocols developed to connect federal care delivery
organizations with state HIEs will be used as they emerge.
S ‐ 78
1.3.7.2 FEDERALLY QUALIFIED HEALTH CENTERS50
The Ohio Association of Community Health Centers (OACHC) represents all of the state’s 35 Federally
Qualified Health Centers (FQHC) and coordinates much of the primary care for Ohio’s at‐risk population.
In 2009, FQHCs provided care to over 475,000 Ohioans and recorded well over 1,900,000 patient visits.
With the ARRA funding granted to health centers in 2009, steady growth is expected to serve more than
550,000 patients in 2010 and over 1,000,000 patients by 2015.
OACHC estimates approximately 450‐500 providers practicing in their network have prescriptive
authority. Currently eight of Ohio’s 35 FQHCs have fully implemented, ONC certified EHRs with several
additional centers in the queue for completion by Spring 2010. Those remaining anticipate full EHR
implementation by 2013.
This successful rate of adoption is due to OACHC’s strategic approach through a healthcare controlled
network, Ohio Shared Information Services (OSIS) that provides centralized IT support on a common,
certified platform (NextGen) available to all Ohio FQHC locations. OACHC’s Executive Director is a
member of OHIP’s HIE Committee and the CIO for OSIS sits on OHIP’s Board. Both entities have been
actively engaged in HIT adoption at the statewide level for some time and are enthusiastic about its
potential for improved patient outcomes. Ohio’s FQHCs provide a model approach for other subsets of
healthcare providers with specific requirements to encourage adoption where IT solutions obtained
independently may have otherwise failed.
1.4 GOVERNANCE
1.4.1 COLLABORATIVE GOVERNANCE MODEL
1.4.1.1 STATE DESIGNATED ENTITY
50 See Appendix P, Amendment #7
S ‐ 79
As the SDE for Ohio’s statewide HIE, OHIP is in a unique position to provide a cohesive approach to
delivering both HIE and REC services at a statewide level. To do this, OHIP must address the needs of its
stakeholders and promote a process that encourages transparency and communication.
1.4.2 GOVERNANCE STRUCTURE
1.4.2.1 BOARD EXECUTIVE COMMITTEE
During the creation of OHIP, five stakeholder groups came together to create the initial Board of
Directors for OHIP. In addition to serving as stewards within the healthcare community, these
stakeholders provided in‐kind funds to generate the start‐up capital required to establish the
organization and possess the funds necessary for the federal match requirement.
Currently identified as the Board Executive Committee, these five members have the authority to add,
change or remove board members from the larger Board of Directors.
The founding members are representatives from the following organizations:
BioOhio, a non‐profit organization designed to build and accelerate bioscience industry,
research, and education in Ohio
Ohio State Medical Association (OSMA)
Ohio Osteopathic Association (OOA)
Ohio Hospital Association (OHA)
State Government
S ‐ 80
Following the submission of the State Health Information Exchange Cooperative Agreement Program
and the Regional Centers Cooperative Agreement Program grant applications, the Board Executive
Committee chose to expand the Board of Directors from five to fifteen members in February of 2010.
1.4.2.2 BOARD OF DIRECTORS
The Board of Directors is a 15‐member board that oversees the full breadth of OHIP’s operations. The
expansion of the board from the original five members was necessary to promote a broader stakeholder
base that would foster greater transparency within the organization. All OHIP board members have
voting, staff oversight, community stewardship and fiduciary responsibilities. The expanded board
members represent the following additional stakeholder groups:
Hospitals
Primary care MDs
Primary care DOs
Mental Health
FQHCs
Payors
Employers
Consumers
S ‐ 81
Included in the group of expanded board members is one seat that is reserved as the “at‐large” seat.
This seat’s representation will rotate on an annual basis and be filled based on OHIP’s most active tasks.
Please refer to Table 2 for a list of OHIP’s current Board of Directors.
1.4.2.3 FINANCE AND AUDIT COMMITTEES
As required in ARRA, OHIP created committees for finance and auditing to ensure that OHIP is meeting
all federal fiduciary requirements regarding the use of ARRA grant money.
1.4.3 STAFFING STRUCTURE
OHIP’s planned leadership structure for supporting both the HIE and the REC is depicted in the diagram
below. Since the award announcements, OHIP has been actively working to recruit staff in these
positions. Further details regarding staffing under this leadership structure are included in OHIP’s HIE
budget and are further explained in the Staffing section of the Operational plan.
Table 2 OHIP Board of Directors
S ‐ 82
While OHIP continues to recruit staff, Board Executive Committee members and their respective
organizations are supplying resources to assist with current operations. Several attempts have been
made to benchmark HIE staffing projections with other state efforts; however, due to the infancy of
field, it remains a challenge to know how much staff should be hired versus outsourced and there is a
limited pool of expertise available due to demand. ONC’s assistance regarding staffing projections would
be helpful to OHIP and other states as they progress with their efforts.
The Project Managers for both the HIE and REC will each serve as the facilitator to the committee
related to their scope of work. These committees will be responsible for performing a strategic advisory
role in the development of each of OHIP’s lines of business. Relevant, interested stakeholders compose
the majority of these committees and are led by members of OHIP’s board or staff. These committees
S ‐ 83
represent a diverse range of stakeholders including hospital CIOs, M.D.s, D.O.s as well as behavioral
health, FQHC’s, state agencies and provider association representatives51.
Each committee will have the option of forming ad hoc work groups that address the specific needs for
their line of business. A few of those existing workgroups are noted in the diagram above (i.e., privacy
and policy52). For more information about alignment of OHIP’s committee structure with federal
committee structures, please refer to the Governance section of the operational plan (O‐7).
1.4.4 STAKEHOLDER INVOLVEMENT
As the SDE for Ohio, OHIP will rely on the SIC53 and the HCCQC to provide them with stakeholder
inquiries and concerns.
51 See Appendix E for a complete list of HIE and REC Committee Members 52 See Appendix P, Amendment #11
53 See Appendix P, Amendment #5
S ‐ 84
As noted in the section on Federally Funded, State‐Based Programs of the strategic plan, the SIC includes
representatives from the state’s health oversight and coverage agencies as outlined in the diagram
above and serves as a forum for state agency input and coordination with HIE development efforts.
The HCCQC serves as a public‐private advisory group designed to improve the coverage, cost and quality
of Ohio’s health insurance and healthcare system. Established by the Ohio General Assembly in July
2009 following its initial creation by an Executive Order from Governor Ted Strickland, the HCCQC
consists of over 30 members from the provider, payor, consumer and policy communities. State
agencies responsible for health care and insurance delivery and oversight are represented, as is the Ohio
General Assembly. The Council encourages and provides regular opportunities for public comment.
Furthermore, the HCCQC has created an HIT taskforce that includes members of the council, interested
stakeholders and members of OHIP54. This taskforce is an effort to coordinate other state and federal
healthcare reform with the efforts of OHIP and the HITECH grants.
Lastly, OHIP received numerous letters of support from stakeholders during their federal grant
application process55.
1.4.5 STATE GOVERNMENT HIT COORDINATOR
In Ohio, the Enterprise Health IT Officer position is housed in ODI. This is a result of ODI’s designation by
Governor Strickland as the state agency responsible for managing funds and initiatives related to health
reform including oversight of the HCCQC and OHIP. Amy Andres, Chief of Staff for ODI, is currently filling
this position for the state. Amy’s unique background as a public sector CIO with a significant amount of
stakeholder leadership responsibility coupled with private sector experience in pharmaceutical data
exchange positions her well for the job. Amy led the state’s legislative task force on eligibility and claim
adjudication standardization. More importantly, Amy has the necessary skills and cross‐agency authority
to move both critical stakeholders and the state’s administration toward both short‐term and long‐term
health IT goals. It is her intent to leverage the state’s investment in OHIP by integrating the statewide
HIE’s resources into the state’s policy, operational and technology strategies.
As the State’s Enterprise Health IT Officer, Amy serves as OHIP’s Board Chair and a member of the Board
Executive Committee. As Board Chair, Amy provides the financial oversight for both state and federal
54 See Appendix F for a list of HCCQC HIT Task Force Members 55 See Appendix G for a list of stakeholders who submitted letters of support to OHIP
S ‐ 85
funds allocated to OHIP, as well as ensures that all development and implementation strategies align
with OHIP’s efforts. She is also leading a workgroup composed of leaders from Ohio’s health‐related
agencies, the SIC. The task of this workgroup is to integrate OHIP’s efforts with state initiatives. This
group will be tasked with re‐evaluating their policy, operational and technology strategies to identify
ways to leverage the statewide HIE to improve their processes, take advantage of new information
available, and to integrate existing and proposed information systems with the HIE. Additionally, Amy is
a member of the core Medicaid team that will facilitate the provider incentive payments through the
implementation of the required meaningful use components.
1.4.6 ACCOUNTABILITY AND TRANSPARENCY
OHIP will act in a manner that provides stakeholders with succinct and timely communication necessary
to engage in health IT adoption efforts effectively. OHIP recognizes the importance of balancing the
stakeholders’ need for communication with fiscal responsibility for staff time such that OHIP does not
generate pointless communication tasks, unimpeded procurement efforts and prevent “information
overload.” To balance these goals, OHIP has adopted the following communication strategies:
Early on, OHIP established a formal Communication Committee comprised of the
Communication Directors for each of the initial board member organizations. Collectively, this
committee has a significant amount of experience in dealing with the media, public record
requests, web and print communications, lobbyists, vendors and other interested parties. This
committee vets all public announcements. The group has also been expanded to include a
communications representative from each regional partner. The committee communicates
regularly and will meet as needed to coordinate outreach efforts effectively.
In January 2010, OHIP created a website, www.ohiponline.org , where all news, procurement,
related links and other pertinent information is shared. In April 2010, OHIP contracted with a
vendor to provide a SharePoint platform to support both extranet and internet portals. The
extranet will be used to share documents, discussion, calendars and other important
information with committee members, regional partners and board members. This platform will
also provide with a portal to the federal CRM reporting tool.
Stakeholders and vendors may elect to be added to OHIP’s e‐mail list via the Contact OHIP
webpage on OHIP’s website. This mailing list is used for key announcements and procurement
S ‐ 86
updates. Additionally, email addresses and related processes have been created to accept both
general public and procurement‐specific inquiries.
In May 2010, OHIP contracted with a Communication Director, who is responsible for managing
daily communications for all of OHIP’s initiatives. With extensive experience in health public
affairs and media communication, she will be responsible for all web and print materials and is
in the process of developing an OHIP Communications Plan and marketing materials for Regional
Partner use.
OHIP issues a weekly newsletter to the Board, all committee members and regional partners.
OHIP conducts separate weekly conference calls and/or webinars with members of the HIE
Committee, REC Committee and RPs. In addition, monthly face‐to‐face meetings are held with
the RPs and with members of the HIE or Communication Committees when necessary.
OHIP provides formal updates on HIE, REC and OHIP administrative tasks to OHIP Board
Members during their monthly meeting both face‐to‐face and via webinar for members who are
unable to travel.
OHIP staff members have been invited to serve on the REC Education and Outreach (E&O)
Advisory Group to help develop strategies and materials in support of the Community of
Practice (CoP).
1.5 FINANCE
The inherent juxtaposition of IT, especially in the healthcare industry, makes HIE sustainability difficult.
An HIE must be robust without the associated costs. OHIPs model is to offer a multitude of services that
noticeably improve efficiencies and offset infrastructure costs. The following two fundamentals are key
to the viability of an HIE and are in direct contention with each other:
That it is feasible for any healthcare provider, healthcare consumer or payor to electronically
share individually identifiable data to support efficiency and quality of care in a standards‐based
format; and
The costs and benefits of an HIE are aligned such that, once established, the HIE will be funded
through mechanisms that reflect the advantages and value created from participating in an HIE
rather than through extraordinary, one‐time sources.
To overcome these conflicting ideologies, non‐traditional revenue mechanisms will need to be
developed to provide sustainable services for those who cannot or will not afford them.
S ‐ 87
1.5.1 SUSTAINABILITY56
OHIP’s sustainability strategy is based on three core objectives:
Leveraging the OHIP REC’s EHR adoption goals to assist the HIE with PIN target services;
- EPrescribing
- Exchange of structured lab results
- Sharing of patient care summaries across unaffiliated organizations
Offering HIE core and basic clinical data exchange services at significantly discounted prices or
for free; and
Developing additional value added, fee‐based services.
These three objectives will help create a sustainable HIE that will assist direct participants, such as
providers, payors, labs and pharmacies in achieving meaningful use, and also will create potential
revenue streams from current secondary data users, including government agencies, payors,
accreditation bodies and researchers.
OHIP will leverage federal grant money to offset the initial build‐out and core services of the statewide
HIE to encourage stakeholder participation. Concurrently, OHIP will use its REC program to expand
provider EHR adoption, directly increasing the possible user base of the HIE. As the HIE attains a critical
mass of users, additional, value‐added services will be phased in that can be purchased by current users
and secondary data users who may not require bi‐directional functionality.
To reduce costs for hospitals, providers, payors and patients, OHIP intends to sustain the HIE by
developing innovative solutions surrounding eligibility verification, coordination of benefits, real‐time
claims adjudication and real‐time payment. To provide value‐added services, OHIP sees significant
opportunities arising from the convergence of three historically separate provider processes: timely
identification of disease‐specific treatment protocols, clinical documentation workflows and
administrative workflows to secure payment. In the past, providers followed entirely separate electronic
or manual processes to perform these three functions, all of which were analyzed for errors
retroactively. Until recently, technology was not widespread enough to support a more sophisticated set
56 See Appendix P, Amendment #8
S ‐ 88
of protocols using timely clinical and administrative data to ensure better outcomes for both the patient
and provider.
For example, through HIE technology, OHIP envisions the real‐time capability to validate clinical data
against treatment protocols, benefit coverage and payor edits to achieve a 99 percent propensity for a
provider to be paid on first pass. More importantly, the on‐demand merging of clinical and
administrative data flows allows patients to obtain point‐of‐service authorization and a clear
understanding of the cost of treatment. Deployed in an “open model” that supports all payors and
providers throughout the state, these future workflows also align with healthcare reform models such as
accountable care organizations or PCMHs. It is this future vision that has driven OHIP to select a
sustainability strategy that incorporates the clinical and administrative exchange services.
With the expansion of the clinical exchange creating an ever‐increasing provider base, the integration of
administrative functions will help improve healthcare quality and curtail costs through improving
operational efficiencies.
1.5.2 SUMMARY OF COSTS AND REVENUES
To maximize the amount of funding that OHIP would be able to acquire from the federal government, a
committed match from the State of Ohio for $2,106,801 was released by the state’s controlling board.
This match garnered a federal grant match of $14,872,199 ensuring adequate start‐up capital to
construct the core functions of the statewide HIE. OHIP’s business model includes generating
$11,625,000 in revenue through the initial four years of the HIE operations. Traditional sources of
revenue have been in the forms of subscription fees, transaction fees and sign‐up/sign‐on charges for
the exchange of clinical data. These traditional fee models discourage both initial participation and
lasting adoption. To encourage buy‐in, revenue structures must be, at worst, cost‐neutral for those who
will use the system. Ultimately, those on the service side will have to reassess what truly carries value in
the system. OHIP plans to continue stakeholder sustainability forums to monitor the services that OHIP’s
stakeholders will be willing to pay for.
OHIP will leverage federal grant money to offset the initial build‐out and core services of the statewide
HIE to encourage stakeholder participation. Concurrently, OHIP will utilize its REC to expand provider
EHR adoption, directly increasing the possible user base of the HIE. As the HIE attains a critical mass of
users, additional services will be phased‐in to offer value‐added, fee‐based services that can be
S ‐ 89
purchased by current users and secondary data users who may not require bi‐directional functionality.
These fee‐based services will offer reductions in existing costs and allow the HIE to offer its core services
and clinical data exchange for little or no charge. OHIP has identified that sustainability is best achieved
through multiple revenue streams that do not simply rely on the exchange of clinical data. This multi‐
revenue stream model will leverage the buy‐in of all types of stakeholders, using a variety of services to
capture their individual desires for operational efficiency and cost reduction. Coordinating with national
standards and protocols, OHIP plans to generate sufficient revenue to assist Ohio’s entire, eligible
provider population with meeting each stage of meaningful use by 2015.
The budget is comprised of core infrastructure costs that include hardware and software costs that are
not unique to a specific function but are required to support the statewide HIE as a whole, such as the
cost of the core platform, Master Patient Index (MPI), Master Entity Index (MEI), etc. The budget also
includes the cost of human resources to implement and maintain the statewide HIE. The OHIP board
provides oversight to the budget, resolves any issues related to the budget and determines appropriate
financial risks. The total for the core infrastructure and Use Case costs is approximately $10.8 million for
the first and second years of operation, with an increase to around $17.3 million for the third and fourth
years. The revenue projections grow in year three and four with non‐grant revenues exceeding cost
projections in year five.
S ‐ 90
Table 3 OHIP Projected HIE Revenues and Expenses
OHIP
REVENUES & EXPENSES
Total Total Total Total Total Federal Non‐Federal Grand
SUPPORT & REVENUE Year 1 Year 2 Year 3 Year 4 Year 5 Total Total Total
Support
Federal Grant ‐ HIE 5,765,566 3,142,235 3,004,316 2,960,082 0 14,872,199 0 14,872,199
State Grant ‐ HIE 878,593 516,425 372,500 339,283 0 0 2,106,801 2,106,801
TOTAL GRANTS 6,644,159 3,658,660 3,376,816 3,299,365 0 14,872,199 2,106,801 16,979,000
Revenue
HIE SERVICES 0 500,000 1,250,000 4,750,000 9,250,000 15,750,000 15,750,000
CLINICAL EXCHANGE 0 0 0 750,000 1,000,000 0 1,750,000 1,750,000
TOTAL REVENUE 0 500,000 1,250,000 5,500,000 10,250,000 0 17,500,000 17,500,000
TOTAL REVENUES 6,644,159 4,158,660 4,626,816 8,799,365 10,250,000 14,872,199 19,606,801 34,479,000
EXPENSES
HIE Overhead Expenses
Personnel Staff Costs 358,416 792,000 831,600 873,180 916,839 2,372,709 1,399,326 3,772,035
Fringe 129,030 285,120 299,376 314,345 330,062 854,175 503,758 1,357,933
Travel 50,000 50,000 75,000 75,000 78,750 200,000 128,750 328,750
Equipment 325,000 50,000 50,000 50,000 52,500 375,000 152,500 527,500
Supplies 115,000 115,000 115,000 115,000 120,750 400,000 180,750 580,750
Other 148,420 254,840 171,840 176,840 185,682 673,000 264,622 937,622
HIE Contractual
Legal 196,632 240,000 190,000 190,000 199,500 590,000 426,132 1,016,132
Audit/Acct 45,000 25,000 25,000 25,000 26,250 100,000 46,250 146,250
Financial 60,000 20,000 20,000 20,000 21,000 40,000 101,000 141,000
Accounting Ass't 6,000 0 0 0 0 6,000 0 6,000
Communications 75,000 75,000 50,000 50,000 52,500 250,000 52,500 302,500
OHIP IT Support 50,000 50,000 50,000 50,000 52,500 0 252,500 252,500
HIE Software & Suppt 3,766,801 800,000 2,020,000 5,800,000 6,090,000 5,750,000 12,726,801 18,476,801
HIE Edu & Outreach 218,860 200,000 50,000 50,000 52,500 300,000 271,360 571,360
HIE IT Devel & Custom 600,000 339,385 330,000 300,000 315,000 1,500,000 384,385 1,884,385
HIE Hosting 500,000 362,315 349,000 250,000 262,500 1,461,315 262,500 1,723,815
Total Contractual 5,518,293 2,111,700 3,084,000 6,735,000 7,071,750 9,997,315 14,523,428 24,520,743
TOTAL EXPENSES 6,644,159 3,658,660 4,626,816 8,339,365 8,756,333 14,872,199 17,153,134 29,349,000
SURPLUS/(DEFICIT) 0 500,000 0 460,000 1,493,667 0 2,453,667 2,453,667
1.5.2.1 REVENUE TIER METHODOLOGY
Noted in the Proposed HIE Business Model section of the strategic plan, OHIP will develop the statewide
HIE in phases. Similarly, revenue for the statewide HIE is projected to exponentially advance as the HIE
develops. Project revenue streams from HIE services will fall into one of three tiers as outlined below:
S ‐ 91
Meaningful Use Revenue Tier – To assist providers as they adopt EHRs, this revenue tier will
apply to core support and basic clinical data exchange services required to meet meaningful use
objectives with HIE implications. Pricing for HIE services falling under this revenue level will be
kept minimal so that costs for related clinical data exchange is affordable and adoption is
encouraged. HIE services under this tier include discovery and location services, trust
enablement, integration with OHIP’s preferred EHR vendors, community‐based portals and
clinical data exchange services required to meet meaningful use objectives.
Administrative Revenue Tier – As HIE adoption increases, more cost‐effective and streamlined
administrative HIE services will be offered to providers. As the HIE incorporates these functions,
operational efficiencies and cost reductions will be realized for providers while providing
sustainable revenue for the HIE. There are immediate business benefits available to providers
and many health plans by having ubiquitous access, uniform across all payors, and real‐time and
batch response times to receive health plan benefit information with some providers already
able to submit claims to health plans without third‐party assistance. Providers are finding that
the electronic remittance advice and claim status transactions provide ways to reduce their
outstanding patient accounts and capture more revenue with less overhead. With a well‐
designed, standards‐based electronic network, all administrative data in health care will move
far more efficiently than it is today. HIE services under this tier include centralized insurance
eligibility verification, integration with Medicaid, centralized mailing address verification
services and centralized coordination of benefits, referral, pre‐authorization and certification
coordination.
Data Revenue Tier – As the data exchanged through the HIE becomes more comprehensive and
valuable to participants, services under this revenue tier will provide additional sustainable
revenue. These services include expanded integration with state agency systems to streamline
current reporting requirements, advanced data aggregation and reporting tools and other
payor/employer exchange services.
1.5.2.2 EXPLANATION OF MODEL ASSUMPTIONS
OHIP has identified that the funds needed to sustain the HIE are currently in the industry value chain
and the key is to offer initial services that will engage a large number of stakeholders early. The larger
the initial HIE user base is will result in a quicker delivery of additional benefits to those initial users and
others who may not have seen a benefit in being an early user. The pricing structure is designed to
S ‐ 92
encourage stakeholders to use the HIE for a small fee and allow the statewide HIE to deliver value to its
participants very quickly adding Pay‐As‐You‐Grow functionality for core services. The pricing defined in
this proposal is preliminary and reflects the need to achieve a sustainable business model. HIE services
such as exchanging medical claims and administrative‐related data between providers and health plans
are subject to very significant efficiencies through the use of a statewide organization to move and
coordinate the interconnectivity of healthcare providers and health plans. If fees for moving the
transactions are assigned at a cost that meets the stakeholders budgetary needs, the overall cost savings
are economically advantageous to all users in Ohio. A tiered pricing model would be established to
provide attractive capped levels so that neither health plans nor healthcare providers have runaway
costs. Through continual input and feedback from the entire stakeholder community in Ohio, the OHIP
board will be required to approve all final pricing models.
S ‐ 93
Table 4 OHIP Revenue Model Assumptions
Model Assumptions ‐ Subscription/ Month
Assessment Unit / Month Adoption Rates
Use Cases Per
Facility* Per
Physician Per
Payor** State
Agencies Year 1 Year 2 Year 3 Year 4 Year 5
Core Services $0.02 2 1000 1000 0% 30% 50% 90% 90%
Trust enablement & Authentication $0.02 2 1000 1000 0% 30% 50% 90% 90%
Privacy and Security $0.02 2 1000 1000 0% 30% 50% 90% 90%
National protocol dev and support $0.02 2 1000 1000 0% 30% 50% 90% 90%
Master Patient Locator Index $0.02 2 1000 1000 0% 30% 50% 90% 90%
Record Locator Services $0.02 2 1000 1000 0% 30% 50% 90% 90%
Master Entity Index $0.05 2 1000 1000 0% 0% 20% 50% 70%
Phased Services
Quality Reporting Requirements $0.03 2 0% 15% 30% 50% 70%
Expanded integration with Medicaid $0.03 2 1000 500 0% 15% 30% 50% 70%
Insurance Eligibility Verification $0.05 2 1000 1000 0% 0% 15% 50% 70%
Integration w/ state & other registries $0.05 2 1000 0% 0% 0% 5% 30%
Other Reporting Requirements $0.03 2 0% 15% 30% 50% 70%
Coordination of Benefits $0.05 2 1000 1000 0% 0% 0% 10% 30%
Preauthorization $0.03 2 0% 0% 30% 50% 70%
Remittance Advice, Claims & Claim Status $0.05 2 1000 1000 0% 0% 5% 15% 35%
Average Monthly Subscription $4,000 $28 $11,000 $9,500
Max Monthly Subscription $10,000 $28 $15,000 $10,000
Projected Revenue for Core Services $0 $500,000 $1,250,000 $4,750,000 $9,250,000
Clinical Data Exchange 0% 30% 70% 90% 90%
MU objectives – Stage 1 0% 30% 50% 70% 90%
MU objectives – Stage 2 0% 10% 30% 50% 70%
MU objectives – Stage 3 0% 0% 15% 50% 90%
Average Monthly Subscription – All Core Service $600 $25
Max Subscription for all Clinical Services $1,000 $25
Projected Revenue for Clinical Data Exchange $0 $0 $500,000 $750,000 $1,000,000
Other Services
Consumer PHR integration
Integration with OHIP’s preferred EHR vendors
Total Projected HIE Revenue $0 $500,000 $1,750,000 $5,500,000 $10,250,000
*Monthly Charge – Per Acute Care Facility is a Sliding Fee Scale based upon Annual Inpatient Discharges (Annual Inp Disch * $) / month
**Monthly Charge – Per Payor Organization could also implement a Sliding Fee Scale
S ‐ 94
1.6 TECHNICAL INFRASTRUCTURE
Prior to the formation of OHIP, stakeholders were engaged in discussions regarding a desired technical
model to support a statewide HIE to support meaningful use and the state’s data exchange priorities.
During this period, representatives of the healthcare industry consulted with industry experts who
noted the immaturity of the HIE vendor market, a blending of traditional EHR vendors and HIE vendors
in this space and the need for a vendor who could support the range and capacity of a substantial
statewide HIE network. In August 2009, a vendor forum was held to share thoughts about strategic
direction and to elicit input from vendors active in the HIE market.
Given OHIP’s strategic direction, the infancy of the HIE vendor marketplace and the rapid evolution of
standards, OHIP stakeholders concurred that the technical model must be sustainable yet fluid and
easily adaptable to change. This will require a comprehensive, technically advanced infrastructure
designed for the future yet well‐grounded in privacy and security safeguards.
1.6.1 REQUEST FOR INFORMATION57
In January 2010, OHIP’s HIE Committee issued an HIE RFI58 to potential vendors. The purpose of the RFI
was to identify a pool of full service HIE vendors who have the “breadth, depth and width” to support a
statewide HIE to participate in an RFP process. OHIP was fortunate to receive several outstanding
responses to the RFI from a variety of vendors in the HIE market.
Each vendor’s response was evaluated on five core axes by a subset of the HIE Committee who have
extensive experience in the healthcare industry and HIT. These axes included technical, product/service,
financial and organizational viability, as well as the clarity, quality and completeness of the response.
Certain vendors were eliminated from further consideration after evaluation of their initial responses
and the remaining vendors were asked to provide additional information to clarify their initial
responses. The responses of the remaining vendors were then re‐evaluated, taking into consideration
the additional information provided by each vendor.
57 See Appendix P, Amendment #9 58 See Appendix H, OHIP HIE RFI
S ‐ 95
The RFI was concluded in March 2010 and resulted in the identification of eight vendors who will be
invited to participate in an RFP process:
ACS Healthcare
CSC
GE Healthcare
HealthBridge
Medicity
MedPlus
Microsoft
Thomson Reuters
OHIP intended to be further along in its procurement process so it could inform its strategic and
operation plans; however, due to the plans’ tight deadlines, the HIE Committee decided to postpone
releasing the RFP until September 2010. The process of creating the RFP proved a challenging but
worthwhile effort for committee members. Unlike EHR procurements, there is little precedence in the
market place for this type of procurement, and many of the HIE RFI or RFP documents publicly available
preceded ARRA or further ONC clarifications about state‐designated service priorities and national
standards initiatives. The process, however, allowed committee members to focus on key emerging
drivers which may not have been apparent in earlier procurement efforts. There also was significant
legal counsel input and oversight to ensure consistency and compliance with all regulatory requirements
pertaining to statewide HIEs. OHIP is currently in the final stages of its RFP process and will recommend
a final vendor to OHIP’s board in January for implementation of core services beginning June 2011.
1.6.2 TECHNOLOGY DEVELOPMENT PRINCIPLES
1.6.2.1 INTEROPERABILITY
Due to the rapid, co‐occurring evolution of standards and
the recent adoption of the Standards and Certification Final
rule, OHIP recognizes that, while comprehensive
interoperability is the goal, the process to achieve this will
S ‐ 96
require incremental steps. These steps will require working with providers and vendors to understand
requirements, how to achieve certification and to provide ongoing clarity around specific data exchange
uses in Ohio.
STANDARDS‐BASED, INCREMENTAL INTEROPERABILITY
Despite these challenges, OHIP is committed to a technical model that will support all federally
endorsed standards and integration protocols for each respective architectural layer (data vocabularies,
messaging, privacy and security protocols, NHIN transport protocols, etc.) and will allow providers to
incrementally progress from basic data exchange to full integration capability with their EHR. Where
standards are not final or fully adopted, OHIP will encourage the use of industry best practices or a
multi‐state collaborative approach while supporting exchange standards necessary for state or other
federal regulatory compliance. To assist providers, vendors and others in understanding the full scope of
regulatory, certification or best practice compliance in Ohio, OHIP has outlined these requirements in a
“living” document included in Appendix A.
DEVICE NEUTRAL, SINGLE ACCESS METHODOLOGY
To the extent possible, the technology model will support a device‐independent, singular approach to
access for HIE participants. Examples of this approach include single sign‐on integration with existing
HIEs, central web portal access and centralized patient insurance eligibility verification via desktop,
laptop, other mobile devices, EHR integration, fax, email messaging, etc.
PEER‐TO‐PEER CONNECTIVITY
Any entity that meets the criteria established would be able to connect to the statewide HIE. Entities
may include providers, community‐based HIEs, payors, consumers, pharmacies, state agencies,
registries, hospitals, long‐term care facilities, labs, and other ancillary providers who can serve as both a
provider and consumer of services.
S ‐ 97
1.6.2.2 TECHNICAL APPROACH
As with interoperability, OHIP’s technical approach will have to be flexible to accommodate a rapidly
growing market that will continue to change and evolve. With the full scope of HIE capabilities still in
their infancy and simultaneous NHIN protocol development,
the technical approach has to be able to incorporate new
features, standards and abilities that may not have been
identified during the HIE’s creation. This will require a fluid and
scalable approach that restrains itself from an excess of
proprietary systems. The HIE must also be able to connect with
other exchanges on a level where trust agreements are applied and access issues are understood. In
addition, OHIP is pursuing a “full service” HIE vendor where a thin layer of management is retained
within OHIP, but the majority of service and support for the HIE infrastructure lies with the selected
vendor who has overarching responsibility and expertise in managing the infrastructure.
STRONG TECHNICAL SUPPORT FOR PROGRESSIVE TRUST AGREEMENT MODEL
The HIE will initially support primary uses for data exchange and progress to secondary use for
authorized and non‐competitive purposes only if the latter provides clear benefit to participants through
effective and efficient streamlining of data reporting. To the extent possible, the technical infrastructure
will support protocols necessary to authorize and authenticate appropriate use of progressive data
exchange through the statewide HIE based on OHIP’s data trust agreement model. OHIP intends to use
the NHIN DURSA as a framework for developing its trust agreements.
VENDOR NEUTRALITY
The technical model should provide standards‐based connectivity to the maximum number of certified
EHR systems as possible to leverage existing provider investments.
PRIORITY‐BASED SCALABILITY
The technical infrastructure must have the capacity to provide statewide support for OHIP’s highest
service priorities while allowing for feasible expansion of services and deployment to additional entities
in a scalable manner with consideration of the incremental technical, financial and operational
S ‐ 98
implications. OHIP’s priorities will be consistent with the state’s healthcare quality objectives, federal
meaningful use requirements and requirements for financial sustainability.
FULL SERVICE SOLUTION WITH TRANSITION CAPABILITY
OHIP seeks to engage a single HIE service provider who has the capacity and ability to manage all
aspects of the statewide HIE operation including staffing, hosting, training, implementation, support,
software and all related sub‐components of the operation. The full service provider must disclose and
manage all sub‐sourcing arrangements and should have the ability to transition certain functions back to
OHIP over time as an effective means to control operational costs.
1.6.2.3 TECHNICAL ARCHITECTURE
Based on OHIP’s HIE RFI responses and materials from the
State Level Health Information Exchange (SLHIE) group,
OHIP identified specific features vital to an effective and
sustainable HIE. One such feature is the ability of the HIE to
adapt quickly to inevitable changes in the healthcare
environment. The landscape is an ever‐shifting field of
standards that the infrastructure must adapt to in order to remain a viable resource.
HIGHLY ADAPTABLE INFRASTRUCTURE
The technical model will provide for a flexible infrastructure that can quickly and easily support rapidly
changing data exchange standards, security and privacy protocols, financing, policy and regulatory
healthcare environment.
HYBRID MODEL, SERVICE ORIENTED ARCHITECTURE (SOA)
OHIP endorses a hybrid technical model that supports both distributed data and health record banks
(i.e., patient‐controlled personal health records) using location services for the purposes of identification
and retrieval of information. A distributed model ensures that data is held where it is created, therefore
avoiding negative perceptions and potential privacy and security consequences resulting from storing all
patient information in a large, central HIE repository. This model will support a service‐oriented
approach for connecting disparate technology.
S ‐ 99
ENHANCED PROVIDER SERVICES
The technical solution will offer enhanced service capability to providers as an incentive for HIE
participation, especially for those providers who may not have extensive EHR capability. These services
may include clinical decision support, patient messaging, patient access to health information or other
value added services.
ADVANCED CONSUMER INTEGRATION
The technical infrastructure will support a sophisticated, secure and standards‐based consumer consent
model allowing for direct consumer access, authentication and authorization of health data exchange at
granular levels as well as a standard interface for personal health records (PHR).
ADVANCED DATA AGGREGATION CAPABILITIES
The technical model will use advanced solutions to extract, normalize, aggregate and de‐identify data
from various sources in a manner that significantly streamlines the current provider data reporting
requirements for population health purposes and minimizes duplication, error and potential for data
misuse. This includes integration of clinical data with large data sources such as MITS.
1.6.2.4 HIE FLOW CHART59
OHIP intends to follow emerging industry standards to support its core service model. This includes
deploying technology that supports a two‐tier authentication model, allowing for the authentication of
participating entities at the OHIP level and delegation of provisioning, identify proofing and
credentialing of end‐users at the entity level. Although core service interoperability standards are not
defined in the Standards and Certification Final Rule, it is OHIP’s desire to implement standards
consistent with NHIN, IHE and HITSP capabilities as well as emerging consumer preference protocols.
A schematic of OHIP’s authentication and patient query flow is provided on the next page. Further
details will be provided upon selection of an HIE vendor.
59 See Appendix P, Amendment #10
S ‐ 100
1.7 BUSINESS AND TECHNICAL OPERATIONS
1.7.1 IMPLEMENTATION
As described under the Proposed HIE Model section (S‐34)of the strategic plan, OHIP intends to
implement the statewide HIE in phases. A “pre‐phase” is necessary to build the core components of the
statewide HIE. The first service phase will focus on Stage 1 meaningful use requirements and OHIP’s
sustainability model. The second phase will target expanded core services, Stage 2 meaningful use,
advanced reporting capabilities and national protocol development. The final phase will support Stage 3
meaningful use, expanded administrative transaction support, integration with Medicaid, other state
agencies, payors, employers and consumers. Table 5 describes the specific services in each phase.
S ‐ 101
Table 5 Proposed Core Infrastructure Services Implementation Model
Core Service Description Implementation
Phase
Discovery/
Location Services
Provide discovery/location services of sufficient granularity to identify
where patient data exists among trusted exchange partners including
but not limited to:
Master Patient Index (MPI)
Master Entity Index (MEI) – To include licensed service providers
such as providers, hospitals, payors, pharmacies, labs, etc.
Record Locator Service (RLS)
Pre‐Phase Core
Support
Trust Enablement
Services
Provide services and mechanisms to garner trust among HIE
participants including:
Secure data exchange
Compliance with federal and state regulations
Ensuring appropriate data use
Reliable authentication of users and articulation
Adequate audit controls
Enforcement of consumer privacy preferences
Pre‐Phase Core
Support
Support for MU
objectives with
direct HIE
implications –
Stage 1
Provide support for Stage 1 meaningful use objectives with direct HIE
implications in a manner consistent with the interoperability standards
as mandated by ONC including:
Support of transmission of electronic prescriptions; Most EHR
vendors are supporting this functionality; however, see
“Integration with OHIP’s preferred EHR vendors, Service Phase I”
of this table for more information about OHIP’s proposed
strategy.
Exchange of clinical laboratory and pathology results
Provide summary care record for each transition of care or
referral (at a minimum, in human readable form)
Reporting of required ambulatory quality measures to CMS or
State Medicaid agencies
Transmission of data to immunization registries or to public
health agencies for electronic syndromic surveillance where
possible and accepted.
Service Phase I
Community‐based
web portal and
branding support
Provide support to build branded web portals to encourage HIE
adoption at the community level which would provide connectivity to
the statewide HIE. These portals could be used by trusted providers
who currently do not have EHRs or whose EHRs are not yet fully
interoperable to view permissible patient information.
Service Phase I
Insurance Eligibility
Verification
Offer a centralized, fully integrated service at the statewide level to
support insurance eligibility verification for patients covered under
Medicaid, Medicaid Managed Care Organizations, Medicare and other
third party payors. This integration service would support real‐time or
Service Phase I
S ‐ 102
Core Service Description Implementation
Phase
batch eligibility inquiry and response transactions meeting federally
endorsed standards and CAQH Committee on Operating Rules for
Information Exchange (CORE) Phase I requirements with the goal of
migration to Phase II requirements as recommended by Ohio’s
advisory committee on eligibility60
Integration with
OHIP’s preferred
EHR vendors
Integrate with OHIP’s preferred EHR vendor solutions using federally
endorsed standards for clinical and administrative data exchange.
Since these vendors must support electronic prescription capability
and meet Ohio’s Board of Pharmacy requirements, use of OHIP’s
preferred vendor solutions will encourage adoption and use of
ePrescription in Ohio.
Service Phase I
Centralized mailing
address verification
service
Providers currently pay a significant amount for services required to
resolve bad mailing address information. OHIP proposes to offer this
type of service at the statewide level to provide economies of scale to
reduce costs associated with these services
Service Phase I
Support for MU
objectives with HIE
Implications –
Stage 2
Expand support for the clinical exchange of data among HIE
participants in a manner consistent with the interoperability
standards as mandated by the ONC. These standards are yet to be
defined.
Service Phase II
Integration with
state level and
other registries
Integrate state level and other registries for additional public health
assessment, newborn screenings, vital statistics, cancer or other
priority disease, injury or adverse health conditions.
Service Phase II
Advanced data
aggregation and
reporting tools
Provide advanced data aggregation and reporting tools for the
purposes of significantly streamlining and reducing current provider
and other stakeholder reporting burden to government or other
oversight entities such that significant savings is realized by the
healthcare system in Ohio. Examples of reporting services include:
Other quality reporting requirements and quality gap
notifications not included in Stage 1 meaningful use objectives
Population health and related oversight reporting requirements
Service Phase II
National standards
and protocol
development
Support the development of emerging national protocols to provide
for the exchange of data across state borders, nationally and with
federal agencies. This includes participation and support for the
evolving umbrella of NHIN components such as NHIN exchange, NHIN
Direct, NHIN governance models and related open source software
support.
Service Phase II
Support for MU
objectives with HIE
implications –
Stage 3
Expand support for the clinical exchange of data among HIE
participants in a manner consistent with the interoperability standards
as mandated by the ONC. These standards are yet to be defined.
Service Phase III
60 See Appendix A, Reference # S5
S ‐ 103
Core Service Description Implementation
Phase
Other centralized
administrative
transaction
support
Offer a centralized, fully integrated service at the statewide level to
support real‐time and batch transactions for the purposes of
streamlining coordination of benefits, referrals, pre‐authorization,
certification, pharmacy benefits, claim adjudication, remittance advice,
and claim status verification processes in a manner consistent with the
standards mandated by ONC.
Service Phase III
Expanded
integration with
Medicaid and
other State
agencies
Integrate Medicaid and other state agency systems into the health
information exchange to streamline access to claims or other
information and to receive information in a more streamlined manner
from providers and other stakeholders.
Service Phase III
Additional
payor/employer
data exchange
services
Support for the exchange of additional information to/from payors and
employers such as:
Real‐time exchange of updated eligibility and benefits data
directly from employers to payors
Integration of employer‐sponsored health screening information
and other medical services provided by employers
Exchange of cost data to providers/patients at the point of
service so alternatives can be fully considered.
Phase III
Consumer PHR
integration
Expand support for direct patient or provider services such as personal
health record integration, patient messaging, patient access to health
information or other value added services.
Phase III
1.7.2 PROJECT MANAGEMENT
Inclusion of key stakeholders and careful coordination among the state’s Medicaid and other related
health agencies are viewed as essential components to OHIP’s project management strategy for
implementation of a statewide HIE. To this end, the project management approach will be to provide
linkage to three main entities: The OHIP governance board, the HCCQC and the SSIC as outlined in
Diagram 7.
S ‐ 104
Diagram 8 Project Management Coordination
Currently, OHIP’s project management team is comprised of three project managers who are
accountable to the President/CEO and OHIP Board as noted in Diagram 8 below.
One project manager, with guidance from the President/CEO, will be responsible for the leadership of
the HIE project. Receiving recommendations from the OHIP Board, the project manager will identify key
performance indicators, steps and goals involved in completing the creation of the statewide HIE. To
track project progress, the project manager will utilize project management software to ensure proper
reporting and continuity of operations. While the project manager is required to track the progress of
the entire project, efforts to execute the technical infrastructure and business services implementation
will take top priority. The governance board will be required to focus on broader, non‐technical issues
surrounding finance, governance, legal and policy. They will then report to the project manager.
Based upon prescribed periods or the completion of key milestones, it is also the responsibility of the
HIE project manager to create and present progress reports for the board. The OHIP communications
team will then receive these reports and disseminate them to its respective constituents.
OHIP’s REC is led by a separate project manager; however, both the HIE and REC project managers will
closely align their efforts through their respective committees and the OHIP Board. A third project
manager will assist primarily with REC facilitation and communication efforts, but will also provide
linkage to HIE efforts.
S ‐ 105
Diagram 9 Project Management Reporting Structure
Key roles and responsibilities for the dedicated project management team include:
Establish project scope, key milestones and related deadlines.
Create and manage the project work plan to meet required milestones and produce necessary
deliverables. Identify and report project risks and delays to OHIP leadership.
Create and/or refine project organizational structure. Coordinate leadership, schedules and
primary activities of the project stakeholder teams. Recommend adjustments of team members
to include the necessary content expertise to execute tasks defined in the plan.
Oversee HIE vendor procurement activities, such as establishing selection and evaluation
criteria, conducting vendor forums, developing requests for information/requests for proposals
templates and related documents.
Align HIE technical and business service implementation tasks with leadership direction
regarding RECs, finance, governance, legal and policy work.
Establish routine communication protocols with OHIP leadership, stakeholder teams and the
wider community regarding the status of the project and completion of major milestones. Use
of project management software and a collaboration portal will be central to the
communication approach among stakeholder participants.
Coordinate issue identification and resolution activities between OHIP leadership and
stakeholder teams.
S ‐ 106
1.8 LEGAL/POLICY61
1.8.1 PRIVACY AND SECURITY
FOUNDATIONAL WORK COMPLETED BY HISPC
Ohio was one of 42 states that participated in the HISPC62. The project was active from June 2006
through July 2009. The HISPC project examined a myriad of issues related to privacy and security
challenges relative to the electronic exchange of health information. HISPC Phase I required assessment
of state law and business policies that affect HIE and proposal of practical solutions, taking into account
the requirements of state and federal law.
For Phases II and III of the project, Ohio chose to investigate the use of several legal policy options to
facilitate exchange across state lines. The work product from Ohio’s participation in HISPC, as
summarized below, has served as a starting point for further development of the privacy and security
framework for operating a statewide HIE in Ohio through OHIP.
HISPC Phase I required Ohio to identify variations in Ohio law as compared to federal law that affect HIE
as applied to the specific scenarios presented by HHS. Ohio’s final report outlines the variations
discovered and concludes, for the most part, that there are no legal barriers in the sense that covered
entities must apply both federal and state law, or whichever law is more stringent, in order to use or
disclose or exchange health information. The HISPC report does not address the merits of trying to
update state law to be more conducive to privacy, security or exchange concerns. The HISPC Legal Work
Group identified that Ohio has consent requirements for not only specially protected information such
as HIV/AIDS, mental health, and drug abuse and alcohol records, but also for treatment, payment and
healthcare operations as evidenced by Ohio case law interpreting the statutory physician/patient
privilege (ORC, 2317.02(B)). The HISPC Legal Work Group produced a two‐part model permission form
that complied with state and federal requirements for use, disclosure and exchange of information as of
December 2007.
OHIP will use the HISPC Phase I findings to determine whether to recommend changes to state law or to
recommend that the healthcare industry implement uniform consent processes and/or policies and
61 See Appendix P, Amendment #11
62 See Appendix A, Reference # R16
S ‐ 107
procedures that comply with both Ohio and federal law as synthesized in the model permission form.
The HISPC Model Permission Consent Form63 reconciles state and federal law into a document with two
forms. One form applies to uses of protected health information (PHI) for purposes of treatment,
payment and healthcare operations [TPO]. This is a baseline form that demonstrates the baseline
consent needed by each person whose PHI is put into the HIE. The second form is a Health Information
Portability & Accountability Act (HIPAA64) compliant authorization for use and disclosure of PHI for non‐
TPO purposes. Both forms include all state and federal requirements for a legally effective permission to
use and disclose PHI.
OHIP PRIVACY AND POLICY COMMITTEE
The OHIP Privacy and Policy Committee held its kick off meeting on September 1, 2010 and has
continued to meet twice a month to address the privacy and policy deliverables identified in the OHIP
State Plan. The committee’s charter is to address the eight principles articulated in the HHS Privacy and
Security Framework for Electronic Exchange of Individually Identifiable Health Information65. These
principles are:
Individual access;
Correction;
Openness and transparency;
Individual choice;
Collection, use and disclosure limitation;
Data quality and integrity;
Safeguards; and
Accountability
The committee is comprised of Ohio stakeholders representing providers, practice managers, hospitals,
Medicaid, and osteopathic and allopathic associations66. It was determined after the first two meetings
that given the complexity of Ohio case and statutory law related to privacy and the background of the
committee’s membership that the best direction for the committee would be to focus its efforts on
63 See Appendix J, Ohio HISPC Model Permission Consent Form 64 See Appendix A, Reference #R12 65 See Appendix A, Reference #S15 66 See Appendix N, Privacy and Policy Committee Members
S ‐ 108
privacy and policy aspects of HIE. The OHIP HIE Committee would then assume the role of providing
guidance on any technical security components needed for the HIE. The Privacy Committee reports to
the HIE Committee to ensure that the privacy and security policies are developed in tandem and the
work of both committees is then presented to the full OHIP Board on a monthly basis.
The Privacy and Policy Committee has committed to addressing the following issues:
Updating the legal citations and model consent forms as necessary. The Committee will also
assess whether the consent requirements can be reasonably adopted in electronic form or
whether a blanket consent process, such as opt‐in or opt‐out, is preferred or sufficient.
Ways to promote and implement the model permission forms as a standard document and
procedure for obtaining patient consent or authorization to exchange health information by all
types of entities.
Additional clarification from the Office for Civil Rights as to whether the use of the forms in
combination would be considered a compound authorization in violation of HIPAA.
Many healthcare entities may be operating on the assumption that consent for TPO is not an
Ohio requirement. If so, significant education is required to change practice patterns and update
processes (paper and electronic systems to obtain consent). The committee will suggest ways to
facilitate education of healthcare entities about State and federal consent requirements.
Reviewing the work accomplished by HISPC Phase II and II resulting in an assessment of four
policy options that could be used to facilitate interstate exchange: interstate compact, uniform
law, model act and choice of law. The HISPC Legal Work Group recommended use of the
interstate compact as the most viable of the four options to legally exchange information across
state lines. This HISPC basic research remains valid; however, in order to implement use of an
interstate compact, OHIP would need to develop an implementation plan and timeframe. The
Committee will continue to evaluate the appropriate and legal exchange of information across
state lines and whether the interstate compact is the most viable alternative. Reviewing the
DURSA to determine how, or if, it aligns with Ohio consent requirements. The Committee will
further determine how the DURSA might be used, as is or amended, to facilitate exchange and
enforce privacy standards until other legal enforcement mechanisms can be determined.
1.8.2 STATE LAWS
S ‐ 109
The analysis of state laws is an ongoing process. The Privacy and Policy Committee has reviewed the
work already performed by the HISPC Legal Work Group and confirmed the various state law
requirements that influence privacy and security. The regulatory requirements contained in Appendix A
(Health IT Regulatory, Certification and Other Standards) have been updated accordingly.67
The Committee has also reviewed Ohio’s physician/patient privilege law and how it has been
interpreted by Ohio courts to require consent for any use of a person’s health information subject to a
few exceptions that are found within the physician/patient privilege statute or other statutes. This
information is driving the Committee’s recommendation as to how to obtain the required consent and
whether the HIE will be an opt‐in or opt‐out program. This Committee is also address out‐of‐state
disclosures and the consent requirements for out‐of‐state disclosures.
1.8.3 POLICIES AND PROCEDURES
The Privacy and Policy Committee will develop policies and procedures necessary to enable and
promote HIE within the state and with other states, including policies and procedures addressing:
Data governance and use among HIE participants including compliance with state regulations
and alignment with NHIN governance/DURSA;
Privacy and security processes including privacy policies, user authentication, user authorization
and network security methods. This would also include policy, technical and administrative
layers such as license management, accounting, billing or other management controls. Policies
will be consensus‐based and evaluated for appropriate use in the context of clinical or
administrative exchange and ePrescribing initiatives;
User support processes related to privacy and security including access management, education,
help desk, and others to assist users; and
Development to enable and promote information exchange within Ohio and between states.
The Privacy and Policy Committee adopted a four‐phase approach to develop the policies and
procedures for the statewide HIE related to privacy. The first phase included a review of the work of a
previous Ohio legal work group created to address privacy concerns as part of the national Health
Information Security and Privacy Collaboration (HISPC). As well as a review of Ohio law, consent models
67 See Appendix P, Amendment #15
S ‐ 110
of other states, publications from the Office of Civil Rights and publications from the Department of
Health and Human Services’ (HHS) Office of the National Coordinator (ONC).
During the second phase the committee compiled all of this research and drafted the recommendations
for standardized consent policies and procedures found in this document. The third phase of the
committee’s work will include soliciting stakeholder feedback on the policies presented in this
document, making revisions as necessary and presenting the revised recommendations to the OHIP
board for final approval. During this stage, the committee will work to address any items that were not
included in the original recommendations. The final, fourth stage of the Committee’s work will include
the creation of a comprehensive policy and procedure manual that will include the required Participant
Agreements, Business Associate Agreements and Trust Agreements for the Statewide HIE.
The work conducted thus far and planned for the future is itemized in the following table. A more
detailed description of the research conducted for the first phase follows the chart.
Phase I 9/1/10‐ 10/20/10
Review HISPC work
Update model permission form created by HISPC Legal Work Group
Review ONC Privacy Directives
Review Ohio statutes and rules related to medical record privacy
Review Ohio Case Law
Research other State consent models
Phase II 10/20/10‐12/10/10
Draft summary of items reviewed in Phase I and recommendations for standardized consent policies and procedures
Review recommendations at December 1st Committee meeting
Present research and recommendations white paper to OHIP Board on Dec 10th
Phase III 12/10/10‐ 3/2/11
Solicit stakeholder feedback on recommended consent policies and procedures
Adjust the recommendations if needed and resubmit to OHIP board
Address items not included in original recommendations including sensitive health information and minors
Phase IV 3/2/11‐ 5/25/11
Final Policy and Procedures Manual approved by OHIP Board
Final Participant Agreements, Business Associate Agreements, and Technical Certificate Agreements approved by OHIP Board
1.8.4 TRUST AGREEMENT
S ‐ 111
OHIP plans to develop and circulate a model agreement among stakeholders. This agreement will serve
as the trust agreement among the participants in OHIP, establishing common agreement on use of the
statewide HIE, such as:
Permitted and prohibited uses;
Cooperation among HIE users;
Limitations on future use of data received via the statewide HIE;
Minimum privacy and security protections that participants must have in place before using the
statewide HIE; and
Related issues (the OHIP Trust Agreement), which will be signed by OHIP and each individual
participant.
The model OHIP Trust Agreement is currently under development.
Rather than developing the OHIP Trust Agreement de novo, OHIP plans to model its Trust Agreement on
the DURSA, which is a comprehensive, multi‐party trust agreement establishing common rights and
responsibilities among signatories participating in an HIE. The DURSA will govern the exchange of health
information through the NHIN or other similar protocols recommended by ONC and will support the
secure, interoperable exchange of health data between and among the many HIEs nationwide. All HIEs,
public and private, wishing to participate in the NHIN will be required to sign the DURSA, including OHIP.
The DURSA requires that a similar trust agreement consistent with the DURSA must be signed by all
Ohio users of the statewide HIE, which will be the OHIP Trust Agreement. The DURSA requires that the
OHIP Trust Agreement address, at a minimum, compliance with applicable law, cooperation with other
HIEs, requirements to use the NHIN for only permitted purposes, limitations on future use of data
through the NHIN, and security measures regarding password protection. As indicated above, OHIP
plans to develop policies and procedures that are compatible and/ or consistent with the governance
and policy framework developed by NHIN or other similar protocols recommended by ONC and
documented within the DURSA. Entities wishing to participate in the statewide HIE may need to modify
policies and procedures for authorization, authentication, access, audits, and other issues to conform to
required standards to access the statewide HIE.
OHIP plans to have a draft model OHIP Trust Agreement ready for circulation among its stakeholders in
first quarter 2011. After the final model OHIP Trust Agreement is approved, OHIP may adapt the
agreement to accommodate the various desired connectivity levels of HIE participants (e.g., centralized
S ‐ 112
versus federated publishers). These participant type‐specific versions will then be circulated for final
approval. OHIP plans to have participant‐type‐specific versions of its OHIP Trust Agreement approved
and ready for signing by OHIP and participants by the end of second quarter 2011.
1.8.5 OVERSIGHT OF INFORMATION EXCHANGE AND ENFORCEMENT
Oversight of the OHIP exchange of health information will be provided through a variety of channels.
Ohio has several laws that together comprise a comprehensive body of law that govern the use and
exchange of health information and privacy protections afforded to individuals in their health
information68. In addition, HIPAA establishes the federal floor for privacy and security protection of an
individual's PHI. The Ohio laws will be enforced by the Ohio Attorney General's office, which also has
authority under the new privacy updates to HIPAA in ARRA to file HIPAA enforcement actions on behalf
of the people of their state.
Day‐to‐day oversight of OHIP's HIE activities will be provided by OHIP’s leadership staff with guidance
from OHIP’s Executive Committee, which includes representatives of major stakeholders such as the
OHA, OSMA, OOA, the State of Ohio and BioOhio. Strategic guidance will be provided by OHIP’s Board
of Directors, as discussed in the Governance Section of the strategic plan.
OHIP staff will implement the policies and procedures identified in the forthcoming recommendations
from the Privacy and Policy Committee. With the assistance of OHIP’s legal counsel, the committee will
develop a Participation Agreement and Business Associate Agreement that will ensure all participants in
the statewide HIE agree to adhere to the policies and procedures. OHIP staff will coordinate the
execution and storage of all the required agreements and investigate any breaches, complaints and non‐
compliance with the published policies and procedures. System audit logs will be created and
maintained for all events within the HIE. Utilizing HITSP constructs SC109, T15, T16 and T17 the HIE will
preserve a consistent network time and record event data according to recognized standards.
The contractual language of the participant agreements will include periodic audits that will be
conducted by an outside vendor. The final version of these agreements and the Policy and Procedure
manual will be made available through the OHIP website and the OHIP help desk will answer questions
about the policies and procedures.
68 See Appendix A, all regulatory references
S ‐ 113
1.8.6 CONSENT TOOLKIT AND EDUCATIONAL CAMPAIGN
In October, OHIP hired a Communications Director who has joined the Privacy and Policy Committee.
She will coordinate the efforts of communicating OHIP’s privacy strategy and plan to the provider
community. The committee will work with the new director to develop an educational toolkit and
campaign to share the policies, procedures and model forms with the provider community. The
Communications Director will act as the liaison between the Privacy and Policy Committee and OHIP’s
seven regional partners to develop and implement this campaign. The Physician Association’s Advisory
Council members will serve as a review for materials in development. The toolkit will be developed in
December and the kick off will be held in January. Communications vehicles will include newsletters,
email blasts, press releases, statewide media calls, a prominent presence on the OHIP website,
distribution of printed materials through the RECs, at health community and association events, and
during workshops planned for March 2011.
1.8.7 SECURING HEALTH DATA
OHIP’s HIE Committee is charged with ensuring the technical infrastructure supports the policies
developed by the Privacy and Policy Committee and complies with the security requirements mandated
by law in accordance with emerging industry standards. Transmission of data will be protected with
message layer security and transport layer security. The messages transported over the HIE will be
encrypted and sent using FIPS 140‐2 standards to ensure that even if a message fails to be sent securely,
the message will be secure.
USER AUTHENTICATION
A two factor authentication will be required for a user to gain access to the HIE.
USER AUTHORIZATION
The HIE architecture will be designed so that a hospital or physician’s office can assign a hierarchy to the
type of patient information that different business roles in their organization are allowed to view. Users
S ‐ 114
will only be able to view patient information that corresponds with the business need of their roles in
the organization.
O ‐ 1
2 OPERATIONAL PLAN
2.1 INTRODUCTION TO OPERATIONAL PLAN
OHIP’s Operational Plan provides supporting details on how the Strategic Plan will be carried forward
and executed to enable a statewide HIE. It includes specific action steps for development and
deployment of core HIE services including an extensive procurement process, projected budget
information as well as necessary stakeholder engagement work through OHIP’s committee structure to
reach consensus on operational issues.
Since OHIP’s procurement process is in progress, the final selection of an HIE vendor, projected during
Fall Quarter 2010, will be essential to informing further details of this plan.
2.1.1 PROJECT PLAN
OHIP’s HIE Project Plan69 outlines current and future key tasks for development of a statewide HIE and
related timeframes necessary to meet the requirements of OHIP’s federal grant in the following areas:
Administrative tasks (e.g., staffing)
Office of National Coordinator (ONC)/Grants Management Office Coordination
Stakeholder Engagement
Procurement Process
HIE Implementation Planning
HIE Phased Go‐Live Plans
2.1.2 RISKS AND MITIGATION STRATEGY
Workgroup issues will continue to evolve as development of the statewide HIE occurs; however, key
issues identified by Board and OHIP Committee Members to‐date are noted in Table 6:
69 See Appendix I, OHIP HIE Project Plan and Appendix P, Amendment #12
O ‐ 2
Table 6 Projected Risks and Mitigation Strategies
Risk Mitigation Strategy
Staffing – Supporting a statewide HIE requires a
unique combination of extensive healthcare
industry knowledge, system implementation and
project management experience, detailed
interoperability and technical infrastructure
knowledge as well as excellent communication
skills. The pool of resources with this combination
of experience is limited and in high demand. In
addition, since statewide development is in its
infancy, there is a lack of projected staff
benchmarking statistics available and target dates
for HHS grants for workforce development exceed
HIE target dates.
‐Hiring additional qualified direct staff through stakeholder
references
‐Weighing outsourcing opportunities
‐Requested benchmarking of staffing estimates/roles from
ONC Technical Assistance (TA) Teams
‐Working with the REC Workforce Development Workgroup
to create health IT training programs that will lead to
internship opportunities in the short‐term and to 2 to 4 year
curriculum programs in the long‐term
Sustainability – Significant discussion has occurred
regarding a sustainable financing model for the
HIE. As frequently reported, most stakeholders
concur as to the overall benefit of HIE, but
translating this value to specific stakeholder
groups is more challenging.
‐Implementing an HIE business model that supports clinical
data exchange but is financed through improved
administrative data exchange
‐ Leveraging the potential for administrative efficiency
through improved exchange of data with state agencies such
as Medicaid, the Ohio Department of Health and other
oversight bodies or payors
‐ Monitoring NHIN development to determine where a state
HIE, serving as a “trusted agnostic” can provide value‐added
services complementary to, rather in competition with,
transfer protocol standardization
Provider Adoption – The value of the HIE is
dependent upon the level of provider adoption of
certified EHR solutions at an effective level of
integration
‐Requiring preferred EHR vendors to integrate with the
statewide HIE and to structure payment terms around
provider’s receipt of incentive payment funding
‐Executing a Health IT Loan Program with the State’s Treasury
Office to provide zero‐interest loans through banks to
providers for certified EHR adoption
‐ Leading a Behavioral Health Sub‐Committee to encourage
health IT adoption among that community. Also participating
in an ONC Community of Practice to further efforts for
behavioral health IT adoption given their specific barriers and
issues
Regional Variances – Although Ohio is a densely
populated state with an impressive list of top‐
ranked hospital systems, it is a state that
historically has been regionalized around distinct
metropolitan and rural communities with strong
stakeholder relationships and practice patterns.
There is a wide‐variety of adoption issues specific
‐Developing an HIE model which supports core infrastructure
services, clinical and administrative exchange but encourages
market outreach, education and adoption efforts at the
regional level
‐Leveraging OHIP’s existing regional partnership structure to
assist in adoption efforts
‐Working with future HIE vendor to branded web portals to
O ‐ 3
Risk Mitigation Strategy
to each region including varying degrees of HIT
adoption, competitor issues, significant numbers
of small doctor offices, large pockets of
rural/health shortage areas, broadband and
funding issues.
the HIE to encourage HIE adoption at the local level
Co‐Occurring Medicaid Health IT Initiatives –
Although there is strong desire to integrate the
statewide HIE with the state’s future Medicaid
system (MITS), stakeholders acknowledge that the
implementation of MITS (Phase I: December 2010)
co‐occurs with HIE development and Medicaid
Incentive Payment program planning efforts.
‐Phase I of MITS primarily affects Medicaid’s claim
adjudication functions and not eligibility data; therefore,
Ohio’s Medicaid office has agreed to pursue integration of
eligibility and coordination of benefits information with the
statewide HIE as a first step
‐OHIP staff and Medicaid staff are working closely to align
planning efforts to support the Medicaid Incentive Payment
program
Patient Engagement/Trust Enablement – Patients
must have confidence that data is secure and
being shared appropriately. At the same time, the
potential for HIE to improve patient outcomes and
reduce costs is contingent upon patients’
willingness to share data when necessary.
‐The Privacy and Policy70 Committee will determine the
consumer opt‐in/opt‐out models required to comply with
Ohio law
‐The HIE vendor RFP will require extensive granularity and
advanced technical support for both models as well as
assurance that the vendor is compliant with all necessary
privacy and security requirements
ePrescription Adoption – Due to stringent
requirements for software certification in Ohio
and related clinical qualifications and workflows,
OHIP will need to facilitate methods for broader
adoption.
‐ OHIP has created an71 ePrescription Task Force to address
barriers to adoption that includes representatives from the
BOP, retail chain and independent pharmacies, hospitals,
physicians and the Ohio Pharmacists Association. This task
force is charged with improving the ease of ePrescription use,
aligning software certification requirements and
demonstrating quality improvements such as
avoidance/decrease of adverse drug events
‐ The BOP participated in OHIP’s EHR Preferred Vendor
Program Selection Committee to ensure that all selected
vendors complied with state certification requirements
Project Implementation Risk – Experience shows
that risk management is critical to project
management. Unmanaged or unmitigated risks
are among the primary causes of project failure.
With the complexity of a statewide HIE endeavors,
significant project execution risks will exist.
‐ The HIE vendor and OHIP will use proactive risk
management strategies
‐The HIE vendor and OHIP will identify risks and develop
mitigation strategies and contingency plans to minimize
impact
The HIE vendor and OHIP will monitor identified project risks
to trigger the implementation of risk mitigation strategies
and contingency plans
70 See Appendix P, Amendment #11
71 See Appendix P, Amendment #2
O ‐ 4
2.2 COORDINATION WITH OTHER ARRA PROGRAMS
2.2.1 REGIONAL EXTENSION CENTER
Indicated in the strategic plan, OHIP is in a unique position to coordinate both HIE and REC services
closely, by virtue of having been awarded both grants. Administratively, this coordination will be
accomplished through the following strategies:
Leveraging regional partner relationships – HIE marketing and outreach efforts will be
coordinated through OHIP’s regional partners to encourage awareness and adoption and to
identify issues at the community level. These partnerships allow OHIP to distribute consistent
materials efficiently and receive direct feedback about barriers or concerns at a local level.
Leveraging EHR preferred vendor program – Certified EHR vendors selected as a part of OHIP’s
preferred vendor program have agreed to comply with standards for interoperability with the
statewide HIE in a manner that allows for direct integration both inbound and outbound. In
addition, vendors must demonstrate the ability to support the rapid evolution of standards
without additional customization or extraneous costs to providers.
Leveraging HIE vendor capabilities – The HIE vendor to be selected through OHIP’s procurement
process will be expected to offer automated, incremental, provider‐controlled flexibility to
exchange data consistently with the providers’ capabilities to accept data (e.g., direct interface
into EHR, via web portal, via fax, email or other form of clinical messaging). This will allow
providers at varying levels of IT sophistication to participate in HIE activities necessary to
achieve meaningful use.
2.2.1.1 COORDINATION WITH BEHAVIORAL HEALTH
In Ohio, there is significant stakeholder support to include behavioral health providers in HIE adoption
efforts. There is recognition across the state that supporting these providers is clearly critical to
achieving the state’s healthcare quality goals since the populations they serve currently experience high
rates of co‐morbidity, homelessness and incarceration. However, there is acknowledgement from the
healthcare community that this group of providers faces unique barriers to the adoption of HIT:
O ‐ 5
Behavioral health providers in Ohio have experienced significant cuts in local, state and federal
funding over the past several years and their Medicaid payment rate ceilings have not increased
for a decade.
Non‐physician, behavioral health providers are currently not defined as eligible professionals
under Medicare and Medicaid stimulus incentive payments for EHR adoption and they are not
defined as PPCPs under the REC initiative.
Behavioral health providers often lack IT resources, use specialized software and lack integration
within the larger medical community.
Their IT adoption efforts are hampered by the wide variety of agencies they must report to and
the variance of reporting requirements, including criminal justice systems, local boards, federal
agencies (SAMHSA) and accreditation bodies.
OHIP’s strategies to encourage behavioral health provider participation in the statewide HIE include72:
Creation of Behavioral Health REC Subcommittee – In August 2010, OHIP created a
subcommittee of behavioral health representatives throughout the state to coordinate adoption
efforts among OHIP’s RPs, Board, REC Committee, state agencies and community partners73.
This workgroup is led by one of OHIP’s Board members who has significant experience in
primary care and behavioral health integration and is participating in a statewide telemedicine
initiative led by the ODMH to provide timely child psychiatry services to primary care providers
and family members. One of the workgroup’s first deliverables was a list of important tasks
necessary to achieve their vision.
Creation of Behavioral Health Outreach and Strategy Materials – In November 2010, the
Behavioral Health REC Subcommittee published an educational document outlining its vision,
goals, benefits, barriers and strategies to health IT adoption (see Appendix L). This document
has been shared with RPs, primary care physicians and the behavioral health community to help
raise awareness of the benefits of their inclusion, current barriers to adoption and strategies to
overcome those barriers.
EHR Vendor Analysis – OHIP’s subcommittee is working with the Ohio Council of Behavioral
Health and Family Services Providers to identify EHR vendors who offer solutions that support
Ohio‐specific behavioral health requirements. Using a survey tool distributed by OCBHP in
72 See Appendix P, Amendment #13 73 See Appendix L, Behavioral Health Sub‐Committee Information
O ‐ 6
November, the subcommittee hopes to glean important information about these vendors, such
as their architecture model, types of providers they support, ONC certification status and other
indicators. The subcommittee is also in the process of evaluating use of the Welch Allyn provider
readiness assessment tool for behavioral health providers and the potential use of OHIP’s
preferred EHR vendors in integrated primary care and behavioral health settings.
Participation on ONC Community of Practice – OHIP was asked to participate in a federally led
CoP to address issues with HIT adoption within the behavioral health community, specifically,
efforts to further integration between primary care and behavioral health services.
HITECH Extension for Behavioral Health Services Act of 2010 (H.R. 5040) 74‐ On April 14,
Congressmen Patrick Kennedy (D‐RI) and Tim Murphy (R‐PA) introduced H.R. 5040 to address
the current deficiencies within ARRA about behavioral health. The bill recommends to:
- Amend the current law to make certain providers of addiction treatment and mental
health services eligible for HIT funds that are made available through the ARRA;
- Extend eligibility for Medicaid HIT implementation funds to these providers;
- Extend eligibility for Medicare HIT payment incentives to certain physicians, clinical
psychologists and clinical social workers; certain psychiatric hospitals would also be
included as hospitals eligible to receive Medicare HIT funds;
- Authorize a $15 million grant program, through ONC ; entities eligible to receive grant
funds would include: mental health and substance abuse treatment facilities and certain
psychiatric hospitals
OHIP is closely monitoring the status of this proposed bill, which was spearheaded in part by a vendor
who is active in the Ohio behavioral health market and has been instrumental in raising national
awareness for the need to include behavioral health in HIT initiatives.
2.2.2 COORDINATION WITH MEDICAID, MEDICARE AND FEDERALLY FUNDED, STATE‐BASED
PROGRAMS
As noted in Federally Funded State‐Based Programs section (S‐54) of the strategic plan, the SIC serves as
the primary forum for coordination of Medicaid, Medicare and other federally funded, state‐based
programs with HIT implications. All agencies overseeing health or health benefit programs for the State
74 See Appendix A, Reference # R17
O ‐ 7
of Ohio are members of the SIC and are responsible for coordinating HIT initiatives under their purview
with statewide HIT adoption efforts.
In addition to the SIC, smaller, more focused workgroups have been formed to coordinate specific HIT
activity between OHIP, Ohio Medicaid and ODH, since the latter two state agencies comprise a
significant portion of current HIT activity that must be closely aligned with development of the
statewide HIE.
2.2.3 PARTICIPATION WITH FCDOS AND COORDINATION WITH OTHER STATES
OHIP has combined these two topics from an operational perspective because both efforts will be
related to further development and deployment of national standard frameworks such as NHIN.
In the case of federal care delivery organizations such as the Military Health Service of the Department
of Defense or the Veteran’s Health Administration, the exchange of data with the Virtual Lifetime
Electronic Record (VLER), Armed Forces Health Longitudinal Technology Application (AHLTA) or VistA
(Veterans Affairs Health Information Systems and Technology Architecture) applications will entail
national protocols such as the NHIN gateway or NHIN Direct. OHIP intends to leverage these exchanges
and other emerging national protocols for standardized communication with other state HIEs.
To continue to monitor national framework development, coordinate current and future state
involvement in NHIN activities and disburse educational materials as protocols develop, OHIP is
proposing to create an NHIN Workgroup under its HIE Committee. Their focus will be the application of
national standards frameworks for the purposes of federal care delivery and other state coordination as
they develop.
2.3 GOVERNANCE
A significant portion of OHIP’s governance structure is already in place as noted in the Governance
section of the strategic plan. Moving forward, OHIP’s three‐part strategy to align and engage
stakeholders in key tasks necessary to comply with the requirements of the HIE planning grant includes:
Synchronizing OHIP’s committees with federal and state efforts – Due to the numerous
committees and co‐occurring tasks, OHIP attempted to illustrate how federal, state and OHIP
committees align in Table 7 below. It will be important for OHIP committee members to stay
O ‐ 8
tuned to their sister federal and state committee efforts as they proceed with tasks and
deliverables.
Table 7 Federal, State and OHIP Committee Alignment
Clarifying Responsibilities between OHIP Board/staff and committees – Although specific tasks
and deliverables are noted in the project plan, high‐level responsibilities between board, staff
and OHIP strategic advisory committees are clarified in Diagram 9 on the next page:
Diagram 10 Key Responsibilities of OHIP Board and Advisory Committees
Managing communications across OHIP’s governance structure ‐ The major challenge in terms of
governance is managing communications across the structure. The combination of significant a
O ‐ 9
stakeholder interest, complex topics and rapid deployment deadlines call for timely, clear and
consistent communication. In a perfect world, a large communication staff would keep all
sectors of interest apprised of co‐occurring activities; however, current funding figures do not
allow for a large communications staff. OHIP will need to leverage its leadership and staff efforts
with existing communication channels such as provider associations, RPs, HIT professional
associations and state agency forums to ensure all committees and workgroups are aware of
concurrent efforts.
2.4 FINANCE
OHIP’s cost estimates to support the HIE over the four year grant period, staffing plans, financial
controls and reporting policies are described on the next page.
O ‐ 10
2.5 COST ESTIMATES75
The cost estimates for the implementation and support of the statewide HIE are estimated in Table 8
below:
Table 8 OHIP HIE Budget
Federal Federal Non‐Fed
Personnel Expenses Year 1 Year 2 Year 3 Year 4 Total Match Total
Pres/CEO 100,000 105,000 110,250 315,250 315,250
COO/CTO 364,275 364,275
CFO 75,000 78,750 82,688 236,438 236,438
IT MGR 35,000 36,750 38,588 110,338 17,500 127,838
Acct/Budget Officer 35,000 36,750 38,588 110,338 15,000 125,338
Communications 16,664 50,000 52,500 55,125 174,289 174,289
Admin Ass't 10,000 17,000 17,850 18,743 63,593 31,525 95,118
Project Coordinator 43,750 75,000 78,750 82,688 280,188 280,188
HIE Project Mgr 100,000 105,000 110,250 315,250 63,000 378,250
HIE Implementation Mgr 35,000 70,000 73,500 77,175 255,675 255,675
HIE Implementation Mgr 35,000 70,000 73,500 77,175 255,675 255,675
HIE Coordinator 35,000 70,000 73,500 77,175 255,675 255,675
Admin Ass't 31,525 31,525
Total Personnel 175,414 697,000 731,850 768,445 2,372,709 522,825 2,895,534
Fringe Benefits 63,150 250,920 263,466 276,639 854,175 188,217 1,042,392
Other Operating Expenses
Travel 50,004 50,004 50,004 50,004 200,016 0 200,016
Equipment 300,000 25,000 25,000 25,000 375,000 50,000 425,000
Supplies 40,300 23,600 23,600 23,600 111,100 0 111,100
Contractual 5,087,051 2,013,491 1,828,176 1,731,176 10,659,894 1,149,899 11,809,793
Other 49,645 82,220 82,220 85,220 299,305 195,860 495,165
Total Other 5,527,000 2,194,315 2,009,000 1,915,000 11,645,315 1,395,759 13,041,074
Total Expenses 5,765,564 3,142,235 3,004,316 2,960,084 14,872,199 2,106,801 16,979,000
State Match 782,237 564,025 368,777 391,762 2,106,801
75 See Appendix P, Amendment #14
O ‐ 11
It should be noted that during OHIP’s HIE RFI process, cost estimates were not asked of vendors since
any figures provided would likely be unreliable without further negotiation around scope, volume and
service. Other states who are further along in their procurement efforts indicate there is a wide range in
pricing among HIE vendors making it difficult to estimate costs at this time. However, OHIP has inserted
language in its RFP to more accurately assess the total cost of ownership from a number of perspectives,
including OHIP costs, HIE participant costs, specific service or data exchange costs, integration expenses
and a requirement to balance these numbers against projected revenue under OHIP’s proposed
sustainability model.
2.5.1 STAFFING PLANS
Although specific positions dedicated to HIE development are noted in OHIP’s budget, the reality is that
multiple resources supplement this staffing structure due to OHIP’s dual‐service capacity as both an HIE
and a REC, in‐kind services provided by OHIP’s Executive Committee through their respective
associations and close integration with state agency HIT efforts. This multi‐sourced strategy was a
common structure among states and SDEs during the HIE Leadership Summit held in May 2010.
Table 9 below is a complete list of current and planned staff, a brief job description/role, staffing status
(recruiting, hired, contracted or other) and the number of current and budgeted FTEs. Since OHIP is both
an HIE and REC recipient, the grant under which the position is budgeted is denoted as HIE (H) or REC
(R).
At this time, direct OHIP staff (D) comprises a total of 9 FTEs for HIE and REC support. Contracted, in‐
kind or state staff (O) currently comprise an additional 3.85 FTEs. Two roles, legal counsel and office IT
support, are not listed as they are currently outsourced and are to remain outsourced per OHIP’s
submitted HIE budget.
Despite these resources, staffing remains an important issue for OHIP since the deadlines associated
with the HIE and REC efforts are very tight, many initiatives are co‐occurring, the majority of resources
have other responsibilities and very little precedent exists for benchmarking around a successful staffing
model. Because several of these positions are funded through state or other match funds, not all
positions are counted as ARRA‐created jobs since the latter are limited to positions funded directly by
federal dollars.
O ‐ 12
Table 9 OHIP Staff (Current and Planned)
Position Responsible For Staffing Status
Current
FTEs
D | O
Budget
FTEs
H | R
Positions Supporting both HIE and REC
State HIT
Coordinator
Responsible for federal and state
grant coordination and oversight,
state fiscal oversight, state
interagency and Governor’s office
coordination.
Filled by Chief of
Staff, Ohio
Department of
Insurance
0 1 0 0
President/CEO
Executive level management of OHIP
including stakeholder engagement,
federal/state coordination, strategic
business development, fund‐raising
and sustainable model development,
general oversight of operations and
leadership of senior management
team.
Recruiting; Interim
position filled by
OHIP Executive
Committee
Member 0 1 .5 .5
COO/CTO
Overseeing day‐to‐day operations,
managing deadlines, working with
software vendors, contractors and
federal/state entities,
communication, outreach and
training.
Hired Sept 2010
1 0 .5 .5
IT Manager
Intranet, internet and extranet
SharePoint platform, survey tool and
general office IT support
management
Pending IT service
contract
negotiations 0 0 .5 .5
CFO
All fiscal oversight including
managing in‐kind, federal and state
funds, grant management
compliance, auditing, financial
reporting, payroll, budgeting and
purchasing.
Recruiting: Part‐
time contractor
with federal grant
experience is filling
role through Dec
2011
0 .75 .5 .5
Accounting
Assistant
Daily accounting operations related
to payroll and reporting
Recruiting: Part‐
time contractor is
filling role through
Aug 2010
0 .6 .5 .5
Communication
Director
All marketing, outreach, media and
web‐based communications,
planning and strategy.
Hired Oct 2010
1 0 .5 .5
Project Manager
Assists with coordination of REC and
HIE activities, preferred EHR vendor
program management and other
cross‐coordination services.
Hired July 2010
1 0 l75 .25
O ‐ 13
Position Responsible For Staffing Status
Current
FTEs
D | O
Budget
FTEs
H | R
Administrative
Assistant
Staff and meeting coordination,
managing schedules, travel,
communications, files, facilities and
other general support.
One hired April
2010 1 0 1 1
Positions Supporting HIE
Project Manager,
HIE Services
Project management of health
information exchange activities
including scheduling and
management of sub‐projects,
coordination of stakeholders,
vendors, contractors, federal and
state staff.
One FTE hired
September 2010
1 0 1 0
HIE
Implementation
Managers
Assisting PM for HIE Services with
tasks and deliverables, standards and
protocols management and related
integration services.
To be filled after
vendor selection 0 0 2 0
HIE Coordinator
Assisting HIE participants and
consumers with HIE adoption,
education and support.
Hired October 2010
1 0 1 0
Positions Supporting REC
PM REC Services
Responsible for the daily operation
of the REC including scheduling and
management of sub‐projects,
coordination of vendors and
contractors, gathering of data for and
creation of required reports, etc.
Hired May 2010
1 0 0 1
Implementation
Manager, REC
Services
Responsible for assisting with
oversight and coordination of REC
services. Duties include:
Acts as CRM lead for OHIP and
each of the REC regional
partners by providing
development of data, training
and acting as data administrator
for the CRM project.
Supports the REC Committee
Serves on the EHR RFP Review
Team
Serves in a supportive role on
the HIE Committee
Facilitates staff IT and website
support – both development and
Hired April 2010
1 0 0 1
O ‐ 14
Position Responsible For Staffing Status
Current
FTEs
D | O
Budget
FTEs
H | R
maintenance
Lead, Workforce
Development
Coordinating stakeholders,
community colleges, training
programs, universities, Board of
Regents and other state agencies in
efforts to advance health IT
workforce initiatives.
Role filled by Ohio
Department of
Insurance staff 0 .5 0 0
REC
Administrative
Assistant
Assisting providers with EHR
education and adoption.
Hired Oct 2010
1 0 0 1
Total 9 3.85 8.75 7.25
2.5.2 CONTROLS AND REPORTING
OHIP has established financial policies, procedures and controls to maintain compliance with Generally
Accepted Accounting Principles (GAAP) and all relevant federal Office of Management and Budget
(OMB) circulars. The Board approved a policy and procedure manual and distributed it to employees on
October 5, 2010. A copy of the administrative procedures section from the manual is in Appendix P. In
addition to the procedures outlined below and in the appendix, OHIP has met quarterly with an
independent auditing firm for a review of accounting and financial procedures and activities. OHIP is in
the process of releasing an RFP to contract with an independent accounting firm to provide ongoing
review and consultation about operations.
The Chart of Accounts was structured in accordance with GAAP and was reviewed by an independent
auditing company. The financial and reporting structure mirrors the financial plan and budget created
for OHIP, utilizing QuickBooks software for Non‐Profit Entities. OHIP operates and accounts for its
activities according to OMB Circular A‐122 and Circular A‐13376, which dictate that a CPA firm conducts
an audit and certifies that the appropriate financial policies, procedures and controls are maintained.
There are adequate accounting controls to track both the receipt and expenditure of ARRA funds in the
accounting system.
There is a separation of duties for making payments. Invoices are date stamped and initialed by the
office’s administrative assistant and given to the accounting specialist. The accounting specialist verifies
76 See Appendix A, Reference # R1
O ‐ 15
that there has either been prior authorization as required by procedures approved by OHIP’s Board, or
ensures that invoices are approved and signed by appropriate staff. The Chief Executive Officer (CEO),
the Chief Operating Officer (COO) or the Chief Financial Officer (CFO) must authorize all payments.
Payments are made by check or entered into the accounting system for payment through on‐line
banking services. For disbursement of OHIP funds equal to or less than $5,000, one authorization is
required. For disbursements greater than $5,000 but equal to or less than $20,000, two authorizations
are required. For disbursements greater than $20,000, prior Board approval and two authorizations are
required. Disbursements shall not be intentionally divided into lower increments so as to avoid the
limitations set forth. Invoices that have been processed for payment are stamped as paid and dated.
Monthly bank statements are given to the COO unopened for review. Upon approval, the COO provides
the bank statement to the CFO. The CFO conducts monthly reconciliations by balancing bank statements
with transaction and balance reports from the accounting system.
Quarterly and semi‐annual reports are submitted to the federal government in accordance with the
requirements of the HIE grant award as follows:
ARRA reports: No later than 10 days after the end of the quarter
SF425 Financial Report: No later than 30 days after the end of the quarter
Program Progress Report: Semi‐Annually
SF 269 Financial Report: No later than October 30 of each year
An OHIP Board representative currently functions as the CEO to provide key expertise and ensure that
the financial aspects of the business plan are identified and addressed in order to create a sustainable
operation for the HIE.
2.6 TECHNICAL INFRASTRUCTURE
OHIP’s technical strategy including interoperability approach, relation to national protocol development,
architectural structure and deployment method are described below.
2.6.1 STANDARDS AND CERTIFICATION
As noted in the Strategic Plan, one of OHIP’s primary drivers is aligning with the ongoing development of
national interoperability standards. Although the Health IT Standards and Certification Criteria Final
O ‐ 16
Rule77 is published and will be considered “the source of truth,” OHIP anticipates a need for the
statewide HIE to facilitate adoption of these standards both at the provider and vendor level through
the following strategies:
Building an HIE infrastructure that supports data management and integration services for the
next several years until complete compliance has penetrated the market and the direction of
NHIN and other national protocols are more fully realized. Within this context, OHIP recognizes
that it cannot reasonably support the wide variety of standards in use today, but can facilitate
transition to national standards such that widespread HIE adoption is achievable.
Supporting bi‐directional, structured integration with OHIP’s EHR preferred vendors using ONC‐
promulgated standards.
Remaining active in NHIN protocol development via Ohio stakeholders that are currently
involved with the NHIN exchange, our future HIE vendor and state/federal agency initiatives.
Develop a list of HIT regulatory, certification and other pertinent standards or references 78
applicable to OHIP’s statewide HIE. Due to the rapid rate of change in the regulatory, standards
and certification environment, OHIP decided to refer to each references “source of truth” rather
than repeat them in this plan. This “living” regulatory and standards reference document can
then be used by vendors and other interested parties as a comprehensive resource for
compliance requirements and will continue to be updated as OHIP progresses with its efforts
and as national standards evolve.
At this time, criteria have not been developed at the federal level to certify that HIE networks are
compliant with interoperability, privacy and security standards other than through pre‐ARRA voluntary
certification programs. If a national HIE certification program is adopted, OHIP will seek certification
accordingly.
2.6.1.1 NATIONAL HEALTH INFORMATION NETWORK (NHIN)
Listed as one of OHIP’s primary HIE drivers, there is no doubt that national exchange frameworks such
as NHIN will have a significant impact on OHIP’s technical development strategy. To put this framework
in context, it is important to stay focused on the rationale behind the NHIN and ONC’s call to “develop a
nationwide health information technology infrastructure that allows for the electronic use of exchange
77 See Appendix A, Reference # R11 78 See Appendix A, Health IT Regulatory, Certification or Other Standard References
O ‐ 17
of information and that promotes a more effective marketplace, greater competition (and) increased
consumer choice” among other goals.
As acknowledged during the State HIE Leadership Summit in May 2010, there are varying levels of
understanding about the role NHIN and other national frameworks will play as states progress with their
HIE efforts.
OHIP’S ROLE IN RELATION TO NHIN
Per guidance from the SLHIE Forum and subject matter experts, OHIP sees its role as a complementary
one with NHIN development. Specifically, OHIP can provide the following support:
Providing trust and consent mechanisms to ensure data exchanged using NHIN protocols comply
with state privacy, security, consumer preference and trust agreements of HIE participants.
Facilitating exchange between parties using NHIN protocols by making statewide discovery and
location services available to them that will simplify the process of identifying where patient
data resides and/or where it should be appropriately sent.
Offering mechanisms to deliver data exchanged using NHIN protocols to providers in a manner
consistent with their current level of HIT adoption (e.g., fax, web portal or structured integration
with EHR).
Providing the “highway” for senders of data via NHIN protocols to channel data to multiple
sources at once rather than simply single point‐to‐point (ex., lab, pharmacy and hospital).
Facilitating the ability to aggregate data exchanged beyond state borders for the purpose of
population health management in a secure and de‐identified manner where appropriate.
STRATEGIES FOR NHIN PARTICIPATION AND DEVELOPMENT
OHIP will use a three‐prong strategy for NHIN participation and development:
Continued stakeholder participation in NHIN development – Ohio currently has four participants
in NHIN pilot or production efforts: HealthBridge, HealthLink, the Cleveland Clinic and ODH. The
first three participants have been engaged in NHIN demonstrations since 2008. HealthBridge
and HealthLink are current grantees of the Social Security Administration (SSA) medical evidence
gathering program that will exchange clinical data using NHIN protocols to accelerate the
process of authorization for SSA benefits. HealthBridge is also participating in CARE Health
O ‐ 18
Information Exchange Project (C‐HIEP), which will contribute to the maturation of CMS’
technological and business processes associated with the receipt and management of clinical,
quality information. ODH is participating in an NHIN demonstration with the CDC and other
states.
Formation of OHIP NHIN Workgroup ‐ OHIP is forming a workgroup under the HIE Committee to
focus on NHIN protocol development, statewide tracking of participation in NHIN activities,
border state and federal care delivery exchange. This workgroup will work closely with the
Privacy and Security Committee to align trust agreement and governance efforts with NHIN
governance development. Prior to formation of the workgroup, OHIP has accelerated NHIN
education and outreach through members of the HIE Committee. All members have been
provided SLHIE, NHIN University and NHIN website materials and are routinely invited to
participate in open NHIN webinars.
HIE RFP NHIN Requirements – Vendors participating in OHIP’s HIE procurement process will be
required to demonstrate extensive knowledge of NHIN protocols, related development and
participation in NHIN pilot or limited production efforts.
2.6.2 TECHNICAL ARCHITECTURE
Using the technology development principles described in the Technology Infrastructure section (S‐95)
of the strategic plan, OHIP intends to develop a hybrid model architecture for the statewide HIE. This
structure will use a small set of critical infrastructure components and standards‐based protocols that
will facilitate trusted HIE participants in locating and accessing data at its source. Leaving patient data
where it currently resides in the HIE participants’ clinical systems and related databases provides for
appropriate patient data privacy safeguards and clear accountability for data ownership and
stewardship. Additionally, OHIP’s architecture will leverage national protocols, such as NHIN
specifications, to communicate between states and with federal care delivery organizations.
Although OHIP has narrowed the number of HIE vendors to participate in its RFP process, there is still a
wide range of technical models capable of supporting OHIP’s desired approach. Therefore, it is the HIE
Committee’s preference to be less prescriptive with respect to the technical approach so as not to stifle
alternative innovations and emerging technologies presented during the final stages of procurement.
However, OHIP has attempted to visually describe a desired business model in its Proposed HIE Model
Diagram found in the HIE Development and Adoption section (S‐34) of the strategic plan.
O ‐ 19
2.6.3 TECHNICAL DEPLOYMENT
Given the rapid timeline with which deployment of HIE services must occur, OHIP intends to use the
following strategies to facilitate access to the statewide HIE once a vendor is selected and
implementation tasks are underway:
Integrate with OHIP’s preferred EHR vendors – Providing standards‐based integration with
OHIP’s preferred EHR vendors using structured data that feeds directly in/out of the EHR will
maximize the number of providers interested and capable of using the statewide HIE, especially
targeted PPCPs.
Provide community‐based access to the statewide HIE – For providers without a fully
implemented, certified EHR, OHIP intends to provide web access to the statewide HIE through a
community‐branded portal. Leveraging the RP structure, healthcare communities within these
regions can provide enhanced outreach services to their delivery systems to encourage use and
adoption of the statewide HIE.
Connect to Ohio’s existing HIE networks – There are several active regional, university‐based
and hospital‐based exchange networks in place today in Ohio. Connecting these networks to the
statewide HIE will allow for interconnectivity among the networks and ultimately across state
borders. It also maximizes the number of physicians with access the statewide HIE early in the
implementation cycle.
Sub‐source or link to experienced EDI vendors – There are several electronic data interchange
(EDI) vendors who efficiently support the exchange of administrative data (eligibility, claims,
etc.) today with whom OHIP can contract with to provide rapidly available services at affordable
price points. Some HIE vendors offer this service, others are advancing their ability to directly
integrate with EHRs, while others are partnering with HIE vendors.
2.7 BUSINESS AND TECHNICAL OPERATIONS
2.7.1 CURRENT HIE CAPACITIES
Historically, groups of exchanges within the state have arisen from the need to create regional and
community‐based environments where a high concentration of patients is shared between non‐
affiliated provider settings. In some cases, these regional or community exchanges have reached out to
O ‐ 20
connect to national exchanges (namely, the NHIN) to extend their reach. At least one exchange that
resides on the border has reached out across a tri‐state area to create a regional exchange environment.
These exchanges arose from community partnerships, university affiliations or via large medical centers
within their respective communities with the goals of improving quality, reducing costs and providing
efficient uses of new technology.
2.7.1.1 REGIONAL AND NATIONAL EXCHANGES
Ohio is home to several regional exchanges. – The largest and most active HIE in the state is
HealthBridge. Formed in Cincinnati in 1997, HealthBridge serves a community of over 2,000,000
residents, twenty‐eight (28) hospitals, multiple ancillary centers, twenty (20) federally qualified health
centers (FQHCs) and 5,500 practitioners with their clinical messaging needs. This exchange is currently
sending over 36 million clinical messages per year to physicians in the region from over 95 percent of
the hospitals, three national laboratories and multiple imaging centers. The results and reports that are
exchanged include: laboratory, cardiology, microbiology, pathology, radiology, transcriptions,
registrations, discharge medications, discharge summaries, chart completions, PACS, fetal heart
monitoring results and registries. In addition, HealthBridge supports live connectivity with other HIEs, 20
FQHCs, 15 long‐term care facilities and 10 billing companies. It also successfully interfaced with
electronic health records (EHRs) from 26 vendors including 60 different versions. Furthermore,
HealthBridge exchanges real‐time results with the Indiana Health Information Exchange and HealthLINC,
which created the first multi‐region to exchange results in the nation. HealthBridge is also considered
one of the few HIEs in the country with a sustainable funding model.
Recognizing the sustainability of HealthBridge’s funding model, the Collaborating Communities Health
Information Exchange (CCHIE) chose to collaborate with HealthBridge from its inception. Formed in
2008, CCHIE is the second largest, operational HIE in the state. Currently reaching out to over 50 percent
of the physicians in the Springfield Ohio area, CCHIE is sending over 60,000 laboratory and radiology
results per month from multiple sources. They are also working with several clinics in the Springfield
area that are servicing the underserved as well as the local FQHC.
Another community‐based quality initiative funded in part by the Robert Wood Johnson Foundation is
Better Health Greater Cleveland (BHGC). They are an independent organization dedicated to improving
the health of people in Northeast Ohio living with chronic disease. This alliance is comprised of
O ‐ 21
organizations such as Care Alliance, Cleveland Clinic, Kaiser‐Permanente Ohio, MetroHealth System,
Neighborhood Family Practice, Northeast Ohio Family Health Services, and University Hospitals that
total more than 400 primary care doctors in 45 partner practices. This organization collects quality
metrics electronically from its partners for patients that suffer from hypertension, heart failure and
diabetes with the goal to measure and improve overall outcomes for the region. In 2010, there were
over 90,000 hypertensive patients, 5,000 heart failure patients, and 26,000 diabetic patients tracked and
measured. The results of this effort are positive and continue to improve against national benchmarks.
This results from the focus of the alliance on quality goals, education on best practices, identification of
health disparities, managing transitions in care, and support of EHR adoption to improve care.
2.7.1.2 UNIVERSITY‐BASED HOSPITAL EXCHANGES
Focusing mainly on the underserved in the Dayton area, the HealthLink HIE at Wright State University
was developed in 2001 using federal (HRSA) funds to provide a central data repository for a shared
community health record. Administered through HealthLink, the HIEx™ system currently maintains over
75,000 patient records in the repository that can be accessed by either VPN or public portal across the
internet. The primary users of this system are outpatient physician practices, public school nurses,
county child welfare workers, home care geriatricians, the local public health department and
community health workers serving primarily uninsured and underinsured patients. Currently, HealthLink
is a member of the Nationwide Health Information Network Cooperative.
Another operational, university‐based HIE is the Appalachian Health Information Exchange (AHIE), based
in Southeastern Ohio. Funded through a grant awarded from the National Institutes of Health (NIH) and
supported by Ohio University, AHIE has been sending results to physicians through connecting hospitals
and clinics in rural areas since 2004. Striving to overcome the difficulties of limited resources and an
insufficient IT infrastructure, AHIE has diligently involved with Ohio’s broadband initiatives to connect its
rural communities to the Internet.
2.7.1.3 HOSPITAL‐BASED EXCHANGES
As noted in US News and World Report’s, America’s Best Hospitals (2009) and Reuter’s 100 Top
Hospitals, 2009, Ohio is fortunate to be home to several top‐ranked hospital systems. These lists include
the following hospitals: Cleveland Clinic, University Hospitals Health Systems, Catholic Health Partners,
The Ohio State University Medical Center, OhioHealth, The Health Alliance of Greater Cincinnati and
O ‐ 22
Kettering Health Network. These hospitals, as well as others in the state, have taken the initiative to
improve the quality of care in their communities through the adoption of health information technology.
Several hospital systems have purchased EHRs for their employed physicians and non‐employed
physicians have the option to purchase them at a discounted rate. Some hospital‐owned EHRs are
interfaced via HL7 to receive hospital information directly, thus allowing the physician’s office to
become paperless. Some of these EHRs also have the capability to ePrescribe as well as provide some
quality reports that are required for Physician Quality Reporting. Many hospitals have the capability to
allow users to access hospital information such as laboratory, radiology and transcribed reports through
their portals.
Currently, 40 percent of hospitals in Ohio are sharing information among their respective organizations.
Many of these organizations have or will have met the meaningful use requirements for 2013 and
beyond. Another 40 percent of the hospitals in Ohio are in a position to begin implementation of an EHR
or initiate the steps to purchase one. These hospitals are committed to implementing steps to increase
efficiency and improve their level of quality care. They should be able to meet the meaningful use
requirements by 2013. The remaining 20 percent are either rural or small hospitals that are at risk of
failing to achieve HIT within their organizations, which is mainly due to the lack of capital funding. Those
organizations that are behind in the adoption of EHR technology will require both financial and technical
assistance in order to meet the meaningful use requirements for 2013 and 2015. The Ohio Hospital
Association (OHA) has been working directly with these rural hospitals to provide such assistance. The
steering committee for this group involves small and rural hospitals that are not part of larger hospital
systems that need technical and/or buying support for their IT purchase to achieve the requirements of
meaningful use.
2.7.1.4 SCOPE OF HIE SERVICES PROVIDED
In an attempt to analyze the levels of HIE services that are currently provided by these exchanges, OHIP
explored the following topics with representatives of the entities mentioned above:
Current use‐cases describing the nature of exchange within these organizations
A description of these organizations plans for expansion of exchange services until the statewide
HIE becomes available
From an existing HIE perspective, what key services would be needed from the statewide HIE
perspective?
O ‐ 23
The outcome of these discussions is summarized in Table 10 below.
Table 10 Summary of HIE Services by Existing HIOs in Ohio
Service Provided Selectively Provided
Often Provided
Always Provided
Master Patient Index (within their exchange) X
Electronic Lab Ordering X
Electronic Lab Resulting X
Manual delivery of non‐electronic results (via fax or print) X
Discrete Lab Results integration with EHR X
ePrescribing X
Eligibility Verification X
Exchange of Clinical Patient Summaries X
Syndromic Surveillance X
Reportable Disease Routing X
Quality Reporting X
Personal Health Record (consumer access) X
Electronic Medical Record (lightweight version) X
Medical Evidence Transmittal (SSA data transmission via NHIN)
X
2.7.2 STATE LEVEL SHARED SERVICES AND REPOSITORIES
As described in the Proposed HIE Model (S‐35) and Business and Technical Operations/Implementation
(S‐100) sections of the strategic plan, OHIP intends to implement an HIE architecture that will provide
the following core support components:
Master Patient Index (MPI) – An accurate master patient index links patient activity across
organizations and across patient care settings with the minimum necessary data to identify
patients positively, using sophisticated technology.
Master Entity Index (MEI) – The MEI will be used to positively identify trusted HIE participants
who have agreed to the standard terms and conditions for use of the HIE in a manner that
protects patient rights and maximizes data security. The MEI may include information about
licensed providers, hospitals, payors, pharmacies, laboratories, etc., such that sending entities
have enough information about the receiving entity to make an appropriate determination for
data exchange.
Record Locator Service (RLS) ‐ The RLS provides authorized users of a RHIO with pointers to the
location of a patient’s PHI across network nodes (i.e., the clinical data sources).
O ‐ 24
Trust Enablement Services – This includes a range of services and mechanisms to garner trust
among HIE participants to ensure data is exchanged appropriately and in a secure manner with
trusted exchange partners and according to consumer preferences and consent.
Based on RFI responses, technologies exist that would preclude the necessity for a full data repository to
aggregate data for purposes of population health management. Having the ability to streamline current
provider reporting burdens without replicating data at its source would improve data accuracy, mitigate
privacy and security issues, and provide an opportunity to bring significant administrative savings to
Ohio’s healthcare system.
In addition to the core components noted above and exchange support for meaningful use objectives,
OHIP will work to offer a centralized insurance eligibility verification service that includes Medicaid and
other third party coverage data with expansion plans to provide coordination of benefits, streamlined
pre‐authorization, certification, claim and payment adjudication workflows.
2.7.3 STANDARD OPERATING PROCEDURES FOR HIE
OHIP will develop standard operating policies and procedures to support the production of a statewide
HIE. The development of these policies and procedures will be guided by OHIP's mission that includes:
Support the adoption and meaningful use of EHRs by Ohio's healthcare providers
Promote timeliness and efficiency of data exchange
Ensure patient privacy
Advance safety, quality, accessibility, and availability of health care for the citizens of Ohio
These policies will follow prudent business practices and state/federal laws and regulations regarding
HIE's. These policies will address the following, but will not be limited to:
Governance ‐ Compliance with state regulations, rules for accountability/transparency, rules on
public notices/meetings, rules on documentation
Administration ‐ User licensing, accounting, billing, insurance and other day‐to‐day operations
Privacy/Security ‐ Includes privacy policies, patient consent models, user authentication, user
authorization, network security
User Support ‐ Training, help desk, installation, if needed
O ‐ 25
Compatibility ‐ Consistency with the national standards framework(s) now and in the future,
CCHIT if needed, and other certifying bodies now and in the future.
2.8 LEGAL/POLICY
OHIP recognizes the need to assume a leadership role to develop the path for statewide HIE in Ohio. The
Strategic Plan will be implemented through this Operational Plan and outlines a corresponding and
comprehensive set of activities to achieve statewide HIE. Execution of the Operational Plan will provide
support and facilitate Ohio’s providers to achieve meaningful use of HIT to enhance delivery, quality,
and value of health care.
2.8.1 ESTABLISH REQUIREMENTS
The Privacy and Policy Committee79 will have primary responsibility for compliance of the OHIP HIE with
federal and state laws and policy requirements. The Privacy and Policy Committee will develop policies
and procedures to ensure legal compliance by OHIP HIE, including policies and procedures related to the
operation of the HIE and the monitoring of the HIE for compliance by participants. The chair of the
committee will report to the CEO of OHIP as well as to its Board of Directors.
2.8.2 PRIVACY AND SECURITY HARMONIZATION
The Privacy and Policy Committee will build upon the work performed by HISPC Legal Work Group.
Discussed in the Privacy and Security section of the strategic plan, this work will be used to identify and
review state and federal privacy and security laws, policies, and procedures for barriers to HIE. They will
also use this work to harmonize privacy and security laws, policies and requirements and coordinate
activities to establish consistency on a statewide basis, as set forth in the Strategic Plan.
2.8.3 FEDERAL REQUIREMENTS
Ohio has a number of federal health facilities serving its population. Specifically, Ohio has five VA
Medical Centers and 29 community‐based outpatient clinics serving the large veteran population in
Ohio. Additionally, 35 FQHCs and 11 rural health clinics provide a critical safety net of health care to
79 See Appendix P, Amendment # 11
O ‐ 26
Ohio’s underserved counties. Ohio is also home to the Wright Patterson Air Force Base Medical Center,
serving Ohio’s active duty and reserve military personnel and their families.
OHIP is committed to collaborating with each of these federal health facilities in HIE. OHIP plans to
foster technical, organizational, and legal practices that will speed the exchange of health information
between federal health facilities and other healthcare systems and providers in Ohio.
1
3760974v5
# Name Brief Description Web Link Issued By Regulatory Reference Comments
REGULATORY
R1 A133 Audit Circular A‐133 sets forth the standards to be used by Federal agencies when auditing non‐Federal entities expending Federal awards. OHIP will be using Federal grant money to implement the health information exchange and pay HIE vendors. Thus, the Federal government will use Circular A‐133 as guidance when auditing OHIP’s expenditures of grant funding.
http://www.whitehouse.gov/omb/rcewrite/circulars/a133/a133.html
OMB Circular A‐133 is issued under the authority of sections 503, 1111, and 7501 et seq. of title 31, United States Code, and Executive Orders 8248 and 11541
R2 ARRA/ HITECH
The Health Information Technology for Economic and Clinical Health Act (HITECH) expands the HIPAA data privacy and security requirements to all “business associates” of health care covered entities. Since OHIP and HIE vendors will be transmitting identifiable health information on behalf of such covered entities, they may qualify as business associates and as such be subject to the requirements of HIPAA and HITECH. The HITECH Act also provides funding for health information technology expansion, including for the development of health information exchanges and Medicare and Medicaid incentives for the adoption and meaningful use of certified EHR technology (see additional rules below at *).
http://edocket.access.gpo.gov/2009/pdf/E9‐20169.pdf
HHS 74 FR 4273945 CFR Parts 160 and 164
R3 Electronic Prescriptions for Controlled Substances (DEA/NCPDP EHR Controlled Substance IFR)
Under this Interim Final Rule, practitioners are now allowed to write prescriptions for controlled substances electronically. OHIP and HIE vendors may be transmitting these electronic prescriptions through the health information exchange, thus they need to be aware of the applicable restrictions.
http://edocket.access.gpo.gov/2010/pdf/2010‐6687.pdf
DEA 21 CFR 1300, 1304, 1306, and 1311 75 FR 16235
R4 Electronic This Ohio rule establishes the standards for http://codes.oh ODH Ohio Rev. Code § 3701.75
Appendix A - Health IT Regulatory, Certification and Other Standard References
Revised 11/29/2010 A1
2
3760974v5
# Name Brief Description Web Link Issued By Regulatory Reference Comments
Signatures in Health Records
when entries in an electronic health record may be authenticated by an electronic signature. OHIP and HIE vendors will be transmitting electronic health records, thus they should be aware of applicable restrictions for such records.
io.gov/orc/3701.75
R5 Identification of Backward Compatible Version of Adopted Standard for E‐Prescribing and the Medicare Prescription Drug Program (NCPDP SCRIPT 10.6)
This interim final rule permits the use of a newer standard for conducting electronic prescribing transactions in the Medicare Part D e‐prescribing program. The newer standard adopted under the rule, NCPDP SCRIPT 10.6, is a backward compatible version of the older NCPDP SCRIPT 8.1. Version 8.1 has been the official Part D e‐prescribing standard for communicating prescription‐related information between prescribers and dispensers since 2009. According to the interim final rule, NCPDP SCRIPT 10.6 retains the functionality of version 8.1, thus permitting the successful completion of e‐prescribing transaction with entities that continue to use NCPDP SCRIPT 8.1 for Part D.
http://edocket.access.gpo.gov/2010/pdf/2010‐15505.pdf
CMS 75 FR 38026
R6 Integration of Physician Quality Reporting and EHR Reporting Proposed Rule
Section 3002(d) of PPACA requires CMS to move towards the integration of EHR measures with respect to the Physician Quality Reporting Initiative (PQRI) program. No later that January 1, 2012, the Secretary of HHS shall develop a plan to integrate reporting on the quality measures under PQRI with reporting requirements for meaningful use of EHRs. Since OHIP and HIE vendors will be providing EHR technology to health care providers, they need to understand the reporting requirements
http://edocket.access.gpo.gov/2010/pdf/2010‐15900.pdf
CMS 75 FR 40201
Appendix A - Health IT Regulatory, Certification and Other Standard References
Revised 11/29/2010 A2
3
3760974v5
# Name Brief Description Web Link Issued By Regulatory Reference Comments
associated with meaningful use.
R7 *
Establishment of the Temporary Certification Program for Health Information Technology Final Rule
This Final Rule establishes a temporary certification program for purposes of testing and certifying health information technology to assure the availability of Certified EHR Technology. OHIP and HIE vendors will be implementing electronic health record technology, thus they need to be aware of the EHR certification process adopted under this rule for EHR systems to be deemed Certified EHRs.
http://www.ofr.gov/OFRUpload/OFRData/2010‐17210_PI.pdf
HHS‐ONC 45 CFR Part 170
R8 Gramm‐Leach‐Bliley Act: Obligations with respect to disclosures of financial information
The Gramm‐Leach‐Bliley Act sets forth obligations with respect to disclosures of financial information by non‐affiliated third parties that receive nonpublic financial information from financial institutions. OHIP and HIE vendors may need to be aware of these restrictions if they are transmitting financial information as part of claims processing.
http://www.ftc.gov/privacy/privacyinitiatives/financial_rule_lr.html
FTC 15 USC §§ 6801 ‐ 6809
R9 Health Breach Notification Rule (Federal Trade Commission)
The Health Breach Notification Rule requires individual notification following the discovery of a breach of identifiable health information contained in unsecured personal health records maintained by a vendor of such records or a related entity. This rule would be applicable to OHIP and HIE vendors only if they did not meet the definition of “business associate” under HIPAA.
http://ecfr.gpoaccess.gov/cgi/t/text/text‐idx?c=ecfr&tpl=/ecfrbrowse/Title16/16cfr318_main_02.tpl
FTC 16 CFR Part 318
R10 Health Breach Notification Rule (Health and Human Services)
This rule requires notification to individuals, HHS, and the media from HIPAA covered entities upon discovery of a breach of a members unsecured protected health information. This rule also requires business associates to notify covered entities following
http://edocket.access.gpo.gov/2009/pdf/E9‐20169.pdf
HHS 45 CFR Parts 160 and Subparts A and D of Part 164
Appendix A - Health IT Regulatory, Certification and Other Standard References
Revised 11/29/2010 A3
4
3760974v5
# Name Brief Description Web Link Issued By Regulatory Reference Comments
the discovery of such breach. As outlined above, OHIP and HIE vendors may be business associates providing health information exchange services to health care providers.
R11 *
Health IT Standards & Certification Criteria Final Rule
This Interim Final Rule represents the first step in an incremental approach to adopting standards, implementation specifications, and certification criteria to enhance the interoperability, functionality, utility, and security of health IT and to support its meaningful use. OHIP and HIE vendors will be implementing electronic health record technology, thus they need to be aware of the certification criteria adopted under this rule that establish the capabilities and related standards that this technology must include.
http://edocket.access.gpo.gov/2010/pdf/E9‐31216.pdf
HHS – ONC 45 CFR Part 170 75 FR 2013‐2047
R12 HIPAA Privacy Rule
The HIPAA privacy rule establishes national standards regarding health information privacy. As outlined above, OHIP and HIE vendors may be subject to HIPAA regulations as business associates providing health information exchange services to health care providers.
http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/index.html
HHS 45 CFR Part 160 and Subparts A and E of Part 164
R13 HIPAA Security Rule
The HIPAA security rule establishes standards for safeguarding and protecting health information. As outlined above, OHIP and HIE vendors may be subject to HIPAA regulations as business associates providing health information exchange services to health care providers.
http://www.hhs.gov/ocr/privacy/hipaa/understanding/srsummary.html
HHS 45 CFR Part 160 and Subparts A and C of 164
R14 HIPAA Transaction and Code Set Rule
HHS is adopting X12 Version 5010 and NCPDP Version D.0 for HIPAA administrative transactions effective January 2012. HIE vendors are required to comply with the
http://www.cms.gov/TransactionCodeSetsStands/02_Transacti
HHS 45 CFR Part 162 For eligibility, vendors must comply with CAQH CORE Phase I
Appendix A - Health IT Regulatory, Certification and Other Standard References
Revised 11/29/2010 A4
5
3760974v5
# Name Brief Description Web Link Issued By Regulatory Reference Comments
Phase I requirements. onsandCodeSetsRegulations.asp
requirements.
R15 Modifications to the HIPAA Privacy, Security, and Enforcement Rules under the HITECH Act Proposed Rule
This proposed rule contains modifications to
HIPAA, specifically it covers: business
associate liability, the sale of protected
health information (PHI), research issues, the
minimum necessary standard, restrictions to
uses and disclosures of PHI, access to PHI,
fundraising and notice of privacy practices. As
outlined above, OHIP and HIE vendors may
be subject to HIPAA regulations as business
associates providing health information
exchange services to health care providers.
http://www.ofr.gov/OFRUpload/OFRData/2010‐16718_PI.pdf
HHS 75 FR 40868
R16 HISPC – Legal Framework for Ohio
Ohio’s Health Information Security and Privacy Collaboration (HISPC) brought legal and security experts together to assess organization‐level business policies, practices and state laws that affect the health information exchange within Ohio. In implementing the health information exchange, OHIP and HIE vendors need to be apprised of the results of HISPC’s assessments.
https://hispc.pbworks.com Report: http://hispc.pbworks.com/f/Intrastate_Interstate_FinalReport_20090911.pdf
HPIO Multiple Ohio’s laws require a more prescriptive approach to achieve consent for data exchange than HIPAA.
R17 HITECH Extension for Behavioral Health Services Act of 2010
The proposed amendment extends eligibility for EHR incentive payment programs and REC services to behavioral health providers.
http://www.govtrack.us/congress/bill.xpd?bill=h107‐5040
HHS H.R. 5040
R18 *
Medicare and Medicaid Programs; Electronic Health Record Incentive
This final rule implements provisions of the HITECH Act which authorizes incentive payments to eligible professionals, eligible hospitals, and critical access hospitals that demonstrate meaningful use of electronic
http://edocket.access.gpo.gov/2010/pdf/2010‐17207.pdf
CMS 75 FR 44314
Appendix A - Health IT Regulatory, Certification and Other Standard References
Revised 11/29/2010 A5
6
3760974v5
# Name Brief Description Web Link Issued By Regulatory Reference Comments
Program Final Rule
health record (EHR) technology. Since OHIP and HIE vendors will be providing such EHR technology to health care providers, they need to understand the requirements for achieving meaningful use.
R19 Ohio Board of Pharmacy – Electronic Prescription Transmission Systems
The Ohio Board of Pharmacy requires prior approval of all electronic prescription transmission systems intended to be used in Ohio. If the system used by OHIP and HIE vendors to transmit electronic health records also transmits electronic prescriptions, then the system will need to meet the qualifications set forth by the Ohio Board of Pharmacy and be approved prior to use.
http://pharmacy.ohio.gov/faq.htm
Ohio Board of Pharmacy
OAC 4729‐5‐21
R20 Ohio Medicaid Restrictions on Information regarding Public Assistance Recipients
This statute sets forth restrictions on the use or disclosure of any information regarding recipients of Ohio public assistance. Since OHIP and HIE vendors may be transmitting the electronic health records of such recipients of public assistance, they are subject to these restrictions.
http://codes.ohio.gov/orc/5101.27
ODJFS Ohio Rev. Code § 5101.27
R21 Other Standards applicable to Data Protection/ Privacy Outside Healthcare
This statute requires disclosure and notification of certain breaches of security of computerized personal information systems. OHIP and HIE vendors must report any unauthorized access to and acquisition of computerized data that causes, reasonably is believed to have caused, or reasonably believed will cause a material risk of identity theft or other fraud to individuals.
http://codes.ohio.gov/orc/1349.19
Ohio Rev. Code § 1349.19
R22 Patient Protection and Affordable Care Act (PPACA)
Section 3002 of PPACA requires the Secretary of HHS to integrate the respective reporting mechanisms for the Physician Quality Reporting Initiative and the electronic health record “meaningful use” incentives. Such
http://www.bricker.com/documents/resources/reform/healthreform1.pdf
HHS 42 USC 1395w‐4(k)(4) Revised by the Health Care and Education Reconciliation Act of 2010
Appendix A - Health IT Regulatory, Certification and Other Standard References
Revised 11/29/2010 A6
7
3760974v5
# Name Brief Description Web Link Issued By Regulatory Reference Comments
integration must consist of the selection measures, the reporting of which would demonstrate both meaningful use of EHR and quality of care furnished to an individual.
R23 Record Retention Requirements
Ohio and federal laws require health care providers to retain patient records for specified periods of time. While individual health care provider organizations and practitioners may interpret and apply these requirements differently, generally adult patient records must be retained for at least a period of 10 years after discharge and minor records must be retained for a period of 10 years after the patient reaches the age of majority (18); Numerous Ohio and federal laws require health care providers to retain other types of records, including records containing health information that may not be included in the patient record for specified periods of time. In addition, EHR systems have varying functional capabilities to purge records by type or otherwise operationalize record retention policies.
http://codes.ohio.gov/oac/3701 http://codes.ohio.gov/oac/5101
http://www.hhs
.gov/ocr/privac
y/hipaa/underst
anding/summar
y/index.html
ODH; ODJFS (Medicaid); HHS
OAC 3701.83‐11(E);OAC 3701‐84‐11(E); OAC 5101:3‐1‐17.2 45 CFR 164.530(j)
Regulatory references listed are for adult and minor patient records and federal HIPAA requirements; to the extent that the HIE vendor will be required to support other functions, additional record retention requirements may apply, such as for maintaining and reporting records required to comply with public health reporting., claims adjudication, etc.
R24 SAS 70 Audit Requirements
SAS No. 70 is the authoritative guidance that allows service organizations to disclose their control activities and processes to their customers and their customer’s auditors in a uniform reporting format. Since HIE vendors provide transaction processing, data hosting, and other data processing services to OHIP, they are service organizations and the SAS 70 guidance is applicable.
http://infotech.aicpa.org/Resources/Assurance+Services/Standards/SAS+No.+70+Service+Organizations.htm
AICPA Codification of Auditing Standards AU Section 324
R25 SSA Limitations This regulation sets forth the Social Security Administration’s application of the Privacy
http://www.ssa.gov/OP_Home/
SSA 20 CFR § 401.20
Appendix A - Health IT Regulatory, Certification and Other Standard References
Revised 11/29/2010 A7
8
3760974v5
# Name Brief Description Web Link Issued By Regulatory Reference Comments
Act rules to medical information maintained by Social Security programs. Since OHIP and HIE vendors may transmit electronic health records containing information regarding persons participating in such programs, they need to be aware of these rules.
cfr20/cfrdoc.htm
R26 Standards for De‐identified Data/ Research
The HIPAA Privacy Rule provides that de‐identified health information is not protected health information subject to HIPAA’s privacy and security requirements. De‐identified health information is health information that does not identify an individual and with respect to which there is no reasonable basis to believe that the information can be used to identify an individual. HIPAA requires that specified identifiers must be removed from health information for it to be deemed “de‐identified”. To the extent that OHIP and its HIE vendors may be involved in de‐identifying health information for certain purposes or transmitting information that has been determined to be de‐identified by others, they should be aware of HIPAA de‐identification requirements.
http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/index.html
HHS 45 CFR Part 160 and Subparts A and E of Part 164; 164.502(d); 45 CFR 164.514
R27 The Privacy Act of 1974
The Privacy Act governs the collection, maintenance, use, and dissemination of personally identifiable information about individuals that is maintained in systems of records by federal agencies. To the extent that OHIP and HIE vendors exchange information with the Federal government, they will need to understand this Act.
http://www.foia.cia.gov/txt/pa.pdf
HHS 5 USC § 552a; 45 CFR Part 5b
R28 The Freedom of Information Act
This act allows for the full or partial disclosure of previously unreleased information and documents controlled by the
http://www.foia.cia.gov/txt/foia.pdf
HHS 5 USC § 552; 45 CFR Part 5
Appendix A - Health IT Regulatory, Certification and Other Standard References
Revised 11/29/2010 A8
9
3760974v5
# Name Brief Description Web Link Issued By Regulatory Reference Comments
United States Government. The Act defines agency records subject to disclosure and outlines mandatory disclosure procedures. To the extent that OHIP and HIE vendors exchange information with the Federal government, they will need to understand this Act.
R29 Confidentiality of Substance Abuse Patient Records
This statute prohibits disclosures of substance abuse patient records and any information that identifies an individual as an alcohol or drug abuser without written consent of the individual. OHIP and HIE vendors may work with records covered by this statute, thus they need to be aware of its restrictions.
http://www.law.cornell.edu/uscode/html/uscode42/usc_sec_42_00000290‐‐dd002‐.html
SAMHSA 42 USC § 290dd‐2; 42 CFR Part 2
R30 Genetic Information Nondiscrimination Act of 2008 (GINA)
Generally, this Act prohibits discrimination by group health plans and employers on the basis of genetic information and protects genetic information.
http://www.gpo.gov/fdsys/pkg/PLAW‐110publ233/content‐detail.html
N/A Pub. L. No 110‐233
R31 Clinical Laboratory Improvement Amendments
This law regulates laboratories conducting testing on human specimens for medical purposes. Specifically, this law states that certified labs may disclose test results or reports only to authorized people. OHIP and HIE vendors may be involved in the exchange of laboratory testing results, thus they should be aware of these disclosure requirements.
http://wwwn.cdc.gov/clia/regs/toc.aspx
CMS 42 USC § 263a; 42 CFR Part 493
R32 Federal Food, Drug and Cosmetic Act
The Federal Food, Drug, and Cosmetic Actgives authority to the U.S. Food and Drug Administration (FDA) to oversee the safety of food, drugs, and cosmetics. Additionally, this law explains that investigators may not use human beings as subjects in research covered
http://www.law.cornell.edu/uscode/21/ch9.html
FDA
Appendix A - Health IT Regulatory, Certification and Other Standard References
Revised 11/29/2010 A9
10
3760974v5
# Name Brief Description Web Link Issued By Regulatory Reference Comments
by these regulations unless informed consent is given.
R33 Controlled Substances Act
This Act protects identifiable research information from forced or compelled disclosure and allows for refusal to disclose identifying information regarding research participants in civil, criminal, administrative, legislative or other proceedings.
http://www.fda.gov/regulatoryinformation/legislation/ucm148726.htm
N/A 21 USC § 801 et seq.
R34 Federal Policy for Protection of Human Subjects
This rule establishes procedures and protections for human subjects participating in research funded by Federal agencies. It specifies that the research must include adequate provisions protecting the privacy of subjects and maintaining the confidentiality of data.
http://www.hhs.gov/ohrp/humansubjects/guidance/45cfr46.htm
HHS 45 CFR 46.111 – 46.113
R35 Statutory Authority for Certificates of Confidentiality
This provision allows the Secretary of HHS to issue a certificate to protect information on research participants from forced or compelled disclosure.
http://www.law.cornell.edu/uscode/42/usc_sec_42_00000241‐‐‐‐000‐.html
HHS 42 USC § 241(d)
R36 AHRQ Confidentiality Provisions
This provision states that data collected by AHRQ cannot be used for any purpose other than the purpose for which it was supplied, unless the person or supplier of the data has consented to its use for such other purposes.
http://codes.lp.findlaw.com/uscode/42/6A/VII/D/299c‐3
HHS 42 USC § 299c‐3
R37 CDC Confidentiality Provisions
This provision requires the CDC to get consent before releasing identifiable information for any purpose other than the purpose for which it was supplied.
http://www.law.cornell.edu/uscode/html/uscode42/usc_sec_42_00000242‐‐‐m000‐.html
CDC 42 USC § 242m(d)
R38 Confidentiality Provisions for Data Collection and Security
Under this provision, identifiable mental health and substance abuse information obtained in the course of activities undertaken or supported by SAMHSA may
http://codes.lp.findlaw.com/uscode/42/6A/III‐A/A/290aa
SAMHSA 42 USC § 290aa(n)
Appendix A - Health IT Regulatory, Certification and Other Standard References
Revised 11/29/2010 A10
11
3760974v5
# Name Brief Description Web Link Issued By Regulatory Reference Comments
Information not be used for any purpose other than the purpose for which it was supplied unless consent of the person or establishment is obtained prior to the use or release.
R39 Patient Safety and Quality Improvement Act
This Act allows providers to voluntarily report information to Patient Safety Organizations on a privileged and confidential basis for aggregation and analysis of patient safety events.
http://frwebgate.access.gpo.gov/cgi‐bin/getdoc.cgi?dbname=109_cong_public_laws&docid=f:publ041.109
HHS 42 USC § 299b‐21 to 299b‐26
R40 Children’s Online Privacy Protection Act
This Act protects the privacy of children under the age of 13 by requesting parental consent for the collection or use of any personal information of the users.
http://www.law.cornell.edu/uscode/html/uscode15/usc_sup_01_15_10_91.html
FTC 15 USC §§ 6501‐6506
R41 Federal Information Security Management Act
This Act ensures that federal government information systems follow a mandatory set of IT system security processes. This Act applies to the federal government and to outside entities acting on behalf of the federal government, including government contractors. OHIP and HIE vendors need to be aware of these requirements when working with federal entities and contractors.
http://www.law.cornell.edu/uscode/44/3541.html
N/A 44 USC § 3541(a)(1)(A)
R42 Electronic Signatures in Global and National Commerce Act
Under this Act, electronic signatures and contracts are given the same legal validity as those executed by hand. This Act will apply to electronic signatures in electronic health records that OHIP and HIE vendors may work with.
http://www.law.cornell.edu/uscode/15/ch96schI.html
FTC 15 USC § 7001
R43 Stored Communications
This Act prohibits unauthorized access of electronic communications and provides civil
http://www.law.cornell.edu/usc
N/A 18 USC § 2701 et seq.
Appendix A - Health IT Regulatory, Certification and Other Standard References
Revised 11/29/2010 A11
12
3760974v5
# Name Brief Description Web Link Issued By Regulatory Reference Comments
Act and criminal remedies for violations. Additionally, this Act requires notice in the event of unauthorized access to a consumer’s electronic records. OHIP and HIE vendors will be storing electronic communications in the form of electronic health records, thus, they need to be aware of the restrictions under this Act.
ode/html/uscode18/usc_sec_18_00002701‐‐‐‐000‐.html
R44 Electronic Communications Privacy Act
These sections protect wire, oral and electronic communications while in transit and communications held in electronic storage. Since OHIP and HIE vendors will be transmitting and storing electronic communications they need to be aware of these requirements.
http://www.law.cornell.edu/uscode/html/uscode18/usc_sup_01_18.html
N/A 18 USC §§ 2510‐2522, 2701‐2711, and 3121‐3126
R45 Computer Fraud and Abuse Act
This Act protects computers used in Federal government, certain financial institutions or computers used in interstate and foreign commerce from unauthorized access and imposes fines and imprisonment for violations. OHIP and HIE vendors may be transmitting health information through computers covered under this Act.
http://www.law.cornell.edu/uscode/18/1030.html
N/A 18 USC § 1030
R46 Patriot Act This Act restricts, reduces or eliminates the following privacy law protections applicable to OHIP and HIE vendors: Electronic Communications Privacy Act and the Computer Fraud and Abuse Act .
http://frwebgate.access.gpo.gov/cgi‐bin/getdoc.cgi?dbname=107_cong_public_laws&docid=f:publ056.107
N/A P.L 107‐56
R47 Confidential Information Protection and Statistical
This Act protects the confidentiality of information supplied by individuals and organizations to all federal agencies under a pledge of confidentiality for statistical
http://www.law.cornell.edu/uscode/html/uscode44/usc_sup_0
N/A 44 USC § 3501 et seq.
Appendix A - Health IT Regulatory, Certification and Other Standard References
Revised 11/29/2010 A12
13
3760974v5
# Name Brief Description Web Link Issued By Regulatory Reference Comments
Efficiency Act purposes. This may apply to OHIP and HIE vendors if they supply such information to the federal government.
1_44_10_35_20_I.html
R48 Physician‐Patient Privilege
This statute sets forth the testimonial privilege for confidential communications between physicians and patients.
http://codes.ohio.gov/orc/2317.02
n/a Ohio Rev. Code § 2317.02
R49 Disciplinary Actions for Physicians
Under this statute, a physician may be disciplined by the State Medical Board for willfully betraying a professional confidence.
http://codes.ohio.gov/orc/4731.22
State Medical Board
Ohio Rev. Code § 4731.22
R50 Duty of Confidentiality
This case established an independent tort for the unauthorized, unprivileged disclosure by a physician or hospital to a third party of nonpublic medical information that physician or hospital has learned within a physician‐patient relationship.
http://www.supremecourt.ohio.gov/rod/docs/pdf/0/1999/1999‐Ohio‐115.pdf.
Supreme Court of Ohio
Biddle v. Warren General Hospital, 86 Ohio St. 3d 395, 1999‐Ohio‐115.
R51 Uniform Administrative Requirements for Awards and Subawards to Institutions of Higher Education, Hospitals, other Non‐Profit Organizations, and Commercial Organizations
This section establishes uniform pre‐award and post‐award administrative requirements governing HHS grants and agreements awarded to institutions of higher education, hospitals, other nonprofit organizations and subgrants or other subawards awarded by recipients of HHS grants and agreements to institutions of higher education, hospitals, other nonprofit organizations and commercial organizations. Since OHIP is participating in HHS HIE programs, they are required to comply with these administrative requirements.
http://ecfr.gpoaccess.gov/cgi/t/text/text‐idx?c=ecfr;sid=85fa827d5b4cde0a8286b0541125d28e;rgn=div5;view=text;node=45%3A1.0.1.1.35;idno=45;cc=ecfr
HHS 45 CFR 74
R52 Uniform Administrative Requirements for Grants and Cooperative
This part establishes uniform administrative rules for Federal grants and cooperative agreements and subawards to State, local and Indian tribal governments. Since OHIP is the state designated entity participating in
http://ecfr.gpoaccess.gov/cgi/t/text/text‐idx?c=ecfr&sid=61cd24225c7b0
HHS 45 CFR 92
Appendix A - Health IT Regulatory, Certification and Other Standard References
Revised 11/29/2010 A13
14
3760974v5
# Name Brief Description Web Link Issued By Regulatory Reference Comments
Agreements to State, Local and Tribal Governments
HHS HIE programs on behalf of the state, they are also required to comply with these administrative requirements.
7e01958f829f1b34f7c&rgn=div5&view=text&node=45:1.0.1.1.50&idno=45
R53 Cost Principles for State, Local, and Indian Tribal Governments
This part establishes principles and standards for determining costs for Federal awards carried out through grants, cost reimbursement contracts, and other agreements with State and local governments and federally‐recognized Indian tribal governments (governmental units). Since OHIP is operating under HHS grants on behalf of the state, they are required to comply with these cost principles.
http://ecfr.gpoaccess.gov/cgi/t/text/text‐idx?c=ecfr&tpl=/ecfrbrowse/Title02/2cfr225_main_02.tpl
OMB 2 CFR 225
R54 Cost Principles for Non‐Profit Organizations
This part establishes principles for determining costs of grants, contracts and other agreements with non‐profit organizations. Since OHIP is operating under HHS grants, they are required to comply with these cost principles.
http://ecfr.gpoaccess.gov/cgi/t/text/text‐idx?c=ecfr&tpl=/ecfrbrowse/Title02/2cfr230_main_02.tpl
OMB 2 CFR 230
R55 Confidentiality of Medical Records
Under this statute, a health care provider cannot release medical records without first receiving a written request signed by the patient, personal representative, or authorized person not more than one year from the date of the request,
http://codes.ohio.gov/orc/3701.74
ODH Ohio Rev. Code § 3701.74
R56 Confidentiality of Alcohol and Drug Abuse Patient Records
These regulations impose restrictions upon the disclosure and use of alcohol and drug abuse patient records which are maintained in connection with the performance of any federally assisted alcohol and drug abuse program.
http://ecfr.gpoaccess.gov/cgi/t/text/text‐idx?c=ecfr&rgn=div5&view=text&node=42:1.0.1.1.2&idno=42
HHS 42 CFR Part 2; Ohio Rev. Code § 3793.13; OAC 3793:2‐1‐06.
Appendix A - Health IT Regulatory, Certification and Other Standard References
Revised 11/29/2010 A14
15
3760974v5
# Name Brief Description Web Link Issued By Regulatory Reference Comments
R57 Medicare Conditions of Participation – Patients’ Rights
Under these Medicare conditions of participation, patients have the right to the confidentiality of their medical records.
http://ecfr.gpoaccess.gov/cgi/t/text/text‐idx?sid=a05c7cb359f6117045a8536124843a88&c=ecfr&tpl=/ecfrbrowse/Title42/42cfrv5_02.tpl#482
CMS 42 CFR 482.13 (Hospitals); 42 CFR 483.10 (Long Term Care Facilities); 42 CFR 484.10 (Home Health)
R58 Family Educational Rights and Privacy
This law protects the privacy of student education records.
http://ecfr.gpoaccess.gov/cgi/t/text/text‐idx?c=ecfr&tpl=/ecfrbrowse/Title34/34cfr99_main_02.tpl
US Dept. of Education
34 CFR Part 99
R59 Disclosures of HIV Test Results or Diagnosis
This law prevents health care providers from disclosing or compelling another to disclose the identity of any individual on whom an HIV test is performed, the results of an HIV test in a form that identifies the individual tested, or the identity of any individual diagnosed as having AIDS or an AIDS‐related condition.
http://codes.ohio.gov/orc/3701.243
n/a Ohio Rev. Code § 3701.243
R60 Confidentiality of Protected Health Information
This statute requires that protected health information reported to or obtained by the Ohio Department of Health, a board of health of a city or general health district be kept confidential and shall not be released without the individual’s consent.
http://codes.ohio.gov/orc/3701.17
n/a Ohio Rev. Code § 3701.17
R61 Disclosure of Mental Health Information
Under these sections, all mental health certificates, applications, records and reports that directly or indirectly identify a patient or former patient or person who has been hospitalized as mentally ill shall be kept
http://codes.ohio.gov/orc/5122.31
Department of Mental Health
Ohio Rev. Code § 5122.31; OAC 5122‐27‐08
Appendix A - Health IT Regulatory, Certification and Other Standard References
Revised 11/29/2010 A15
16
3760974v5
# Name Brief Description Web Link Issued By Regulatory Reference Comments
confidential and not disclosed by any person.
R62 HIV Testing of a Minor
This law allows a minor to consent to an HIV test. Under HIPAA, when state law permits an unemancipated minor to consent to treatment, the information regarding that treatment is given special privacy.
http://codes.ohio.gov/orc/3701.242
n/a Ohio Rev. Code § 3701.242; 45 CFR 164.502
R63 Minor may Give Consent for Diagnosis or Treatment of Venereal Disease
This statute allows a minor to consent to the diagnosis or treatment of any venereal disease by a licensed physician. Under HIPAA, when state law permits an unemancipated minor to consent to treatment, the information regarding that treatment is given special privacy.
http://codes.ohio.gov/orc/3709.241
n/a Ohio Rev. Code § 3709.241; 45 CFR 164.502
R64 Minor may Give Consent to Diagnosis or Treatment of Condition Caused by Drug or Alcohol Abuse
This law states that a minor may give consent for the diagnosis or treatment by a physician licensed to practice in this state of any condition which it is reasonable to believe is caused by a drug of abuse, beer, or intoxicating liquor. Under HIPAA, when state law permits an unemancipated minor to consent to treatment, the information regarding that treatment is given special privacy.
http://codes.ohio.gov/orc/3719.012
n/a Ohio Rev. Code § 3719.012; 45 CFR 164.502
R65 Confidential Outpatient Services for Minors
This statute allows a minor to consent to six sessions or thirty days of outpatient mental health services, whichever occurs sooner. The minor’s parent or guardian shall not be informed of the services without the minor’s consent unless the mental health professional treating the minor determines that there is a compelling need for disclosure based on a substantial probability of harm to the minor or other persons, and the minor is notified of the mental health professional’s intent to inform the parent or guardian.
http://codes.ohio.gov/orc/5122.04
n/a Ohio Rev. Code § 5122.04; 45 CFR 164.502
Appendix A - Health IT Regulatory, Certification and Other Standard References
Revised 11/29/2010 A16
17
3760974v5
# Name Brief Description Web Link Issued By Regulatory Reference Comments
Under HIPAA, when state law permits an unemancipated minor to consent to treatment, the information regarding that treatment is given special privacy.
R66 Confidentiality of Artificial Insemination Records
Pursuant to this law, a physician who is associated with a non‐spousal artificial insemination must place certain records relating to the artificial insemination (i.e., the required written consent, information provided to the recipient and, if married, her husband as permitted by Ohio law, other information concerning the donor that the physician possesses, and other matters concerning the artificial insemination) in a file that shall bear the name of the recipient. This file shall be retained by the physician in the physician’s office separate from any regular medical chart of the recipient, and shall be confidential. The consent form and other information provided to the recipient woman (and her husband, if married) must be available for inspection by the recipient and her husband until the child reaches 21 years of age.
http://codes.ohio.gov/orc/3111.94
n/a Ohio Rev. Code § 3111.94
R67 Confidentiality of Family Planning Services
Pursuant to this law, any program receiving Title X funding for family planning and other related preventive health services such as patient education and counseling, breast and pelvic examinations, breast and cervical cancer screening, sexually transmitted disease and HIV prevention education, counseling, testing and referral, and pregnancy diagnosis and counseling must not disclose information related to individuals receiving any services funded, in full or in
http://law.justia.com/us/cfr/title42/42‐1.0.1.4.41.1.19.11.html
HHS 42 CFR 59.11
Appendix A - Health IT Regulatory, Certification and Other Standard References
Revised 11/29/2010 A17
18
3760974v5
# Name Brief Description Web Link Issued By Regulatory Reference Comments
part by Title X, without the individual’s documented authorization, except as necessary to provide services to the patient or as required by law.
CERTIFICATION/ACCREDITATION
C1 CCHIT EHR Certification
The Certification Commission for Health IT offers EHR certification tracks including Preliminary ARRA IFR Stage 1.
www.cchit.org CCHIT n/a
C2 EHNAC Certification
Electronic Healthcare Network Accreditation Commission (EHNAC) is a federally‐recognized standards development organization which currently offers an HIE accreditation program.
www.ehnac.org EHNAC n/a EHNAC is currently the only entity offering HIE accreditation
C3 Joint Commission Standards
The Joint Commission Standards require hospitals to protect the privacy of, maintain the security and integrity of, and effectively manage the collection of health information. OHIP and HIE vendors need to be aware of these information management standards because hospitals utilizing the health information exchange must comply with them for accreditation purposes.
http://www.jointcommission.org
Joint Comm‐ission
Standards IM 02.01.01; 02.01.03; 02.02.01
OTHER STANDARDS
S1 CAQH CORE Phase I Certification for Administrative Transaction Exchange
The Council for Affordable Quality Healthcare (CAQH) issues CORE operating rules built on existing standards to make electronic transactions more predictable and consistent, regardless of the technology.
http://www.caqh.org/CORE_phase2.php
CAQH 45 CFR Part 170 Health IT Standards & Certification Criteria IFR requires compliance with CAQH CORE Phase I
S2 Consumer Consent Options for Electronic Health Information
White paper prepared by the ONCHIT outlining the various consumer consent models deployed by state HIEs. OHIP and HIE vendors will be implementing the health information exchange.
http://healthit.hhs.gov/portal/server.pt/gateway/PTARGS_0_11673_911197_0
HHS‐ONC n/a
Appendix A - Health IT Regulatory, Certification and Other Standard References
Revised 11/29/2010 A18
19
3760974v5
# Name Brief Description Web Link Issued By Regulatory Reference Comments
Exchange: Policy Considerations and Analysis
_0_18/ChoiceModelFinal032610.pdf
S3 HIE Implications for Meaningful Use Stage 1 (pre final rule)
The Healthcare Information Management Systems Society (HIMSS) published a matrix outlining the HIE implications for each Stage 1 MU objective.
http://www.himss.org/content/files/MU_HIE_Matrix.pdf
HIMSS n/a
S4 Healthcare Information Technology Standards Panel (HITSP)
Although recently disbanded, HITSP was formed for the purpose of harmonizing and integrating standards that will meet clinical and business needs for sharing information among organizations and systems.
http:/hitsp.org HITSP n/a
S5 House Bill 125 Advisory Committee on Eligibility and Real‐Time Claim and Adjudication
The charge of the Advisory Committee was to study and recommend standards to enable providers and payers to communicate electronically and effectively with each other regarding patient eligibility for services.
http://www.insurance.ohio.gov/Legal/Documents/hb125‐finalreport.pdf
ODI Ohio HB 125 The Advisory Committee recommended implementation of CAQH CORE Phase II requirements for eligibility data exchange.
S6 Integrating for the Healthcare Enterprise (IHE) Profiles
IHE promotes the coordinated use of established standards such as DICOM and HL7 to address specific clinical domain and privacy/security needs in support of optimal patient care.
http://www.ihe.net/
IHE 45 CFR Part 170 Health IT Standards & Certification Criteria IFR proposes use of IHE’s cross‐enterprise authentication protocols.
S7 Nationwide Health Information Network (NHIN)
The NHIN is a set of standards, services and policies that enable secure health information exchange over the internet.
http://healthit.hhs.gov/portal/server.pt?open=512&mode=2&cached=true&objID=1142
HHS‐ONC n/a The National eHealth Collaborative offers free NHIN University courses through http://www.nationalehealth.org/NHIN‐U/
S8 National Information
NIEM is designed to develop, disseminate and support enterprise‐wide information
www.niem.gov DOJ and DHS
n/a This framework is being considered for
Appendix A - Health IT Regulatory, Certification and Other Standard References
Revised 11/29/2010 A19
20
3760974v5
# Name Brief Description Web Link Issued By Regulatory Reference Comments
Exchange Model (NIEM)
exchange standards and processes that can enable jurisdictions to effectively share critical information.
application to HIE.
S9 National Institute of Standards and Technology (NIST)
Founded in 1901, NIST is a non‐regulatory federal agency within the US Department of Commerce. NIST's mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.
www.nist.gov DOC n/a ONC is seeking input from the NIST for development of testing tools and procedures necessary to certify EHRs
S10 Ohio Health Information Partnership (OHIP)
OHIP is the state‐designated entity for health information exchange development.
www.ohiponline.org
OHIP n/a
S11 Ohio Health Reform Initiatives
Refer to this website for a list of Ohio’s initiatives in response to the Patient Protection and Affordable Care Act (PPACA)
http://www.healthcarereform.ohio.gov/Pages/default.aspx
ODI Patient Protection and Affordable Care Act (PPACA) Public Law 111‐152
S12 Ohio Healthcare Coverage and Quality Council (HCCQC)
The HCCQC is a public‐private partnership designed to improve the coverage, cost, and quality of Ohio’s health insurance and health care system. Part of the council’s focus will require expertise in health information technology and exchange.
http://www.hccqc.ohio.gov/Pages/default.aspx
ODI Ohio Revised Code § 3923.90
S13 Ohio Medicaid Information Technology System (MITS)
Ohio’s Medicaid agency is implementing a new claims adjudication system that will allow Ohio’s Medicaid Program to be better aligned with the federal guidelines for the Medicaid Information Technology Architecture (MITA).
http://www.jfs.ohio.gov/mits/.
ODJFS Ohio Revised Code § 5111.091
S14 Health Information Technology Regional
This grant program establishes Health Information Technology Regional Extension Centers (Regional Extension Centers) that will offer technical assistance, guidance
http://healthit.hhs.gov/portal/server.pt?open=512&objID=14
HHS‐ONC OHIP was awarded this grant for 77 of the 88 counties in Ohio. HealthBridge
Appendix A - Health IT Regulatory, Certification and Other Standard References
Revised 11/29/2010 A20
21
3760974v5
# Name Brief Description Web Link Issued By Regulatory Reference Comments
Extension Center Program
and information on best practices to support and accelerate health care providers’ efforts to become meaningful users of Electronic Health Records (EHRs).
95&parentname=CommunityPage&parentid=58&mode=2&in_hi_userid=11113&cached=true
was awarded this grant for the other 11 counties in the Southwestern portion of the State, parts of Northern Kentucky and Southeastern Indiana.
S15 State Health Information Exchange Cooperative Agreement Program
This grant program will support states and/or State Designated Entities (SDEs) in establishing health information exchange (HIE) capacity among health care providers and hospitals in their jurisdictions.
http://healthit.hhs.gov/portal/server.pt?open=512&objID=1336&parentname=CommunityPage&parentid=10&mode=2&in_hi_userid=11113&cached=true
HHS‐ONC Section 13301 of the Health Information Technology for Economic and Clinical Health Act (HITECH) provisions of ARRA
OHIP was awarded this grant for the state of Ohio.
S16 Healthy Ohio Healthy Ohio is a program managed by the Ohio Department of Health (ODH) to improve the health of all Ohioans by creating a better quality of life, assuring a more productive workforce and equipping students for learning about their health, while increasing the efficiency and cost‐effectiveness of medical services.
http://healthyohioprogram.org/
ODH n/a
S17 State HIE Program Information Notice – July 2010
In July 2010, ONC issued a Program Information Notice (PIN) to recipients of the State Health Information exchange Cooperative Agreement containing additional guidance about the requirements and recommendations for statewide HIEs.
http://statehieresources.org/wp‐content/uploads/2010/07/Program‐Information‐Notice‐to‐
ONC
Appendix A - Health IT Regulatory, Certification and Other Standard References
Revised 11/29/2010 A21
22
3760974v5
# Name Brief Description Web Link Issued By Regulatory Reference Comments
States‐for‐HTML_7‐6_1028AM.htm
Appendix A - Health IT Regulatory, Certification and Other Standard References
Revised 11/29/2010 A22
Page 1
OHIP Environmental Scan V2OHIP Environmental Scan V2OHIP Environmental Scan V2OHIP Environmental Scan V2
Instructions for Completing the Survey
Step 1: Make certain you are the right person to answer the survey. The appropriate survey respondent is the practice manager or someone else
who has knowledge of both clinical operations and health information technology. If you do not think you are the right person to respond, then
please forward the survey link to the correct person and exit the survey. As you take the survey, keep in mind that you are answering the
questions on behalf of your practice/hospital.
Step 2: As you take the survey, you will see PREV and NEXT buttons at the bottom of each page. Press NEXT when you are ready to move to
the next question. If you need to go back and review or change a response, just click on the PREV button. You do not have to complete the
survey all at one time. You can answer some questions, exit the survey, and return to complete the survey at a later time. However, you must
complete the survey on the same computer. In fact, the computer you are using can be used to complete one survey only.
Step 3: When you are finished, click DONE at the end of the survey. Keep in mind that once you do this, you will not be able to re-enter the
survey.
QUESTIONS?
If at any time you have questions or need more definition of terms, please email [email protected].
1. Please identify what type of entity you are:
2. If you are a physician or responding for a medical practice, please indicate your
specialty:
3. Please identify the number of PHYSICIANS that are covered in your response to this
survey:
Instructions
Survey Respondant
6
6
Physician Office
nmlkj
Rural Hospital
nmlkj
Critical Access Hospital
nmlkj
Acute Care Hospital
nmlkj
Hospital Other (please indicate type below)
nmlkj
Behavioral Health Clinic
nmlkj
Federally Qualified Health Center
nmlkj
If Other, please identify
nmlkj
Appendix B - 2010 EHR/HIE Survey Tool
B1
Page 2
OHIP Environmental Scan V2OHIP Environmental Scan V2OHIP Environmental Scan V2OHIP Environmental Scan V24. Please identify the number of NON-PHYSICIAN PROVIDERS (e.g., PA, NP, or NM) that
are covered in your response to this survey:
5. Please provide the following information about your entity:
6. Please specify your county:
7. Survey responder/survey contact (who is filling out the survey?):
8. Are any of the physicians in your practice/hospital anticipating on applying for
Medicare or Medicaid incentive payments for adopting health information technology?
EHR Section I: General Questions
DEFINITION OF AN EHR: An EHR is an electronic record of health-related information on an individual that conforms to nationally recognized
interoperability standards and that can be created, managed, and consulted by authorized clinicians and staff across more than one health
care organization.
6
Name/Organization
National Provider Identifier (either individual or Type 2
for groups)
Address
City
Zip Code
Business Affiliation w/ Another Organization
6
Best Method to Contact You
Name
Title
Email Address
Phone Number
Medicare and Medicaid Incentive Payments
Electronic Health Record (EHR) Questions
Yes - Medicare
nmlkj
Yes - Medicaid
nmlkj
Yes - But not sure whether applying for Medicare or Medicaid
nmlkj
No
nmlkj
Not Sure
nmlkj
Appendix B - 2010 EHR/HIE Survey Tool
B2
Page 3
OHIP Environmental Scan V2OHIP Environmental Scan V2OHIP Environmental Scan V2OHIP Environmental Scan V29. Which statement best describes your entity's EHR system?
EHR Section 2: Please Identify Your EHR System
The drop-down list below contains a list of CCHIT certified EHR system. The list contains the some of the most prevalent systems across the
state, but does not contain all certified systems.
10. Please select your entity's EHR system from the drop-down list below:
EHR Section 3: CCHIT Certified EHRs
This page addresses CCHIT CERTIFIED EHRs.
11. What year did your entity COMPLETE installation of your current EHR system?
EHR Section 4: Non-CCHIT Certified EHRs
Electronic Health Record (EHR) Questions
6
Electronic Health Record (EHR) Questions
Electronic Health Record (EHR) Questions
We do not have a practice management or EHR system
nmlkj
We are using a practice management system but no clinical EHR component
nmlkj
We have purchased/begun installation of an EHR but are not yet using the system
nmlkj
We have an EHR installed and in use for some of our clinical staff and providers
nmlkj
We have an EHR installed and in all (more than 90%) areas of our practice/clinic
nmlkj
We have used an EHR system in the past, but chose to discontinue its use
nmlkj
Name of CCHIT ceritified EHR not in list
2005 or earlier
nmlkj
2006
nmlkj
2007
nmlkj
2008
nmlkj
2009
nmlkj
2010
nmlkj
Installation in progress
nmlkj
Appendix B - 2010 EHR/HIE Survey Tool
B3
Page 4
OHIP Environmental Scan V2OHIP Environmental Scan V2OHIP Environmental Scan V2OHIP Environmental Scan V2This page addresses EHR systems that are not certified by CCHIT and those not found in the drop-down list from the previous section.
12. What is the name of the main EHR system your entity uses?
13. What is the version of your entity's EHR system?
14. Does your EHR system have the ability to track and record...
EHR Section 5: EHR Use Information
DEFINITIONS
Clinical Staff: Any employee who performs medical duties including nurses, LPNs, physical therapists, etc.
Providers: Physicians, physician assistants, nurse midwives, and nurse practitioners
15. What is the estimated percentage of STAFF currently using your EHR system
routinely?
Yes No Not Sure
providers associated with a patient encounter? nmlkj nmlkj nmlkj
clinical documentation and notes (i.e., progress notes)? nmlkj nmlkj nmlkj
ordered and pending labs? nmlkj nmlkj nmlkj
ordered and pending diagnostic test results (e.g., mammography or other screening tests)? nmlkj nmlkj nmlkj
provider orders (including referrals)? nmlkj nmlkj nmlkj
external documents (e.g., advanced directives or history and physicals)? nmlkj nmlkj nmlkj
Electronic Health Record (EHR) Questions
We use paper charts only
nmlkj
Less than 25% of all staff
nmlkj
25-50% of all staff
nmlkj
51-90% of all staff
nmlkj
Greater than 90% of all staff
nmlkj
Not Sure
nmlkj
Appendix B - 2010 EHR/HIE Survey Tool
B4
Page 5
OHIP Environmental Scan V2OHIP Environmental Scan V2OHIP Environmental Scan V2OHIP Environmental Scan V216. What is the estimated percentage of PROVIDERS (physicians and other providers)
currently using your EHR sytem routinely?
17. Which phrase best describes your entity's use of paper charts for patient
information tracking?
HIE Section I: General Questions
18. Does your entity use a primary information exchange network to exchange clinical
data between your EHR and other providers, hospitals, payors, etc., such as a hospital-
based network, university-based network or regional health information organization
(RHIO) and what type of arrangement is it? (select all that apply)
Health Information Exchange (HIE) Questions
We use only paper charts
nmlkj
Less than 25% of all staff
nmlkj
25-50% of all staff
nmlkj
51-90% of all staff
nmlkj
Greater than 90% of all staff
nmlkj
Not Sure
nmlkj
We do not maintain paper charts - we are entirely paperless
nmlkj
We maintain paper charts, but the EHR is the most accurate and complete source of patient information
nmlkj
We document all patient data in both paper charts and the EHR system
nmlkj
We primarily use paper charts, but maintain electronic records for come clinical information
nmlkj
Not sure
nmlkj
Yes - We exchange clinical data using a hospital-based network
nmlkj
Yes - We exchange clinical data using a university-based network
nmlkj
Yes - We exchange clinical data through a regional Health Information Organization (e.g., HealthBridge, CCHIE, OneCommunity)
nmlkj
Yes - We use a third party vendor or clearinghouse exchange service (i.e., RxHub)
nmlkj
No - We DO NOT exchange clinical data
nmlkj
Not Sure
nmlkj
If Yes, please specify the name of the network or entity who operates the network
Appendix B - 2010 EHR/HIE Survey Tool
B5
Page 6
OHIP Environmental Scan V2OHIP Environmental Scan V2OHIP Environmental Scan V2OHIP Environmental Scan V219. What are your largest challenges related to secure information exchange with
outside organizations? (select all that apply)
HIE Section 2: Electronic Prescribing (ePrescribing)
Definition
ePrescribing: Based upon the definition provided by HHS through ARRA/HITECH grants, ePrescribing includes drug-to-drug checking,
electronic routing of prescriptions to a Pharmacy, and the inclusion of formulary information for cost decisions.
20. Does your entity use ePrescribing for a majority of prescriptions?
HIE Section 2: Electronic Prescriptions [ePrescribing] (continued)
21. What EHR system or software does your entity use to ePrescribe?
22. Is this software certified by the Ohio Board of Pharmacy?
Health Information Exchange (HIE) Questions
Health Information Exchange (HIE) Questions
Unclear value on investment (VOI) or return on investment (ROI)
gfedc
Subscription rates for exchange services are too high
gfedc
Competing priorities
gfedc
Access to technical support or expertise
gfedc
Lack of integration with EHR
gfedc
Insufficient information on options available
gfedc
HIPAA, privacy or legal concerns
gfedc
Other (please specify)
gfedc
Yes
nmlkj
No
nmlkj
Not Sure
nmlkj
Yes
nmlkj
No
nmlkj
Not Sure
nmlkj
Appendix B - 2010 EHR/HIE Survey Tool
B6
Page 7
OHIP Environmental Scan V2OHIP Environmental Scan V2OHIP Environmental Scan V2OHIP Environmental Scan V2
HIE Section 3: Electronic Lab Results
23. Do you electronically receive or send LAB RESULTS?
HIE Section 3: Electronic Lab Results (continued)
24. What exchange format is used to exchange LAB RESULTS?
HIE Section 4: Electronic Lab Orders
25. Do you electronically send LAB ORDERS?
Health Information Exchange (HIE) Questions
Health Information Exchange (HIE) Questions
Health Information Exchange (HIE) Questions
Health Information Exchange (HIE) Questions
Send
nmlkj
Receive
nmlkj
Both
nmlkj
Neither
nmlkj
Not Sure
nmlkj
If Yes, what health information network is used?
Direct integration w/ EHR system
nmlkj
Lab Vendor Web Portal
nmlkj
Health Information Exchange Web Portal
nmlkj
nmlkj
Fax
nmlkj
Yes
nmlkj
No
nmlkj
Not Sure
nmlkj
If Yes, what health information network is used?
Appendix B - 2010 EHR/HIE Survey Tool
B7
Page 8
OHIP Environmental Scan V2OHIP Environmental Scan V2OHIP Environmental Scan V2OHIP Environmental Scan V2HIE Section 4: Electronic Lab Orders (continued)
26. What is used to exchange LAB ORDERS?
HIE Section 5: Eligibility and Claims Submission
27. Does your entity routinely check insurance ELIGIBILITY electronically?
HIE Section 5: Eligibility and Claims Submission (continued)
28. What is used to verify ELIGIBILITY INFORMATION?
Health Information Exchange (HIE) Questions
Health Information Exchange (HIE) Questions
Direct integration w/ EHR system
nmlkj
Web Portal
nmlkj
nmlkj
Fax
nmlkj
Yes - For 80% or more of patients
nmlkj
Yes - For fewer than 80% of patients
nmlkj
No - We do not have this function or it is turned off
nmlkj
Not Sure
nmlkj
If applicable, please identify the clearinghouse or billing service used.
Direct integration w/ EHR system
nmlkj
Web Portal
nmlkj
nmlkj
Fax
nmlkj
Appendix B - 2010 EHR/HIE Survey Tool
B8
Page 9
OHIP Environmental Scan V2OHIP Environmental Scan V2OHIP Environmental Scan V2OHIP Environmental Scan V229. Does your entity routinely file CLAIMS electronically for patients?
HIE Section 6: Clinical Summary Records and Patient Reminders
30. Does your entity exchange CLINICAL SUMMARY RECORDS?
HIE Section 6: Clinical Summary Records and Patient Reminders (continued)
31. What exchange format is used to exchange CLINICAL SUMMARY RECORDS?
HIE Section 8: Immunization Data
Health Information Exchange (HIE) Questions
Health Information Exchange (HIE) Questions
Health Information Exchange (HIE) Questions
Yes - For 80% or more of patients
nmlkj
Yes - For fewer than 80% of patients
nmlkj
No - We do not have this function or it is turned off
nmlkj
Not Sure
nmlkj
If applicable, please identify the clearinghouse, billing service or software used.
Yes
nmlkj
No
nmlkj
Not Sure
nmlkj
If Yes, what health information network is used?
Direct integration w/ EHR system
nmlkj
Unstructured textual document
nmlkj
Web Portal
nmlkj
nmlkj
Fax
nmlkj
Appendix B - 2010 EHR/HIE Survey Tool
B9
Page 10
OHIP Environmental Scan V2OHIP Environmental Scan V2OHIP Environmental Scan V2OHIP Environmental Scan V232. Does your entity transmit IMMUNIZATION DATA?
HIE Section 8: Immunization Data (continued)
33. What format is used to transmit IMMUNIZATION DATA?
HIE Section 9: Reportable Lab Results
34. For public health reporting, does your entity transmit REPORTABLE LAB RESULTS
electronically?
HIE Section 9: Reportable Lab Results (continued)
Health Information Exchange (HIE) Questions
Health Information Exchange (HIE) Questions
Health Information Exchange (HIE) Questions
Yes
nmlkj
No
nmlkj
Not Sure
nmlkj
If Yes, what health information network is used?
Direct integration w/ EHR system
nmlkj
Web Portal
nmlkj
nmlkj
Fax
nmlkj
Paper
nmlkj
Yes
nmlkj
No
nmlkj
Not Sure
nmlkj
If Yes, what health information network is used?
Appendix B - 2010 EHR/HIE Survey Tool
B10
Page 11
OHIP Environmental Scan V2OHIP Environmental Scan V2OHIP Environmental Scan V2OHIP Environmental Scan V235. What is used to transmit REPORTABLE LAB RESULTS?
36. Are there other services (not listed) that you either are doing in a health information
exchange or would like to do (e.g., electronic referrals, disease registry submissions,
etc.)? Please specify:
Thank you for taking the time to fill out this survey. Your assistance is appreciated!
End
55
66
Direct integration w/ EHR system
nmlkj
Web Portal
nmlkj
nmlkj
Fax
nmlkj
Appendix B - 2010 EHR/HIE Survey Tool
B11
Northeast Central Ohio Regional Extension Center (NECO REC) Marianne Lorini Akron Regional Hospital Association 3200 West Market St., Ste. 200 Akron, OH 44333 330-873-1500 [email protected]
Northeast Central Ohio Regional Extension Center (NECO REC) Kathy Dellinger Akron Regional Hospital Association 3200 West Market St., Ste. 200 Akron, OH 44333 330.873.1500 [email protected]
Case Western Reserve University (CWRU) Joseph Peter Case Western Reserve University 10900 Euclid Ave, BRB109 Cleveland, OH 44106-4961 216-368-5756 [email protected]
Case Western Reserve University (CWRU) Julie Rehm Case Western Reserve University 10900 Euclid Ave BRB 109 Cleveland, OH 44106-4961 216-368-6070 [email protected]
Central Ohio Health Information Exchange (COHIE) Matthew Esker COHIE 155 E. Broad St. 23rd Floor Columbus, OH 43215 614-358-2710 [email protected]
Central Ohio Health Information Exchange (COHIE) Michael Krouse OhioHealth 755 Thomas Ln Columbus, OH 43214 614-566-4484 [email protected]
Dayton West Central Ohio Regional Extension Center (DWCO REC) Bryan Beer Greater Dayton Area Hospital Association 2 Riverplace Dr Ste 400 Dayton, OH 45405 937-424-2361 [email protected]
Dayton West Central Ohio Regional Extension Center (DWCO REC) Marty Larson CCHIE 1150 E Home Rd Springfield, OH 45503-2726 937.271.2343 [email protected]
Northwest Ohio Regional Extension Center (NOREC) Jan Ruma Hospital Council of NWOhio 3231 Central Park West #200 Toledo, OH 43617 419-842-0800 [email protected]
Northwest Ohio Regional Extension Center (NOREC) W Scott Fry 419.842.0800 [email protected]
Northeast Ohio Health Connect (NEOHC) Gina Pastella NEOHF 141 Boardman-Canfield Rd Boardman, OH 44512 330-965-1787 x 7143 [email protected]
Northeast Ohio Health Connect (NEOHC) Mike Seiser Humility of Mary Health Partners 250 Federal Plaza E, 2nd Floor Youngstown, OH 44503 330-884-6616 [email protected]
Ohio University Appalachian Health Information Exchange (OU) Shane Gilkey Ohio University 105 Research & Technology Bldg Athens, OH 45701 740.593.0378
Ohio University Appalachian Health Information Exchange (OU) Brian Phillips Ohio University College of Osteopathic Medicine 383 Building 20 Athens, OH 45701 740-593-2170
Appendix C - OHIP Regional Partners
C1
Regional Extension Center: Request for Proposal For EHR Comprehensive Products
OHIP
4/16/2010
The Ohio Health Information Partnership (OHIP) is seeking responses regarding electronic health record (EHR) ambulatory systems that can be used in physician and other health care provider office settings.
Appendix D - EHR Request for Proposal (RFP)
D1
Table of Contents
I. Summary ............................................................................................................... 3 II. Dates and Schedule of Events .............................................................................. 3 III. RFP Instructions .................................................................................................... 3
a. Hyperlinks and Electronic Attachments .............................................................. 4 b. Questions ........................................................................................................ 4
IV. Background ........................................................................................................... 4 V. Reference Documents ........................................................................................... 5 VI. General Terms and Conditions .............................................................................. 5
Appendix A: Request for Proposal for HER Comprehensive Products .................. 7 I. Organizational Information .................................................................................... 7 II. Name and Version # of Product ............................................................................ 8 III. Ohio Installations ................................................................................................... 8 IV. Interfaces ............................................................................................................... 8 V. Financial Information ............................................................................................. 9 VI. Minimum Requirements ............................................................................................ 9 VII. Meaningful Use Criteria ....................................................................................... 10 VIII. Pricing ........................................................................................................... 13
a. Cost Estimate ................................................................................................... 14 IX. Financial Options ................................................................................................. 15 X. Client References ................................................................................................ 15
Appendix B: Contract Terms and Conditions .......................................................... 16 I. Products .............................................................................................................. 16 II. Fees .................................................................................................................... 16 III. Implementation .................................................................................................... 18 IV. Equipment ........................................................................................................... 20 V. Warranties ........................................................................................................... 20 VI. Third Party Products ............................................................................................ 22 VII. Support ................................................................................................................ 22 VIII. Confidentiality ............................................................................................... 24 IX. Term/Termination ................................................................................................ 24 X. General ................................................................................................................ 25
Appendix C: Preferred Vendor Agreement .............................................................. 28 1. Responsibilities and Warranties of Vendor .......................................................... 28 2. Role of OHIP ....................................................................................................... 30 3. Administrative Fee ............................................................................................... 31 4. Confidentiality ...................................................................................................... 31 5. Limitation of Liability, Insurance and Indemnification .......................................... 32 6. Term and Termination ......................................................................................... 33 7. General Provisions .............................................................................................. 33
Appendix D: Regional Partners and Geographic Distribution of Regions ............ 35 I. Regional Partners ................................................................................................ 35 II. Geographic Distribution Map by County .............................................................. 37
Appendix D - EHR Request for Proposal (RFP)
D2
I. Summary The Ohio Health Information Partnership (OHIP) is seeking responses regarding electronic health record (EHR) ambulatory systems that can be used in physician and other health care provider office settings. This Request for Proposal (RFP) addresses OHIP’s mission to advance the adoption, implementation and meaningful use of health IT among health care providers to improve the safety, quality, accessibility, availability and efficiency of health care for the citizens of Ohio. As the state-designated entity for Ohio’s statewide health information exchange, OHIP is seeking vendors whose products are capable of bringing providers to meaningful use in a cost efficient and effective manner. It is OHIP’s intent to contract with a number of vendors that can be designated as high quality and reasonable cost vendors to act as the front line for electronic health record adoption in Ohio. OHIP views the selection of these vendors as part of the overall process in Ohio to create an effective electronic health records system. That system will be accessible to both the individual and to his or her physician, hospital and other health care providers. To assist EHR vendors in providing IT support to their clients in this state, Ohio is moving ahead quickly to establish IT educational certification programs linked to recognized vendor products. The first IT support personnel certified by Ohio’s community colleges and universities should be available for hiring by early fall, 2010. It is the hope that such educational programs will allow the vendors, OHIP and OHIP’s regional partners to provide in-depth support for products selected as OHIP’s recognized vendor solutions. As a part of the qualifying process, respondents may be asked to provide a demonstration of their proposed solutions.
II. Dates and Schedule of Events Responses must be submitted electronically to OHIP on or before 5:00 PM ET, May 17, 2010.
Event Date OHIP releases RFP April 16, 2010 Vendor questions due by close of business April 23, 2010 Vendor RFP responses due by close of business May 17, 2010 Notification of RFP awards May 31, 2010
III. RFP Instructions Appendix A contains the general RFP information which must be submitted. Appendix B is a list of proposed terms and conditions to be included in the vendor/provider contracts for any preferred OHIP EHR vendors. Vendors are asked to review these terms and conditions and, if acceptable or acceptable with modification, reference them to the vendor’s current provider contract terms. Appendix C is a Preferred Vendor Agreement to be executed between vendor and OHIP. All three Appendices must be completed for a vendor to be considered in the RFP process. Appendix D is a list of OHIP’s regional partners and their geographic territories so vendors will be aware of what entities will be providing support for EHR assessment, installation and service.
Appendix D - EHR Request for Proposal (RFP)
D3
Please note the following when submitting your RFP response:
Responders must submit information in a Word document to [email protected] and are encouraged to review all reference documents before submission.
Responses are saved based on the e-mail address of the responder. If you need to collaborate with colleagues before submission, use Appendix A of this document to collect and organize responses in advance.
Responses and all related attachments should not exceed a total of 50 pages. Verification of receipt of your submitted RFP will be emailed to your RFP contact within two
business days of receipt.
a. Hyperlinks and Electronic Attachments If hyperlinks or other electronic documents are to be provided, please include the links and/or
name of the documents in the response under the question to which they pertain. To email electronic document attachments, please email them to [email protected] and
place “OHIP EHR RFP Response Attachment” in the subject line.
b. Questions If you have questions regarding the RFP, please email them to [email protected] and
place “OHIP EHR RFP Question” in the subject line. Answers to questions will be made available to all vendors through OHIP’s website at
http://ohiponline.org/ehr_rfp_faqs.aspx. Questions must be submitted by close of business on April 23, 2010. We ask that you keep your questions brief and specific to the RFP.
IV. Background OHIP is a newly formed non-profit organization whose initial board members include representatives from BioOhio, the State of Ohio, the Ohio State Medical Association, the Ohio Osteopathic Association and the Ohio Hospital Association. OHIP’s board has been expanded to include representation from the business community, consumers, payers, behavioral health providers, hospitals, physician providers and Federally Qualified Health Centers (FQHCs). In September 2009, OHIP was designated by the State of Ohio as the authorized non-profit entity to submit an application for the American Recovery and Reinvestment Act (ARRA) State Grant to Promote Health Information Technology Planning and Implementation. At that time, OHIP decided also to submit a bid for the development of a statewide regional extension center (REC) to support the provider adoption of EHR. In November 2009, OHIP submitted the application (FOA # EP-HIT-09-003) to serve as the statewide Regional Extension Center (REC) under the ARRA Health Information Technology Extension Program. On February 8, 2010, OHIP was notified of its award (Grant Award No. 90RC0012/01) as a statewide REC with overlapping responsibilities for the 11 Ohio counties also covered by HealthBridge in its REC award. OHIP’s model for providing REC services includes partnering with regional entities (“Regional Partners”) around the state to provide many of the services necessary for successfully implementing EHR in a meaningful way. The services that will be provided by both OHIP and the Regional Partners are listed in the REC Project Abstract and Narrative. On March 9, 2010, OHIP designated 7 such groups to be regional entities. These regional partners are listed in Appendix D along with a map of the regions.
Appendix D - EHR Request for Proposal (RFP)
D4
This RFP is being issued to enhance the role that OHIP and its regional partners can play in bringing physicians and other providers to meaningful use of electronic health records.
V. Reference Documents It is recommended that responders review the following documents or websites before submitting RFP responses:
Document Location OHIP REC Project Abstract and Narrative http://ohiponline.org/ohip.hierfi.rec.abstract.narrativ
e.pdf OHIP Regional REC Partners Appendix D OHIP Main Website (News) http://www.ohiponline.org/ Ohio Health Care Coverage and Quality Council Website
http://www.healthcarereform.ohio.gov
VI. General Terms and Conditions
1. This RFP process is solely for OHIP’s benefit and is only intended to provide information to OHIP. The issuance of this RFP does not imply an offer to do business with any respondent. The RFP is designed to provide respondents with the information necessary for the preparation of informative responses.
2. OHIP reserves the right not to review or otherwise to reject, in whole or in part and at any time, any or all responses received in response to this RFP. Issuance of the RFP in no way constitutes a commitment by OHIP to award any contract for the goods and services described in the RFP.
3. OHIP is subject to strict accountability and reporting requirements as a recipient of funds from public sources. Any response or other information submitted by a respondent to OHIP is subject to disclosure by OHIP as required by law, including but not limited to, the American Recovery and Reinvestment Act of 2009 (Public Law 111-5). OHIP makes no agreements or representations of any kind, and expressly disclaims any requirement to maintain the confidentiality of any information provided by respondent in response to this RFP. All material and information provided to OHIP in response to this RFP shall upon receipt become the property of OHIP and will not be returned.
4. By submitting a response, the respondent agrees that OHIP may copy the response for purposes of facilitating OHIP’s review or use of the information. The respondent represents that such copying will not violate any copyright, license or other agreement with respect to the materials submitted.
5. Ohio has laws which restrict the gifts which may be given or received by state employees and require certain individuals to disclose information concerning their activities with state government. By submission of a response, respondent certifies that respondent has not paid or agreed to pay to any employee, official or current contracting consultant of OHIP any fee, commission or any other thing of value that is in any way contingent upon OHIP contracting with respondent.
6. OHIP reserves the right to modify this RFP at any time. OHIP reserves the right to contact respondents after the submission of responses for the purpose of clarifying any response. Respondent understands that any and all information provided in response to the RFP is subject to validation. By submitting a response each respondent agrees that it will not bring any claim or have any cause of action against OHIP, or any agent of OHIP or the State of Ohio, based on any
Appendix D - EHR Request for Proposal (RFP)
D5
6 | P a g e
misunderstanding concerning the information provided in the RFP or concerning OHIP’s failure, negligent or otherwise, to provide the respondent with pertinent information as intended by this RFP.
7. OHIP is not responsible for any costs incurred by a respondent which are related to the preparation or delivery of the response or any other activities of respondent related to this RFP.
8. The laws of the State of Ohio and the United States of America shall apply to and govern the interpretation, validity and effect of this RFP. OHIP contractors and subcontractors may be subject to federal or state laws or regulations applicable to recipients of funds from public sources. Respondents are responsible for determining the applicability of these laws to their activities and for complying with applicable requirements.
9. OHIP will not be responding to phone or email inquiries about the selection process or identifying vendors still under consideration, or releasing information about the proposals or results until contracts for the EHR RFP have been awarded, and OHIP determines, in its sole discretion, that the release of such information will not unduly prejudice this or future RFP processes.
Appendix D - EHR Request for Proposal (RFP)
D6
Appendix A: Request for Proposal for EHR Comprehensive Products
I. Organizational Information
Company Information Company Name Address Phone Number Company Web Site Company Contacts Business Contact Name Title Phone Number eMail Address Technical Contact Name Title Phone Number eMail Address Structure of Business EHR employees (Total) Within Ohio: Outside of Ohio:
# of EHR employees in sales and marketing Within Ohio: Outside of Ohio: # of EHR employees in product development Within Ohio: Outside of Ohio: # of EHR employees in implementation/ training
Within Ohio: Outside of Ohio:
# of EHR employees in product support Within Ohio: Outside of Ohio: # of EHR employees in administrative roles Within Ohio: Outside of Ohio:
Installations # of new EHR installations over the last 3 years Within Ohio: Outside of Ohio: # of new EHR users over last three years Within Ohio: Outside of Ohio:
# EHR installations by practice size Small (1-4 physicians):
Medium (5-9 physicians)
Large (10+ physicians):
Total # of Ohio installations Small (1-4 physicians):
Medium (5-9 physicians)
Large (10+ physicians):
Total # of Ohio users Small (1-4 physicians):
Medium (5-9 physicians)
Large (10+ physicians):
Total # of EHR installations nationally Small (1-4 physicians):
Medium (5-9 physicians)
Large (10+ physicians):
Resource Availability # of state EHR installation initiatives (other than the Ohio REC) in which the vendor is participating or has submitted a proposal
Appendix D - EHR Request for Proposal (RFP)
D7
II. Name and Version # of Product The name and version number of the product that is the subject of this RFP. NOTE: Separate RFPs must be completed for each product requested for consideration.
Name of Product Version Number
III. Ohio Installations
Type of Organization List Two (2) Organizations in Each Category
Product and Modules Installed (EHR, CPOE, eRX, CDS, Other)
Tertiary Hospitals Community Health Centers Large Group Practices (10+ Physicians
Small/Solo Practices (< 10 Physicians)
Behavioral Health Facilities
IV. Interfaces List all EHR products (generally) or Health Information Exchanges (HIEs) specifically within Ohio to which this version of your product successfully interfaces:
EHR Product or HIE Location in Ohio with Established Interface
Appendix D - EHR Request for Proposal (RFP)
D8
V. Financial Information
Financial Information for FY 07, 08 and 09 Total Annual Revenue (by year):
Revenue from EHR products or services:
EHR Revenue per EHR employee: % of EHR Revenue spent on R&D:
Revenue from other products or services Cash: Net Income: Net Margin %: Total Assets: Total Liabilities:
CAGR - Compound Annual Growth Rate FTE Growth (annual, previous FY) Publicly traded: Yes / No Symbol: Private: Yes / No Investors: Ownership structure ( specify who is the owner and what is the % ownership)
Do you currently send aggregated de-identified data to anyone?
VI. Minimum Requirements In order to qualify to participate in the selection process, an EHR vendor must meet a minimum set of requirements. The following narrative describes the minimum set of vendor and system capabilities a potential vendor must possess to be considered. Specify if you meet the requirement and if you do not meet a specific requirement please indicate your plans and timetable to meet it.
1. CCHIT 2011 certification or at least:
a. Preliminary ARRA 2011 Certification (modular certification limited to security, privacy and interoperability)
b. If not CCHIT 2011 or Preliminary ARRA 2011 certified please specify your expected timeframe
c. CCHIT 2008 or 2009 outpatient certified
2. Must use the following EHR standards: ICD9/10, LOINC, CPT, HCPCS, SNOWMED-CT, and nationally available medication terminology
3. Interoperability with state of Ohio HIE, as developed by OHIP.
4. Generates as well as accepts HL7 Continuity of Care Documents as structured data (not images)
5. Compliance with meaningful use criteria, as specified below.
6. Compliance with HIPAA Privacy and Security Rules and other regulatory requirements [The Joint Commission (TJC), Center for Medicare and Medicaid Services (CMS), NHIN protocols, Ohio Board of Pharmacy e-prescribing and other applicable requirements and other state and local laws]
Appendix D - EHR Request for Proposal (RFP)
D9
7. Compliance with fair data sharing practices set forth in the Nationwide Privacy and Security Framework
8. Role-based access controls
9. Ability to flag or otherwise identify sensitive diagnosis by ICD-9, CPT-4 or other codes (give timeline for software upgrade for ICD-10 or plans for adoption).
10. Ability to track and report 2011 Meaningful Use quality metrics.
11. Ability to configure security features (such as password policy, lockouts, timeouts, etc.).
12. Must provide a complete solution covering all of the following system functions: EHR, Practice Management (including scheduling), Billing, Clinical Decision Support, Patient Portal, e-Prescribing, Laboratory Interfaces. Partnering with a vendor offering any of this functionality which may not be part of the core EHR is permissible.
13. System in-use by 300+ providers nationwide.
14. Local support office in Ohio or willingness to establish a local presence in Ohio to assist in the EHR implementation efforts of regional REC partners.
15. If selected as an OHIP vendor, must supply a formal training plan with estimated time table that supports timely implementation of EHR products.
16. Must guarantee Go-Live dates, and must agree to compensate providers for failure to meet such guarantee.
17. Vendor must agree to establish a reasonable price for ongoing support at a rate that will encourage continued use of an EHR system.
VII. Meaningful Use Criteria Although the definition of “meaningful use,” as specified in the rule proposed on January 13, 2010 by the Office of the National Coordinator (ONC) of the HHS, is subject to change in the final rule, the categories are spelled out. This RFP is designed to establish the ability of EHR systems to meet the 2011 provider objectives and the 2011 ambulatory measures in the meaningful use rule. If the proposed rule is modified before the RFP awards, vendors will be given the opportunity to comment on their ability to meet the updated definition.
Comment briefly on your system’s ability to meet the following criteria:
I. System Capabilities for Providers to Meet Stage 1 of Meaningful Use
a. Ability to support CPOE (requires computer-based entry by providers of orders (meds, lab, procedure, diagnostic imaging, immunization, referral) but electronic interfaces to receiving entities not required in 2011
b. Ability to support drug-drug, drug-allergy, drug-formulary checks
c. Ability to support maintenance of up-to-date problem list of current and active diagnoses based on ICD-9 or SNOMED
d. Ability to generate and transmit permissible prescriptions electronically (eRX)
e. Ability to support maintenance of active medication list
f. Ability to record demographics including: preferred language, insurance type, gender, race and ethnicity
g. Ability to record vital signs including: height, weight, BP
h. Ability to record smoking status
Appendix D - EHR Request for Proposal (RFP)
D10
i. Ability to calculate and display both adult and pediatric BMI
j. Ability to incorporate lab-test results into EHR as structured data
k. Ability to generate lists of patients by specific condition to use for quality improvement, reduction of disparities and outreach
l. Ability to report ambulatory quality measures to CMS
m. Ability to send reminders to patients per patient preference for preventive/follow up care
n. Support the implementation of five clinical decision support rules relevant to specialty or high clinical priority
o. Ability to check insurance eligibility electronically from public and private payers
p. Ability to submit claims electronically to public and private payers
q. Ability to provide patients with an electronic copy of their health information (including diagnostic test results, problem list, medication lists, allergies) upon request
r. Ability to provide clinical summaries for patients for each office visit
s. Ability to exchange key clinical information (e.g., problem list, medication list, allergies, diagnostic test results) among providers of care and patient authorized entities electronically (HIE capability and demonstrated exchange to be further specified by HIE WG of HIT Policy Committee)
t. Ability to perform medication reconciliation at relevant encounters and each transition of care
u. Ability to submit electronic data to immunization registries and actual submission where required and accepted
v. Ability to provide electronic syndromic surveillance data to public health agencies and actual transmission according to applicable law and practice
w. Ability to protect electronic health information created or maintained by the certified EHR technology through the implementation of appropriate technical capabilities
II. 2011 Measures
Report the following quality measures to an outside entity (electronic interfaces to receiving entities not required in 2011)
a. % diabetics with A1c under control
b. % of patients with LDL under control
c. % of patients screened for tobacco use
d. % of smokers who received advice to quit smoking
e. % of patients with a calculated BMI index
f. % of patients receiving asthma assessment
g. % of patients with recorded blood pressure
h. Use of high-risk medications (Re: Beers criteria) in the elderly
i. % of patients over 50 with annual colorectal cancer screening
j. % of females over 40 receiving mammogram within 24 months
k. % of females 18 – 64 years receiving PAP test for cervical cancer screening within 24 months
Appendix D - EHR Request for Proposal (RFP)
D11
l. % of patients at high-risk for cardiac events on aspirin prophylaxis
m. % of patients over 50 who received an influenza immunization during the flu season
n. % of children aged 3 months to 18 years with URI who were not prescribed or dispensed an antibiotic prescription within 3 days of initial visit
o. % of children aged 2 years to 18 years with a diagnosis of pharyngitis who were prescribed an antibiotic and received a strep test
p. % of patients with low back pain who received imaging studies within 28 days of onset
q. % of adults assessed for drug and alcohol dependence
r. % of orders (for medications, lab test, procedures, radiology and referrals) entered directly by physicians through CPOE
s. % of lab results incorporated into EHR in coded format
t. % of all medications entered into EHR as generic, options exist in the relevant drug class
u. % of orders for high cost imaging services with specific structured indications recorded
v. % claims submitted electronically to all payers
w. % patient encounters with insurance eligibility confirmed
x. % of all patients with access to personal health information electronically
y. % of all patients with access to patient-specific educational resources
z. % of encounters for which clinical summaries were provided
aa. % of encounters where medication reconciliation was performed
bb. % of transitions in care for which summary care record is shared (i.e., electronic, paper, e-Fax)
Stratify reports by gender, insurance type, primary language, race and ethnicity Implemented ability to exchange health information with external clinical entity (specifically labs, care summary and medication lists) Report up-to-date status for childhood immunizations Conduct or update a security risk assessment and implement security updates as necessary
Appendix D - EHR Request for Proposal (RFP)
D12
VIII. Pricing The estimated cost of the EHR solution will be an important factor in determining which vendors will participate in the program. Pricing should be comprehensive and include all hardware, software and services associated with a comprehensive EHR solution. Estimated costs should closely reflect the total implementation costs, including:
Server hardware / software. The vendor must supply or recommend/price a server (or ASP/SaaS) that is configured to support the practice’s patient population and proposed number of users. The server specification must include minimum and recommended hardware configurations, operating system software versions and appropriate tools or utility software to manage/maintain the server environment. The vendor must also provide the growth assumptions that would trigger the need to upgrade or replace the proposed server.
Network infrastructure. The vendor must supply or recommend/price the hardware and software necessary to establish the local area network over which the workstations will communicate with the server and necessary security infrastructure.
Client hardware /software. The vendor must supply hardware recommendations/pricing for physician and administrative staff workstations, including minimum and recommended hardware configurations, and operating system software and versions. In addition, the vendor must supply recommendations/pricing for other desktop devices (e.g., printers, scanners) required by the application and appropriate to offices of these sizes.
Telecommunications/Connectivity services. The vendor must identify and price the telecommunications or broadband connectivity services required to access any external services and support remote access to the EHR solution.
Application software. The vendor must identify and price the EHR software application including all of the modules and components necessary to achieve the EHR functionality described in other sections of the proposal.
Third party software. The vendor must identify and price any third party software, dictionaries, databases or services required to achieve the EHR functionality described in other sections of the proposal.
Implementation. The vendor must estimate the cost and number of days of consulting, project management, training and other professional services necessary to successfully install the EHR solution in the physician practice. The vendor must also specify the cost of additional professional services if requested by the practice.
Interfaces. The vendor must detail the price to develop and implement each of the required interfaces.
Product maintenance and support. The vendor must specify the price of the product maintenance and technical support services described in the proposal. If maintenance and support are priced separately, please make note of that.
Data conversion. The vendor should estimate the cost and number of days of assistance that will be required to convert key data from the practice’s paper charts. If the practice is converting from a different EHR system, the vendor should estimate the cost to convert data to the vendor’s system.
o Vendors must provide a complete cost estimate for the proposed EHR solution for each proposed practice size. Use the attached chart to list any costs related to installation. Theoretical practice sizes are listed below.
Appendix D - EHR Request for Proposal (RFP)
D13
Proposed Size Large Practice Medium Practice Small Practice
Physician Users 10 5 1
Physician Extenders 15 10 2
Exam Rooms 20 10 2
Patients 20,000 10,000 2,000
Workstations 45 (or 25, plus 10 mobile devices)
25 (or 15, plus 5 mobile devices)
5 (or 3, plus 1 mobile device)
a. Cost Estimate
Practice Size Large Practice Medium Practice Small Practice
Hardware (vendor provided or through 3rd party)
Core software
Optional software
3rd Party Software
Interfaces
Network
Basic services
Additional optional services
First year maintenance and support
Please describe the items included in each category (The table below includes some examples in each category. Complete the list of items included in each).
Hardware Core software
Optional software
3rd Party Software Interfaces Network Basic
services Additional services
First year maintenan
ce and support
Server EMR
License eRx
3rd party software license if
any
Lab Router EHR install
EHR training
Laptop PMS
License
Transcription
PMS install
Appendix D - EHR Request for Proposal (RFP)
D14
IX. Financial Options
The availability of reasonable financing options for providers is a key component to widespread EHR adoption. Please describe financing options that the vendor will make available to providers for either a client- server or SaaS model. Please comment in your response on the following options:
1. Vendor letter of credit with a financial institution for a physician loan guarantee program covering multiple installations. Such program is being established with the assistance of the state of Ohio.
2. Vendor guarantees of individual practice loans from financial institutions for installation of that vendor’s EHR product and related costs.
3. Other Vendor financing options that defer payment of equipment, license, service, support, annual, subscription and any other fees, until the provider achieves meaningful use and begins receiving Medicare or Medicaid incentive payments.
X. Client References Please supply a minimum of three (3) client references. If possible, the client list should encompass different market segments. Organization Name:
Contact Name & Title:
Contact Telephone:
Product(s) Installed:
Organization Name:
Contact Name & Title:
Contact Telephone:
Product(s) Installed:
Organization Name:
Contact Name & Title:
Contact Telephone:
Product(s) Installed:
Organization Name:
Contact Name & Title:
Contact Telephone:
Product(s) Installed:
Appendix D - EHR Request for Proposal (RFP)
D15
Appendix B: Contract Terms and Conditions As part of the process of selecting preferred EHR vendors (“Vendors”) for Ohio providers, OHIP is requesting Vendors to address selected contractual terms and conditions. Completion of this Attachment is required for consideration of the Vendor in the RFP process. Blank or negative responses may result in elimination of the Vendor from further consideration. The Vendor is required to attach a contract template modified to reflect the terminology the Vendor proposes in its response to this Appendix. The terms and conditions the Vendor proposes must be inserted word for word in the response to each of the questions in this Appendix, and cross-referenced to the Vendor’s contract template. OHIP will score the Vendor’s responses based on the wording the Vendor offers. OHIP will assign the highest score if the Vendor accepts OHIP’s provision without modification, no credit if the Vendor refuses to concede anything, and varying credit if the Vendor modifies the provision. Please respond to each question below by circling one of the following designations, and indicate where in the Vendor’s contract template this provision appears:
A = Accept with No material changes
M = Propose modifications in any manner; include proposed language
D = Decline to Accept
I. Products 1.1 Any equipment, software including any and all third party software and any interfaces (collectively “Software”), and other products and services, which are required to achieve effective system functionality and performance, shall be identified by Vendor in a product/cost spreadsheet to be attached to and incorporated in the agreement. Any additional equipment, software, products and services not so specified, but later deemed necessary by the Vendor, shall be provided by the Vendor to Provider at no charge.
_A_ _M_ _D_ 1.2 Unless specifically indicated in the product/cost spreadsheet, Software and other products shall not have a limit on the number of users or concurrent users. _A_ _M_ _D_ 1.,3 The Vendor agrees to provide Provider updated documentation to the equipment, Software and other products, as the same are updated. _A_ _M_ _D_
II. Fees 2.1 All fees shall be identified in the product/cost spreadsheet by line item for each item of equipment, Software, other product or service. _A_ _M_ _D_
Appendix D - EHR Request for Proposal (RFP)
D16
2.2 Payment terms must be tied to the achievement of milestones rather than to the passage of time or specific dates, assuming there is no delay caused by the Provider when it is in the reasonable control of the Provider. Payment terms for Software license and implementation fees will be as follows for each Software module: a. ____% down upon agreement execution; _A_ _M_ _D_ b. ____% upon installation of product on Provider hardware and completion of training and pre-Live Status acceptance testing, as defined in Section 3.13 of this Appendix C; _A_ _M_ _D_ c. ____% upon “Live Status” operations (e.g. systems integration and actual processing of live data); _A_ _M_ _D_ d. ___% upon Acceptance, which shall be defined as the system operating in accordance with the warranties set forth in the agreement and without material error for a period of at least forty-five (45) continuous days. Acceptance shall not occur prior to the first successful month-end reporting process. _A_ _M_ _D_ 2.3 Payment terms for remotely hosted products shall be fifty percent (50%) upon the Provider’s certification of achievement of meaningful use, and fifty percent (50%) due sixty (60) days thereafter. _A_ _M_ _D_ 2.4 Vendor agrees to offer Provider financing options to extend payment for equipment, Software and other products and services until the Provider achieves meaningful use, and to have payment tied to Provider’s receipt of Medicare or Medicaid EHR incentive payments. _A_ _M_ _D_ 2.5 Payment for support and maintenance services shall begin on Acceptance of product, and may be deferred until the Provider achieves meaningful use. _A_ _M_ _D_ 2.6 Any increases in fees, including without limitation license fees, annual fees, hosting fees, support fees, implementation fees and service fees, shall be limited on an annual basis to the lesser of 3% or the percentage change in the Consumer Price Index All Items/Urban Consumers (CPI) for the preceding twelve (12) month period. Vendor agrees there will be no increases in fees during the first 36 months after execution of the agreement. _A_ _M_ _D_ 2.7 “Additional Services” shall not include any implementation services required to install the system. Vendor shall identify any Additional Services in advance to Provider. Charges for Additional Services shall be agreed upon in advance and shall not be assessed without the Provider’s written approval. _A_ _M_ _D_
Appendix D - EHR Request for Proposal (RFP)
D17
2.8 The words “then current rates” or any equivalent terminology shall be deleted from the agreement and replaced with a schedule of the Vendor rates with annual increases capped by the lesser of 3% or CPI. _A_ _M_ _D_ 2.9 There will be no interface fees amongst the Vendor’s own products. The only interface fees that can be charged are the interface fees identified in the product/cost spreadsheet for interfaces to non-Vendor products. _A_ _M_ _D_ 2.10 Interest and late fees may not be imposed on overdue payments except in the case of undisputed charges, which are more than 45 days overdue. The interest rate may not exceed 10% per year. The Provider will not be responsible for the payment of the Vendor’s collection fees, including without limitation attorney’s fees. _A_ _M_ _D_ 2.11 Additional purchases of equipment, software and other products by Provider shall be at the same discounted percentage reflected in the prices on the product/cost spreadsheet. _A_ _M_ _D_ 2.12 The fees quoted will include all interfaces and Vendor services required for the Provider to achieve meaningful use in accordance with federal regulatory standards. _A_ _M_ _D_ 2.13 The fees for customizations shall be reasonable, fixed in amount, and set in advance by mutual agreement of the Provider and Vendor. _A_ _M_ _D_
III. Implementation 3.1 An Implementation Work Plan encompassing all products shall be attached to the agreement which shall identify: (i) detailed tasks; (ii) responsibilities of Provider and Vendor for each task; (iii) timeline/schedules for each task; and (iv) assumptions. _A_ _M_ _D_ 3.2 The implementation services shall address the migration and conversion of existing Provider data to the Vendor’s system, and shall clearly define what data or records will be converted, the cost for conversion, any additional equipment or software requirements needed for the conversion, and the timeline for conversion. _A_ _M_ _D_ 3.3 The implementation services shall include all necessary training to allow the Provider to use the system for the Provider electronic health record and other functions. _A_ _M_ _D_
Appendix D - EHR Request for Proposal (RFP)
D18
3.4 The implementation fees quoted shall be fixed and inclusive of all fees, charges and expenses (including without limitation travel and out-of-pocket expenses), provided that the Provider does not modify the Implementation Work Plan in a manner that increases Vendor’s costs. _A_ _M_ _D_ 3.5 Any changes in implementation services and fees must follow a written change order procedure. All additional services and the fees for additional services must be approved in writing in advance by Provider. _A_ _M_ _D_ 3.6 The Vendor will provide a guaranteed Live Status date for each Software module as part of the Implementation Plan, which shall not exceed eight (8) months after agreement execution. If delays in the Live Status date occur due to the Vendor’s fault or system error, Provider will receive a credit equal to 1% of total implementation fees for each day of delay. If the system has not been accepted as the result of Vendor delay or system error within ninety (90) days after the date scheduled for Live Status in the Implementation Work Plan, Provider may return all items of the system without further obligation to Vendor and shall receive a full refund of all amounts paid to Vendor. _A_ _M_ _D_ 3.7 Vendor shall provide qualified personnel in adequate numbers to maintain the scheduled timeline for each task, as designated in the Implementation Work Plan. _A_ _M_ _D_ 3.8 Provider shall have the right to review the qualifications and references of all implementation staff assigned to Provider’s installation. Provider may refuse the services of any personnel Provider deems to be of insufficient experience. _A_ _M_ _D_ 3.9 Vendor personnel assigned to the implementation shall remain with the project through Acceptance, unless Provider requests replacement or the assigned personnel leaves Vendor’s employment. _A_ _M_ _D_ 3.10 Vendor’s Project Manager shall have at least three (3) successful prior implementations of the proposed system/products as a Project Manager at customer sites comparable to Provider’s site. _A_ _M_ _D_ 3.11 Vendor’s implementation personnel assigned to install Ohio Providers shall work from Vendor offices located in Ohio. _A_ _M_ _D_ 3.12 Vendor will permit Provider to delay implementation of equipment, Software or other products for a period of up to 12 months, provided Provider gives Vendor 60 days advance written notice. _A_ _M_ _D_ 3.13 The parties shall agree upon Acceptance testing standards for each product and the system as a whole, and Vendor shall provide for both a pre-Live Status and post-Live Status product and system
Appendix D - EHR Request for Proposal (RFP)
D19
Acceptance testing periods of not less than 60 days each. Pre-Live Status Acceptance testing shall confirm that each item of equipment, Software and other products has been installed and is functioning in accordance with the warranties of the agreement and without material error. Post-Live Status Acceptance testing shall confirm that each item of equipment, Software and other products is functioning on an integrated basis with the system in accordance with the warranties of the agreement and without material error. _A_ _M_ _D_ 3.14 Vendor shall correct and resolve any and all demonstrated errors or malfunctions of the equipment, Software and other products as part of the implementation services. Acceptance of the system shall not occur until Vendor has resolved all material problems and defects. _A_ _M_ _D_
IV. Equipment 4.1 Hardware and other equipment purchased from or through Vendor shall be new, and not used or refurbished, unless Provider specifically consents to the purchase of used equipment. A reasonable price discount shall be allotted for used equipment. _A_ _M_ _D_ 4.2 Upon payment of the purchase price, Vendor shall deliver to Provider clean title to the equipment free and clear of liens and encumbrances. _A_ _M_ _D_ 4.3 The Provider shall be permitted to purchase any equipment meeting specifications of the Vendor from a third party supplier if the cost is less than that offered by the Vendor for the same equipment. If equipment is purchased from a third party supplier, all response time warranties will apply so long as Provider purchases the equipment recommended by Vendor. _A_ _M_ _D_ 4.4 The Provider shall be permitted to update equipment without incurring additional license, use or support fees. _A_ _M_ _D_
V. Warranties 5.1 The Vendor warrants that it has good title to and the right to license or sell each Software module, item of equipment and other product listed in the product/cost spreadsheet. _A_ _M_ _D_ 5.2 The Vendor warrants that each Software module, item of equipment, and other product shall be free from defect in design and workmanship and shall operate in accordance with the Vendor’s specifications and documentation, which were provided during Provider’s system selection process and attached to the agreement as an exhibit, and in accordance with the Vendor’s written responses to any Provider request for proposal.
Appendix D - EHR Request for Proposal (RFP)
D20
_A_ _M_ _D_ 5.3 The Vendor warrants system response time for 99% of transactions to be less than two (2) seconds for screen to screen and field to field transactions, and less than three (3) seconds for database queries, measured over a two (2) hour period and assuming no concurrent report writing functions. For each Software module, if response times fall below the guaranteed standards, the Vendor will purchase and install at no charge to the Provider the necessary equipment and software to achieve this performance level for the period commencing upon the date of agreement execution through twenty-four (24) months after Live Status. _A_ _M_ _D_ 5.4 The Vendor warrants that the system, Software and other products shall be available for Provider’s use a minimum of ninety-nine percent (99%) of the time as measured over a 24-hour period. In the event that system, Software or product availability falls below 99% due to a Vendor or system problem, Vendor shall provide Provider a credit in the amount of three percent (3%) of total monthly system support and maintenance fees for each failure to meet the system availability warranty. _A_ _M_ _D_ 5.5 The Vendor warrants that the Software, equipment and other products shall comply with, and permit Provider to comply with, all applicable local, state and federal laws and regulations including without limitation the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) security and privacy rules and the Health Information Technology for Economic and Clinical Health Act (“HITECH”) meaningful use rules, the Ohio Board of Pharmacy rules, and with the standards of any applicable accreditation organization. _A_ _M_ _D_ 5.6 The Vendor warrants that any electronic health record Software will be certified as of August 1, 2010, and remain certified during the term of the agreement, as qualifying EHR technology, within the meaning of HITECH, by the certification agency designated by the United States Department of Health and Human Services. _A_ _M_ _D_ 5.7 The Vendor warrants that the Software and other products shall be free from all viruses and worms and shall not contain disabling devices, to disrupt Provider’s use of the system, disable Provider’s information systems, or compromise the integrity or availability of Provider data. _A_ _M_ _D_ 5.8 The Vendor warrants that all services shall be performed by competent personnel in a professional manner and in compliance with local, state and federal laws and regulations. _A_ _M_ _D_ 5.9 The Vendor warrants that the Software modules, equipment and other products will be compatible, and operate in an integrated manner, with other system components, including operating system and application Software, hardware and any existing Provider software to be interfaced with an existing Provider network hardware and software. _A_ _M_ _D_
Appendix D - EHR Request for Proposal (RFP)
D21
5.10 The Vendor warrants that all interfaces with third-party software shall be HL7 and TCP/IP compliant, and that Vendor has achieved interface in practices or facilities similar to Provider with the third party software in use or to be in use by Provider. _A_ _M_ _D_ 5.11 The Vendor warrants that any enhancements or upgrades to the Software and/or system will be compatible with the Provider’s version of the Software and/or system. _A_ _M_ _D_ 5.12 The Vendor of a remotely hosted system warrants the security of its system and of Provider data, which security shall include the following safeguards: (i) data encryption technologies for both transmission and storage; (ii) appropriate firewalls to block viruses; (iii) appropriate physical safeguards for the data center where the server is located; and (iv) twice daily backup of Provider’s data with offsite storage. _A_ _M_ _D_ 5.13 The Vendor warrants that it will not “sunset” support and enhancement for, or remove any functionality being used by Provider from, any of the Software or other products acquired pursuant to the agreement within seven (7) years from the date of agreement execution. _A_ _M_ _D_
VI. Third Party Products 6.1 The Vendor will attach to the agreement any third party terms and conditions applicable to Provider. The Vendor agrees that Provider will not be obligated to provide indemnity or to undertake any other financial obligation by such third party terms and conditions unless Provider specifically consents in writing to such obligation. _A_ _M_ _D_ 6.2 The Vendor shall act as first point of contact in resolving any disputes between Provider and any Third-Party Vendor at no charge to Provider. _A_ _M_ _D_
VII. Support 7.1 Vendor agrees to offer Software, equipment and other product support and maintenance to Provider for a minimum of seven (7) years, during which period Provider may terminate such support and maintenance after the expiration of the first year upon sixty (60) days notice to Vendor. _A_ _M_ _D_ 7.2 Vendor agrees that the system shall continue to meet the performance warranties and standards of the agreement during any period for which Provider purchases support and maintenance from Vendor. _A_ _M_ _D_
Appendix D - EHR Request for Proposal (RFP)
D22
7.3 Vendor agrees that support and maintenance services shall include without additional charge (i) all updates, releases, new versions and enhancements to the Software and other products; (ii) telephone consultation; (iii) telephonic or electronic response by qualified personnel to problems and issues reported by Provider within two (2) hours of receiving the Provider’s contact; (iv) resolution within 24 hours of Provider contact of critical errors causing the system or major functionality to be down or compromising the integrity or availability of Provider data; (v) resolution of major errors and malfunctions for which a workaround exists within two (2) business days of Provider contact; and (vi) correction of minor errors that do not impact system functionality within 30 days of Provider contact. _A_ _M_ _D_ 7.4 Vendor agrees to offer support and maintenance services for the system at rates that are reasonable and designed to encourage continued use by providers. _A_ _M_ _D_ 7.5 Vendor agrees to provide Provider a credit equivalent to one day’s fees for support and maintenance for the affected equipment, Software or other products for each day that an error continues beyond the times reflected in the resolution standards set forth above. _A_ _M_ _D_ 7.6 Vendor agrees that Provider shall not be responsible for the payment of travel and other out-of-pocket expense associated with the resolution of errors and failure of the equipment, Software or other products to operate as warranted. _A_ _M_ _D_ 7.7 Vendor agrees to update and otherwise modify the Software and other products as may be required to permit Provider to comply with applicable local, state and federal laws and regulations, including without limitation HIPAA privacy and security regulations, HITECH meaningful use regulations, and Ohio Board of Pharmacy rules. Such updates or modifications shall be provided in a timely manner to permit Provider to comply with the regulations’ time frames. Vendor agrees to provide such regulatory updates and modifications to Provider at no charge beyond the agreed upon support fees. _A_ _M_ _D_ 7.8 Any future releases of new software or other products replacing those being purchased by Provider in the agreement shall be made available to Provider at no charge, including license fees and installation fees, for seven (7) years after agreement execution. Annual support fees for such releases shall not exceed those of the existing product being replaced. _A_ _M_ _D_ 7.9 Vendor agrees to provide maintenance and support for each Software module or other product’s current version and one previous version. Vendor agrees to allow Provider a minimum of 12 months to install any updates or new releases. _A_ _M_ _D_ 7.10 In the event that Vendor makes any changes to its platform or infrastructure, whether in hardware, operating system or database, within three (3) years post Live Status for the entire system, all fees related to the new platform or infrastructure, including license, implementation, conversion and out-of-pocket expenses will be borne by Vendor. Any associated support fees will be provided to Provider at the level that existed prior to the changes.
Appendix D - EHR Request for Proposal (RFP)
D23
_A_ _M_ _D_ 7.11 The Vendor agrees that support personnel servicing Providers in Ohio shall be based at Vendor offices located within the State of Ohio. _A_ _M_ _D_
VIII. Confidentiality 8.1 The Vendor agrees that it will not, at any time during the term of the agreement or any time thereafter, use for any purpose other than performance of its obligations to Provider, or disclose to any person, firm, or corporation, any confidential or proprietary information of Provider without Provider’s prior written consent. Confidential and proprietary information shall include: (i) all patient and practitioner information and records; (ii) financial data; (iii) charges, rates and other billing information; (iv) clinical outcomes and quality information; and (v) employee and personnel information. _A_ _M_ _D_ 8.2 The Vendor will execute the Provider’s HIPAA Business Associate Agreement, which shall be attached to and incorporated into the agreement, prior to Vendor accessing any patient information. _A_ _M_ _D_ 8.3 The Vendor agrees to follow Provider’s information systems security policies including those governing remote access, firewalls, and security codes. _A_ _M_ _D_ 8.4 The Vendor agrees that the Provider owns the Provider’s records and data, and that Provider shall have the irrevocable right to access Provider’s data and records during the term and after the termination of this Agreement, without additional cost to Provider. Under no circumstance shall Vendor withhold Provider access to Provider records. _A_ _M_ _D_ 8.5 For remotely hosted systems, the Vendor agrees that (i) the Vendor’s data storage policies shall be consistent with the Provider’s record retention policies; and (ii) the Vendor shall provide the Provider upon request a HIPAA-compliant back-up log. _A_ _M_ _D_
IX. Term/Termination 9.1 The term for licensed Software shall be perpetual. _A_ _M_ _D_ 9.2 The Provider shall have the right to terminate any annual license and support obligation after the expiration of the first year upon sixty (60) days notice to Vendor. _A_ _M_ _D_
Appendix D - EHR Request for Proposal (RFP)
D24
9.3 The agreement may be terminated for breach. Failure by either party to comply with any material term or condition of the agreement shall constitute a breach. The non-breaching party shall be entitled to give written notice to the breaching party. If the breaching party does not cure the breach within 30 days after receipt of the notice, the non-breaching party may terminate the agreement by giving written notice. The right to terminate is in addition to any other rights and remedies provided under the agreement or otherwise under law. _A_ _M_ _D_ 9.4 The Provider may terminate the agreement immediately in the event of Vendor’s exclusion, suspension, debarment or other ineligibility to participate in federal health care programs as defined in 42 USC 1320a-7b(f). _A_ _M_ _D_ 9.5 Upon termination of the agreement, Vendor agrees to assist Provider in an orderly transition to another vendor or system, during which transition period Provider shall have access to Provider’s data and Vendor’s systems and services. _A_ _M_ _D_ 9.6 Upon termination of this Agreement, Vendor promptly shall make available to Provider in electronic copy and usable format, as reasonably requested by Provider, all Provider data and records in Vendor’s possession. _A_ _M_ _D_ 9.7 Vendor shall not impose a termination fee or other liquidated damages upon Provider as the result of termination of the agreement. _A_ _M_ _D_
X. General 10.1 The agreement shall be governed by the laws of the State of Ohio. Any disputes arising under the agreement shall be brought exclusively in the federal or state courts located within the Ohio County in which the Provider is located. The parties consent to the jurisdiction and venue of such courts and waive any objections thereto. _A_ _M_ _D_ 10.2 Any disputes between the parties that cannot be resolved within thirty (30) days shall be resolved by the use of an informal resolution/escalation process defined by the Provider and the Vendor in the agreement. _A_ _M_ _D_ 10.3 Any disputes between the Vendor and Provider that cannot be resolved within thirty (30) days by the process defined above, may be submitted by agreement of the parties to arbitration to be conducted by the American Health Lawyers Association pursuant to its Dispute Resolution Rules in the Ohio County in which the Provider is located. Arbitration shall not apply to disputes involving injunctive or class action relief. _A_ _M_ _D_
Appendix D - EHR Request for Proposal (RFP)
D25
10.4 Vendor shall escrow with an independent escrow agent the source code for all versions, releases, and updates of the Software together with appropriate updated documentation and installation instructions at no additional charge to Provider. _A_ _M_ _D_ 10.5 Vendor shall not require Provider to defend, hold harmless or indemnify the Vendor or any other person or entity. _A_ _M_ _D_ 10.6 Vendor shall defend, indemnify and hold harmless the Provider from and against all claims, liabilities, damages and expenses related to the infringement of third party rights by the Software, equipment and other products acquired from Vendor. In the event that Provider’s use of the Software, equipment or any other product is enjoined, Vendor shall arrange for Provider to use such Software, equipment or product, or provide comparable non-infringing Software, equipment or products, or refund to Provider all sums paid by Provider to Vendor for the acquisition and installation of the Software, equipment or product. _A_ _M_ _D_ 10.7 Neither party shall assign the agreement or any right or obligation under the agreement without the written consent of the other party, provided that consent shall not be required in the case of assignment to a successor in interest to substantially all of the party’s assets. Provider may outsource Provider’s data processing operations to a third party organization without incurring any additional license or other fees pursuant to the agreement. _A_ _M_ _D_ 10.8 Vendor agrees that documents will not be incorporated by reference into the agreement unless made available to and approved by the Provider prior to the agreement execution. The Provider shall not be bound by any terms and conditions not set forth in the agreement. _A_ _M_ _D_ 10.9 Vendor agrees that any limitations or disclaimers of liability shall be mutual, shall not be less in amount than twice the total amount paid by the Provider under the agreement, and shall not apply to limit or disclaim: (i) Vendor’s defense and indemnity obligations for infringement; (ii) damages resulting from the unauthorized use or disclosure of confidential information, including without limitation breach of the HIPAA Business Associates Agreement; (iii) damages resulting from either party’s knowing violation of federal or state laws or regulations; and (iv) personal injury or property damages resulting from either party’s gross negligence or reckless conduct. _A_ _M_ _D_ 10.10 Vendor agrees that to the extent Section 952 of the Omnibus Reconciliation Act of 1980 (Public Law 96-499) is found applicable to the agreement, until the expiration of four (4) years after the furnishing of services pursuant to the agreement, Vendor shall make available, upon written request by the Secretary of the United States Department of Health and Human Services, the Comptroller General of the United States, or to any of their duly authorized representatives, the agreement and the books, documents, and records of Vendor that are necessary to certify the extent of any costs of Provider arising from the agreement. Further, if Vendor carries out any of its duties arising from the agreement through a subcontract, the value or cost of which is Ten Thousand Dollars ($10,000.00) or more over a twelve (12) month period, with a related organization, such subcontract will contain a clause to the effect and until the expiration of the four (4) years after furnishing of such service pursuant to such subcontract, that the
Appendix D - EHR Request for Proposal (RFP)
D26
related organization will make available upon written request to the Secretary of the United States Department of Health and Human Services, the Comptroller General of the United States, or any of their duly authorized representatives, the subcontracts, books, documents, and records of such organization that are necessary to verify the nature and extent of such costs. _A_ _M_ _D_ 10.11 Vendor agrees to represent and warrant that there are no suits, claims, investigations, or other proceedings pending or threatened, which might adversely affect its ability to perform its responsibilities under the agreement. Vendor further agrees to warrant that neither Vendor nor any of its principals, owners, officers, or employees have been excluded, suspended, debarred, or otherwise rendered ineligible to perform services to providers in federal or state health care plans. Vendor agrees to acknowledge that Provider has made available to Vendor information about the federal false claims act and federal administrative remedies law for false claims and statements, and any related civil or criminal Ohio laws and the Provider's policies and procedures for detecting and preventing fraud. Vendor agrees to abide by such Provider's policies and procedures as to the items and services Vendor provides pursuant to this Agreement and to make such policies and procedures available to Vendor's employees involved in performing such services. _A_ _M_ _D_
Appendix D - EHR Request for Proposal (RFP)
D27
Appendix C: Preferred Vendor Agreement This Preferred Vendor Agreement (the “Agreement”) is made as of _________, 2010 (the “Effective Date”), by and between Ohio Health Information Partnership (“OHIP”), an Ohio non-profit corporation located at 1275 Kinnear Road, Columbus, Ohio 43212, and ___________________________, a ___________ corporation located at _______________________________ (“Vendor”). Vendor is engaged in the business of developing, licensing/providing, implementing and supporting electronic health records technology and products. OHIP has been designated by the State of Ohio as the authorized entity to lead the implementation and support of health information technology throughout Ohio. OHIP also has been awarded the Regional Extension Center (REC) grant for the State of Ohio (with 11 Ohio counties overlapping with the HealthBridge REC) under the American Recovery and Reinvestment Act of 2009 Health Information Technology Extension Program. (Award No. 90RC0012/01) In its role as a REC, OHIP and its regional partners will assist physicians and other health care providers in achieving meaningful use of electronic health records. The parties desire to enter into this Agreement to promote the meaningful use of electronic health records. NOW THEREFORE, the parties agree as follows.
1. Responsibilities and Warranties of Vendor
1.1 Vendor-Physician Contracts. Vendor agrees to deliver, implement and support the products and services (“Vendor System”) identified in Vendor’s responses to OHIP’s REC Request for Proposal for EHR Comprehensive Products (“RFP”) in accordance with the terms and conditions of this Agreement and Vendor’s responses to the RFP.
1.2 Vendor Warranties. Vendor will warrant:
1.2.1 good title to and the right to license or sell each module or item of the Vendor System;
1.2.2 each module or item of the Vendor System shall be free from defect in design
and workmanship and shall operate in accordance with the Vendor’s specifications and documentation, and in accordance with the Vendor’s written responses to any Provider request for proposal;
1.2.3 Vendor System response time for 99% of transactions will be less than two (2)
seconds for screen-to-screen and field-to-field transactions, and less than three (3) seconds for database queries, measured over a two (2) hour period and assuming no concurrent report writing functions. For each Software module, if response times fall below the guaranteed standards, the Vendor will purchase and install at no charge to the provider the necessary equipment and software to achieve this performance level for the period commencing upon the date of agreement execution through twenty-four (24) months after Live Status for the Vendor System;
1.2.4 the Vendor System shall be available for use a minimum of ninety-nine percent
(99%) of the time as measured over a 24-hour period. In the event that Vendor System availability falls below 99% due to a Vendor or Vendor System problem, Vendor shall provide the provider a credit in the amount of three percent (3%) of total monthly system support and maintenance fees for each failure to meet the system availability warranty;
1.2.5 the Vendor System shall comply with, and permit the provider to comply with, all
applicable local, state and federal laws and regulations including without limitation the Health
Appendix D - EHR Request for Proposal (RFP)
D28
Insurance Portability and Accountability Act of 1996 (“HIPAA”) security and privacy rules, the Health Information Technology for Economic and Clinical Health Act (“HITECH”) meaningful use rules, the Ohio Board of Pharmacy rules, and the standards of any applicable accreditation organization;
1.2.6 any electronic health record component(s) of the Vendor System will be certified
as of August 1, 2010, and remain certified during the term of the agreement, as qualifying EHR technology, within the meaning of HITECH, by the certification agency designated by the United States Department of Health and Human Services;
1.2.7 the Vendor System shall be free from all viruses and worms and shall not contain
disabling devices to disrupt the provider’s use of the system, disable provider’s information systems, or compromise the integrity or availability of provider data;
1.2.8 all services shall be performed by competent personnel in a professional manner
and in compliance with local, state and federal laws and regulations; 1.2.9 the Vendor System will be compatible, and operate in an integrated manner, with
other system components, including operating system and application software, hardware and any existing provider software to be interfaced with an existing provider network hardware and software;
1.2.10 all interfaces with third-party software shall be HL7 and TCP/IP compliant, and
Vendor has achieved interface in physician practices or facilities similar to Provider with the third party software in use or to be in use by the provider;
1.2.11 any enhancements or upgrades to the Vendor System and/or system will be
compatible with the provider’s version of the Vendor System; 1.2.12 for remotely hosted systems, Vendor will assure the security of the Vendor
System and of provider data, which security shall include the following safeguards: (i) data encryption technologies for both transmission and storage; (ii) appropriate firewalls to block viruses; (iii) appropriate physical safeguards for the data center where the server is located; and (iv) twice daily backup of the provider’s data with offsite storage;
1.2.13 Vendor will not “sunset” support and enhancement for, or remove any
functionality being used by the provider from, the Vendor System within seven (7) years from the date of agreement execution;
1.2.14 neither Vendor nor its officers, owners or employees performing services on
behalf of providers is or will be excluded, suspended, debarred or otherwise rendered ineligible to participate in federal health care plans, as defined in 42 USC 1320a-7b(f), or otherwise receive payment from funding under any federal grant or program.
1.3 Dedicated Installation Staff. Vendor agrees to dedicate qualified personnel in sufficient
numbers to guarantee that priority primary care physicians (“PPCPs”) go live on the Vendor System within no more than eight (8) months following execution of the applicable license or service agreement. “Priority primary care physicians” shall mean allopathic and osteopathic physicians who are family physicians, general internal medicine physicians, pediatricians or OB-GYNs, practicing in public or critical access hospitals, federal qualified health centers, rural health clinics, or other settings for predominantly uninsured, underinsured or medically underserved populations. Vendor will reimburse the PPCP for the amount of any meaningful use incentive payments which are lost as the result of Vendor’s failure to install the Vendor System in a timely manner.
1.4 Commitment to Ohio Employment. Vendor agrees that implementation and support
services for the Vendor System will be provided predominantly by personnel located in the State of Ohio.
Appendix D - EHR Request for Proposal (RFP)
D29
1.5 Vendor Pricing. Vendor agrees that quoted prices will include the price for a
comprehensive system including without limitation all interfaces and that payment terms with PPCPs shall be tied to the achievement of performance milestones, and shall permit PPCPs to defer payment until the PPCP’s certification of achievement of meaningful use. Vendor further agrees that price increases for ongoing services and support shall not exceed on an annual basis the lesser of three percent (3%) or the change in the CPI-U.
1.6 Vendor System Support. Vendor agrees to support the Vendor System installed for a
minimum of seven (7) years, and that support shall encompass all updates required to permit use of Vendor System in accordance with applicable federal and state laws and regulations, including without limitation the HIPAA, HITECH and Ohio Board of Pharmacy rules.
1.7 Financing Options. Vendor agrees to participate in PPCP financing options, including:
1.7.1 Vendor-issued letter of credit with a financial institution for a loan guarantee
program covering multiple Vendor installations, such program to be established with the assistance of the Ohio Treasury Department “linked deposit” program;
1.7.2 Vendor guarantee of individual PPCP loans with financial institutions; 1.7.3 Other Vendor financing options that defer payment of equipment, license,
service, support, subscription and other fees, until the provider achieves meaningful use and begins receiving Medicare or Medicaid incentive payments. 1.8. Infringement Indemnity. Vendor will defend and indemnity providers from and against
any and all damages, liabilities, costs or expenses (including without limitation reasonable attorneys’ fees) arising from any claims of infringement in relation to the Vendor System. 1.9 Source Code Escrow. Vendor will escrow with an independent escrow agent the source code for all versions, releases and updates of the software of the Vendor System.
2. Role of OHIP
2.1 Vendor Promotion. OHIP will identify Vendor to PPCPs in Ohio as a preferred vendor of the OHIP REC program and promote Vendor’s EHR System among providers in Ohio. If requested by Vendor, OHIP or OHIP’s regional partners in the OHIP REC program will provide commercially reasonable efforts to assist Vendor in finalizing the execution of provider contracts with PPCPs.
2.2 PPCP Identification. OHIP and OHIP’s regional partners shall identify PPCPs as
potential customers of Vendor System by providing Vendor contact information. 2.3 First Line of Support. OHIP’s regional partners shall serve as a first line of support for
PPCPs with regard to mutually agreed-to non-critical support issues, as identified by Vendor and the regional partner.
2.4 State Law Changes. OHIP and OHIP’s regional partners will assist Vendor in identifying new Ohio laws and regulations, or changes to Ohio laws and regulations, applicable to the Vendor System and providers’ use of the Vendor System.
Appendix D - EHR Request for Proposal (RFP)
D30
3. Administrative Fee In consideration for the marketing and support services provided by OHIP and its regional partners, Vendor agrees to pay OHIP an administrative fee in the amount of three percent (3%) of the fees collected by Vendor for the Vendor System, including without limitation all Vendor’s products and services provided to PPCPs in Ohio during the first five (5) years following the execution of each PPCP contract. Administrative fees shall be paid on a monthly basis within thirty (30) days of Vendor’s receipt of payment from or on behalf of the PPCP or any institution financing payment for the PPCP. Vendor agrees to allow OHIP or its designee reasonable access to Vendor’s business records to confirm the calculation and payment of administrative fees. This provision shall survive the termination of this Agreement.
4. Confidentiality
4.1 Definition. Each party acknowledges that in the course of performing under this Agreement, it may learn confidential, trade secret, or proprietary information concerning the other party or third parties to whom the other party has an obligation of confidentiality (“Confidential Information”). Without limiting the foregoing, Vendor’s Confidential Information shall include non-public information about Vendor’s business, products or customers; reports generated by or for Vendor; databases and methods of database creation; software tools for report creation; distribution and retrieval; and associated algorithms, tools, programs, software architecture, and technology. Without limiting the foregoing, OHIP’s Confidential Information shall include non-public information regarding OHIP’s services, products, contracts, finances, business and customers, and pricing; reports generated by or for OHIP; databases and methods of database creation; health data reporting, analysis, and profiling methods and formats; systems for report creation, distribution and retrieval; and associated algorithms, tools, programs, software, and technology.
4.2 Confidentiality Obligations. Each party agrees that (a) it will use such information only as may be necessary in the course of performing duties, receiving services or exercising rights under this Agreement, (b) it will treat such information as confidential and proprietary, (c) it will not disclose such information orally or in writing to any third party without the prior written consent of the other party, (d) it will take all reasonable precautions to protect the Confidential Information, and (e) it will not otherwise appropriate such information to its own use or to the use of any other person or entity. Without limiting the foregoing, each party agrees to take at least such precautions to protect the other party’s confidential and proprietary information as it takes to protect its own confidential and proprietary information. Each party is solely responsible for all use of confidential information by anyone who gains access to the Confidential Information of the other party under such party’s authorization. Upon termination or expiration (without renewal) of this Agreement, each party will return to the other party or certify as destroyed all tangible items containing any of the other party’s proprietary or confidential information which are held by that party or its employees or contractors. Each party agrees to notify the other party if it becomes aware of any unauthorized use or disclosure of the other party’s Confidential Information. Without limiting the foregoing, Vendor and OHIP shall not use the other party’s trademarks for any purpose without express written permission from the other party.
4.3 Disclosure to Governmental Body. If either party believes it is required by law or by a subpoena or court order to disclose any of the other party’s confidential or proprietary information, it shall promptly notify the other party prior to any disclosure and shall make all reasonable efforts to allow the other party an opportunity to seek a protective order or other judicial relief.
4.4 Exceptions. Nothing in this Agreement shall be construed to restrict disclosure or use of information that (a) was in the possession of or rightfully known by the recipient, without an obligation to maintain its confidentiality, prior to receipt from the other party; (b) is or becomes generally known to the
Appendix D - EHR Request for Proposal (RFP)
D31
public without violation of this Agreement; (c) is obtained by the recipient in good faith from a third party having the right to disclose it without an obligation of confidentiality; or (d) is independently developed by the receiving party without the participation of individuals who have had access to the other party’s confidential or proprietary information.
4.5 Patient Information. Each party agrees not to disclose or utilize individual patient or medical claim information in any way that would violate any physician-patient confidence or any state or federal laws or regulations. Each party agrees not to access or use patient information without entering into a HIPAA compliant business associate agreement with the applicable covered entity.
5. Limitation of Liability, Insurance and Indemnification
5.1 Limitation of Damages. Each party’s liability to the other party for direct damages arising out of this Agreement shall not exceed the greater of $1,000,000.00 or the amount of administrative fees paid or to be paid by Vendor to OHIP under this Agreement. Under no circumstances will either party be responsible under this Agreement for any indirect, incidental, special or consequential damages resulting from either party’s performance or failure to perform under this Agreement. The limitations and disclaimers of this Section shall not apply to (i) Vendor’s defense and indemnity obligations pursuant to Section 5.3, (ii) damages resulting from breaches of Article 4, or (iii) personal injury or property damages caused by the gross negligence or reckless conduct of either party or its employees.
5.2 Insurance. For the periods covered by this Agreement, Vendor shall maintain the following types of insurance and shall identify OHIP as an additional insured under each such policy:
5.2.1 Commercial General Liability with minimum limits of liability of $1,000,000.00 per occurrence/$3,000,000.00 aggregate.
5.2.2 Professional Errors & Omissions with minimum limits of liability of $1,000,000.00
per occurrence/$3,000,000.00 aggregate. 5.2.3 Products Liability with minimum limits of liability of $1,000,000.00 per
occurrence/$3,000,000.00 aggregate. 5.2.4 Privacy and Security Liability with minimum limits of liability of $1,000,000.00 per
occurrence/$3,000,000.00 aggregate. In the event that any of the above policies are maintained as claims made coverage and the coverage is cancelled, suspended or otherwise interrupted for any reason, Vendor shall secure an extended reporting endorsement or tail coverage to provide for continuous coverage with limits of liability as set forth above. Vendor shall provide at least thirty (30) days written notice to OHIP if any of the above-mentioned insurance coverage is limited, cancelled, suspended, interrupted or materially altered in any way. Upon request, Vendor shall provide OHIP with certificates evidencing the above-referenced coverage.
5.3 Indemnification. Vendor agrees to defend, hold harmless and indemnify OHIP and OHIP’s regional partners, and their respective officers, directors and employees against and from all third party claims, damages and liabilities arising from Vendor’s products, services, and other acts and omissions of Vendor; provided that OHIP gives Vendor prompt, written notice of any such claim, sole control of the defense and settlement of such claim, and all reasonable assistance to defend such claim. Vendor shall not agree to settle the claim without OHIP’s written consent, provided that such consent is not unreasonably withheld, conditioned or delayed. Vendor shall have no obligations under this paragraph if such claims, damages and liabilities result from OHIP’s breach of this Agreement. This indemnification provision shall survive the termination of this Agreement
Appendix D - EHR Request for Proposal (RFP)
D32
6. Term and Termination
6.1 Term. This Agreement commences as of the Effective Date and, unless earlier terminated as provided in this Agreement, continues for any period during which Vendor continues to provide products and/or services to any PPCP who contracted with Vendor during the REC Program. All sections of this Agreement relating to administrative payments (during the designated five year period), confidentiality, indemnification, insurance, limitations of liability, and governing law/venue shall survive termination or expiration of this Agreement. Upon termination or expiration of this Agreement, each party shall return to the other party all copies of the other party’s products and documentation, within thirty (30) days after termination.
6.2 Breach. If one party breaches any material provision of this Agreement, the non-breaching party may begin the process to terminate this Agreement by giving written notice of termination to the breaching party. If the breach is capable of being cured and is reasonably cured within thirty (30) days after receipt of the notice, the termination shall not become effective. If the breach is not capable of being cured or is not reasonably cured within 30 days after receipt of the notice, the non-breaching party may terminate this Agreement by delivering a second notice to the breaching party, specifying a termination date not later than thirty (30) days after the expiration of the cure period.
6.3 Termination without Cause. OHIP may terminate this Agreement at any time for any
reason upon ninety (90) days prior written notice to the other party.
7. General Provisions
7.1 Entire Agreement. This Agreement constitutes the entire understanding between the parties and supersedes all proposals, communications and agreements between the parties relating to its subject matter. No amendment, change, or waiver of any provision of this Agreement will be binding unless in writing and signed by both parties. In the event one or more of the provisions of this Agreement are found to be invalid, illegal or unenforceable by a court with jurisdiction, the remaining provisions shall continue in full force and effect.
7.2 Compliance. Vendor represents and warrants that there are no suits, claims, investigations, or other proceedings pending or threatened, which might adversely affect its ability to perform its responsibilities under this Agreement. Vendor further warrants that in performing its obligations under this Agreement, Vendor will comply with all applicable laws and regulations.
7.3 Independent Contractors. The parties’ relationship to each other is that of independent contractors. Neither party shall be deemed to be, or hold itself out as, a partner, sales agent, employee or joint venture partner of the other party.
7.4 Limitation on Assignments. Neither party may assign or transfer this Agreement or any of the rights or licenses granted under it, without the prior, written consent of the other party, which shall not be unreasonably withheld, provided, however, that no such consent will be required in connection with either party’s merger, reorganization or consolidation, or sale of all or substantially all of its assets. Except as provided herein, any attempted assignment without such consent shall be void.
7.5 Notices. Any notices of termination relating to this Agreement shall be in writing and will be sent by certified United States mail, postage prepaid, return receipt requested, or by facsimile transmission or overnight courier service, addressed to the party as set forth above, or at a different address as a party has notified the other party in writing.
Appendix D - EHR Request for Proposal (RFP)
D33
7.6 Force Majeure. The obligations of the parties under this Agreement shall be suspended to the extent a party is hindered or prevented from complying therewith because of labor disturbances (including strikes or lockouts), war, acts of God, fires, storms, accidents, governmental regulations, or any other cause whatsoever beyond a party’s control.
7.7 Non-Exclusivity. This Agreement is not an exclusive arrangement between Vendor and OHIP. OHIP in its discretion may contract with other vendors of electronic health records to serve as preferred vendors in OHIP’s REC program.
7.8 Governing Law. Any claim, dispute, or controversy arising out of or relating to this
Agreement shall be governed by and construed under the laws of the State of Ohio. Exclusive venue for any action or legal proceeding arising out of or related to this Agreement shall be in the state and federal courts of Franklin County, Ohio.
7.9 General Representations. Each party represents and warrants that: (i) it is a corporation
or limited liability company organized, existing, and in good standing under the laws of the State of Ohio; (ii) the execution of this Agreement and the performance of its duties and responsibilities hereunder will not violate its articles of organization or operating agreement or any other written agreement to which it is a party, or require the consent or approval of any third person or entity; (iii) to its knowledge, after due inquiry, neither it nor any manager, officer, or member of it has been convicted of any act or omission constituting a felony under the laws of the State of Ohio or constituting Medicare or Medicaid fraud or any other offense or violation under Titles XVIII, XIX, or XX of the Social Security Act, 349 Stat. 620 (1935), as amended, or has been excluded, suspended, debarred or rendered ineligible to participate in federal health care programs as defined in 42 USC 1320a-7b(f); and (iv) the execution and delivery of this Agreement and the performance and satisfaction by it of its duties and responsibilities hereunder will have been duly and validly authorized by all necessary action on the part of it, and this Agreement will constitute a valid and legally binding obligation of it enforceable against it in accordance with its terms.
IN WITNESS WHEREOF, the parties have executed this Agreement as of the date set forth
above. [Vendor] OHIP BY: BY: TITLE:
TITLE:
Appendix D - EHR Request for Proposal (RFP)
D34
Appendix D: Regional Partners and Geographic Distribution of Regions
I. Regional Partners
Name of Regional Lead Partner
Other Partners in the Region Region Adjusted PPCP
Akron Regional Hospital Association
(ARHA)
Austen Bioinnovation Institute, NEOUCOM,
University of Akron, Kent State University, Stark
State Technical College, ITT Institute, Public Health
Departments, Heartland Behavioral Healthcare,
Med Central—Mansfield, Med Central—Shelby,
Samaritan Regional Health System, Lodi Community College, 20+ hospitals,
including Summa, Boardman, and Aultman, Summa Physicians Inc., other Physican Groups
Ashland, Carroll, Harrison,
Holmes, Medina, Portage,
Richland Stark, Summit, Tuscarawas, Wayne
1628 PCP -326 EHR 1302 PCP
873 PPCP
(67%)
Case Western Reserve University (CWRU)
University Hospitals, Cleveland Clinic,
MetroHealth, Sisters of Charity, SW General,
Parma Hospital, Kaiser, VA Medical Center,
Academy of Medicine of Cleveland & Northern Ohio, Better Health
Greater Cleveland, One Community, Care Source, Medical Mutual, Boards of
Health, Dept. of Public Health, Community
Colleges, OSMA, OHA, CVS, Neighborhood
Health Services, ADAMSHS Board, Health Collaborative, Ohio KePro,
MSS Consultants
Ashtabula, Cuyahoga,
Geauga, Lake, Lorain
3291 PCP -658 EHR 2633 PCP
1765 PPCP
(67%)
Appendix D - EHR Request for Proposal (RFP)
D35
Central Ohio Health Information Exchange
(COHIE)
Central Ohio Hospital Council, Access Health Columbus, Central Ohio
Trauma System, Columbus Medical
Association, OSU Medical, Center, OSU Health Plan, OhioHealth, Mt. Carmel
Health System, Nationwide Children’s Hospital,
Central Ohio Primary Care Physicians, OSU
Physicians, Compete Columbus, Medical Group
of Ohio, Columbus Chamber of Commerce
Coshocton, Crawford, Delaware, Fayette,
Franklin, Hardin, Knox, Licking, Logan, Madison,
Marion, Morrow, Pickaway, Union
2522 PCP -504 EHR 2018 PCP
1352 PPCP
(67%)
Greater Dayton Area Health Information Network (GDAHA)
CCHIE, 20+ Hospitals, ADAMHA Boards, Public Health Agencies, Sinclair
Community College Wright State University
Montgomery County Medical Society
Allen, Auglaize, Darke, Mercer,
Miami, Montgomery, Preble, Shelby
1200 PCP -240 EHR 960 PCP
644 PPCP
(67%)
Hospital Council of Northwest Ohio
(HCNWO)
Academy of Medicine of Toledo and Lucas County, 20+ Hospitals, Arrowhead
Behavioral Health, Hospice of Northwest
Ohio, Ohio Academy of Family Physicians
Defiance, Erie, Fulton, Hancock, Henry, Huron, Lucas, Ottawa, Paulding,
Putnam, Sandusky, Seneca,
Van Wert, Williams, Wood, Wyandot
1190 PCP -238 EHR 952 PCP
639 PPCP
(67%)
NEO HealthForce (NEOHF)
4 Hospitals, Forum Health, Community Action Agency
of Columbiana County, Dandridge’s Burgundi Manor, Salem Visiting
Nurse Association, The Inner Office, Burdman Group, Inc., Children’s Center for Science and
Technology, Columbiana County Career and Technical Center,
Columbiana County JFS, East Ohio AHEC, 7
Technical Schools and Community Colleges, Kent
State University, Youngstown State
University, Trumbull County JFS, Youngstown-Warren Regional Chamber
of Commerce
Columbiana, Jefferson,
Mahoning, Trumbull
601PCP -120 EHR 481 PCP
323 PPCP
(67%)
Appendix D - EHR Request for Proposal (RFP)
D36
37 | P a g e
Ohio University (OU)
7 Hospitals, Coolville Healthcare Clinic, Fairfield Medical Center, Genesis
Healthcare System, Holzer Health Systems, Marietta Healthcare Physicians,
Muskingum Valley Health Centers, Physicians
Business Office, Southern Ohio Medical Center,
University medical Associates
Endocrine/Diabetes Center, Ironton-Lawrence
Community Action
Athens, Belmont, Fairfield, Gallia, Guernsey, Hocking,
Jackson, Lawrence, Meigs, Monroe, Morgan,
Muskingum, Noble, Perry, Pike, Ross, Scioto, Vinton,
Washington
752 PCP -150 EHR 602 PCP
404 PPCP
(67%)
II. Geographic Distribution Map by County
http://ohiponline.org/RECbycounty.pdf
Appendix D - EHR Request for Proposal (RFP)
D37
Ohio Health Information Partnership Health Information Exchange Committee
Organization Name Title
Center for Family Medicine, Akron General Medical Center
Brian Bachelder, MD
Clinical Associate and OHIP Board Member
Cleveland Clinic Joe Turk Director, Information Systems Family Physicians of Urbana John Crankshaw, MD Practicing Physician Galion Community Hospital Andrew Daniels Director of Information Services Holzer Clinic Mark Harvey Chief Information Officer Ohio Department of Health Bob Campbell, PhD Deputy Director,
Center for Public Health Statistics and Informatics
Ohio Department of Insurance Adam Rossbach Policy Analyst Ohio Department of Insurance Margaret Eichner Project Manager (non‐voting
member) Ohio Department of Job and Family Services
Jon Barley, PhD Chief, Bureau of Managed Care
Ohio Health Information Partnership
Andrea Perry Project Manager
Ohio Health Information Partnership
Cathy Sonnhalter REC Implementation Manager
Ohio Hospital Association Dan Paoletti VP, Data Services, OHIP Board Member and HIE Committee Chair
Ohio State University Medical Center
Phyllis Teater Chief Information Officer
OSIS (representing FQHCs) Jeff Lowrance Chief Information Officer and OHIP Board Member
Premier Health Partners Mikki Clancy Chief Information Officer United HealthCare Richard Gajdowski, MD OHIP Board Member Academy Of Medicine Cleveland and Northern Ohio (AMCNO)
Lawrence Kent, MD Practicing Physician
Appendix E - HIE and REC Committee Members
E1
OHIP REC Committee Roster As of May 3, 2010
Gregg Alexander, DO Madison Pediatrics Inc
Amy Andres Chief of Staff/ODI Board Chair/OHIP
Mary Alice Annecharico CIO University Hospitals
Anthony Bacevice, MD EMH Womens Healthcare Brian Bachelder, MD Akron General Medical Center Bryan Beer Sr. Director, Health Information Technololgy Greater Dayton Area Hospital Association
Elayne R Biddlestone EVP/CEO Academy of Medicine of Cleveland & Northern Ohio
Phil Cass, PhD CEO Columbus Medical Association Mikki Clancy CIO Premier Health Partners
Cathy Costello, JD VP, REC Services OHIP Aly DeAngelo Strategic Planning and Data Analysis Administrator ODI
Rebecca Dunaway Practice Administrator Joint Implant Surgeons
C. Martin Harris, MD CIO Cleveland Clinic
Greg Kall CIO Summa Health System
Bill Kose, MD, JD Blanchard Valley Hospital
Michael Krouse CIO OhioHealth Marianne Lorini President & CEO Akron Regional Hospital Association Jeff Lowrance CEO OSIS Information Systems
Appendix E - HIE and REC Committee Members
E2
Amanda Lucas Director of Operations Nationwide Childrens Hospital
Brent Mulgrew CEO/Executive Director OSMA Paul Muneio VP, Future Technology ProMedica Health System
Melinda Nugent AHIE Board, Vice Chair, Administrator Marietta Healthcare Physicians Inc Dan Paoletti VP, Data Services OHA Joe Peter Director, Regional Extension Center Strategic Initiatives Case Western Reserve University Julie Rehm, PhD Sr Associate Dean & Associate VP Case Western Reserve University Jan Ruma VP Hospital Council of NW Ohio Ron Savrin, MD Medical Director Ohio KePro Mrunal Shah, MD, ABFM VP, Physician Technology Services, OhioHealth Information Systems Riverside Family Practice Center
Janis Shriver Executive Director North Coast Professional Co Nav Singh, MD Seven Hills Women Health Center
Rob Strohl Director of Health Informatics Central Ohio Primary Care Physicians Jon Wills Executive Director OOA Cathy Sonnhalter REC Implementation Manager OHIP Amy James Admin Asst/Staff Liaison OHIP
Andrea Perry Project Manager OHIP
Appendix E - HIE and REC Committee Members
E3
Ohio’s Health Care Coverage and Quality Council Health Information Technology Task Force Members
Organization Member Academy of Medicine, Cleveland and Northern Ohio
Elayne Biddlestone
Anthem Barry Malinowski CareSource Bob Gladden Cleveland Clinic Oliver Henkel Collaborating Communities Health Information Exchange (CCHIE)
Marty Larson
Health Policy Institute of Ohio (Former President) Bill Hayes, Chair Isthmus, Ltd. Bill Mitchin KeyPro Ron Savrin National Alliance on Mental Illness Paul Quinn Northeast Ohio Universities College of Medicine Brian Keaton Ohio Department of Health Bob Campbell Ohio Department of Insurance Aly DeAngelo, Staff Ohio Legislative Representative Dave Burke Ohio Medicaid Tracy Plouck Ohio Pharmacists Association Ernie Boyd Ohio State University Medical Center Jerry Friedman Ohio University Brian Phillips OSIS Information Services Jeffrey Lowrance University of Toledo Godfrey Ovwigho
Appendix F - HCCQC Health IT Task Force
F1
Ohio Health Information Partnership Stakeholders Who Submitted Letters of Support
Ohio Hospitals • Adams County Regional Medical Center • Aultman Health Foundation • Barnesville Hospital • Berger Health System • Bucyrus Community Hospital • Catholic Health Partners • Cleveland Clinic • Dunlap Community Hospital • Fairfield Medical • Fulton County Health Center • Genesis Healthcare System • Health Alliance of Greater Cincinnati • Humility of Mary Health Partners (CHP) • Kettering Health Network • Madison County Hospital • Marietta Memorial Hospital • Mary Rutan Hospital • MedCentral Health System • Mercer County Health System • O’Bleness Memorial Hospital • OhioHealth • Ohio State University Medical Center • Pomerene Hospital • Promedica Health System • Salem Community Hospital • Southeastern Medical • St Rita's Hospital (CHP) • Summa Health System • University Hospitals • Wood County Hospital • Wooster Community Hospital
Other Supporting Organizations
• Academy of Medicine of Toledo and Lucas County
• Aetna • American Academy of Medicine of Cleveland
and Northern Ohio • American College of Obstetricians and
Gynecologists • Americare Community Care • Anthem Blue Cross and Blue Shield • Appalachian Health Information Exchange • Board of Regents • Butler County Medical Society • CareSource • CCHIE • Center for Healthy Communities • Columbus Medical Association • HealthBridge • Medical Mutual of Ohio • NEO HealthForce • Ohio Academy of Family Physicians • Ohio Association of Community Health Centers • Ohio Chapter of American College of Pediatrics • Ohio Council of Behavioral Health and Family
Providers • Ohio Hematology Oncology Society • Ohio Hospital Association • Ohio KePRO • Ohio Ophthalmological Society • Ohio Osteopathic Association • Ohio State Medical Association • One Community • Scioto County Medical Society • State of Ohio • Unison Health Plan • United Healthcare
Appendix G - Stakeholders Who Submitted Letters of Support
G1
Health Information Exchange
Request for Information
Version 1.11 Prepared for OHIP Board Released January 21, 2010 Document Status Final
1
Appendix H - HIE Request For Information (RFI)
H1
2
SUMMARY:
The Ohio Health Information Partnership (OHIP) is seeking responses regarding the implementation of an interoperable health information exchange (HIE) framework for the State of Ohio. This Request for Information (RFI) addresses OHIP’s mission to advance the adoption, implementation and meaningful use of health IT among health care providers by facilitating and developing a statewide HIE to improve the safety , quality, accessibility, availability and efficiency of health care for citizens of Ohio. As the state-designated entity for Ohio’s statewide health information exchange, OHIP is seeking a full service HIE solution that best fits its goals, objectives, strategies and vision as supported by Ohio Health Care Coverage and Quality Council (OHCCQC) and outlined in the reference documents included in this request. Responses to this RFI will be carefully reviewed and a more detailed Request for Proposal (RFP) will be prepared based on the feedback received. The RFP will be sent to selected, qualified respondents. As a part of the qualifying process, respondents may be asked to provide a demonstration of their proposed solutions. DATES: Responses must be submitted to OHIP on or before 5:00 PM ET, February 11, 2010. SCHEDULE OF EVENTS: Event Date OHIP releases RFI January 21, 2010 Vendor questions due by close of business February 4, 2010 Vendor RFI responses due by close of business February 11, 20101
Notification of acceptance for RFP phase By April 2, 2010 RFI INSTRUCTIONS: Please see Appendix A for a list of the RFI information, which must be submitted. Please note the following when submitting your RFI response:
• Responders must use the OHIP HIE RFI Survey Tool 2to submit information and are encouraged to review all reference documents before submission.
1 OHIP’s RFI response deadline was subsequently extended to March 1, 2010 to provide additional time for vendors to respond.
2 OHIP removed the survey tool link used to gather RFI responses after the RFI respond deadline to prevent vendors from inserting information at a later time.
Appendix H - HIE Request For Information (RFI)
H2
3
• Responses are saved in the OHIP HIE RFI Survey Tool based on the IP address of the responder. If you need to collaborate with colleagues before submission, use Appendix A of this document to collect and organize responses in advance. However, responses will not be accepted via the Word document.
• Responses and all related attachments should not exceed a total of 50 pages. • A copy of the submitted RFI will be emailed to your RFI contact following verification
of the submission within two business days of receipt. HYPERLINKS AND ELECTRONIC ATTACHMENTS:
• If hyperlinks or other electronic documents are to be provided, please include the links and/or name of the documents in the response under the question to which they pertain.
• To email electronic document attachments, please email them to [email protected] and place “OHIP HIE RFI Response Attachment” in the subject line.
QUESTIONS:
• If you have questions regarding the RFI, please email them to [email protected] and place “OHIP HIE RFI Question” in the subject line.
• Answers to questions will be made available to all vendors through OHIP’s HIE RFI website (http://ohiponline.org/ohip.hierfi.faqs.pdf). Questions must be submitted by close of business on February 4, 2010.
BACKGROUND: In September 2009, OHIP was designated by the State of Ohio as the authorized non-profit entity to submit an application for the American Recovery and Reinvestment Act (ARRA) State Grant to Promote Health Information Technology Planning and Implementation. OHIP is a newly formed non-profit whose initial board members include representatives from BioOhio, the State of Ohio, The Ohio State Medical Association, The Ohio Osteopathic Association and the Ohio Hospital Association. OHIP’s board is being expanded to include representation from the business community, consumers, payers, behavioral health providers, hospitals, physician providers and Federally Qualified Health Centers (FQHCs). In October and November 2009, OHIP completed submission of the above mentioned grant as well as a second grant application to serve as the statewide Regional Extension Center (REC) under the ARRA Health Information Technology Extension Program. Both applications contain project abstracts and narratives which provide a comprehensive description of Ohio’s current state of health IT and proposed statewide strategy for HIE and REC development (see reference documents for more information). It is important for responders to note that OHIP’s strategy for HIE development will be to initially maintain a thin layer of management within OHIP while outsourcing the majority of the HIE operation to a single, full-service solution provider responsible for managing all aspects of the HIE operation. Long-term, OHIP intends to consider options to return management of
Appendix H - HIE Request For Information (RFI)
H3
4
certain functions to OHIP as necessary to effectively manage costs. This strategy and other core principles should be thoroughly reviewed by responders as outlined in OHIP’s Technology Development Principles referenced in this document. REFERENCE DOCUMENTS3: It is recommended that responders review the following documents or websites before submitting RFI responses:
Document Location OHIP Technology Development Principles http://ohiponline.org/ohip.hierfi.tech.principles
.pdf OHIP HIE Project Abstract and Narrative http://ohiponline.org/ohip.hierfi.hie.abstract.n
arrative.pdf OHIP REC Project Abstract and Narrative http://ohiponline.org/ohip.hierfi.rec.abstract.n
arrative.pdf OHIP Main Website (News) http://www.ohiponline.org/ Ohio Health Care Coverage and Quality Council Website
http://www.healthcarereform.ohio.gov
TERMS AND CONDITIONS:
1. This RFI and RFI process is solely for OHIP’s benefit and is only intended to provide information to OHIP. The RFI is designed to provide respondents with the information necessary for the preparation of informative responses. The RFI is not intended to be comprehensive, and each respondent is responsible for determining all the factors necessary for submission of a response. The RFI response will not be subject to an RFP type evaluation but only to a review of the information respondent provides. 2. OHIP reserves the right not to review or otherwise to reject, in whole or in part and at any time, any or all responses received in response to this RFI. An RFI response may be rejected outright and not reviewed for any or no reason. Issuance of the RFI in no way constitutes a commitment by OHIP to award any contract or any request for proposal (RFP) for the goods and services described in the RFI. 3. OHIP is subject to strict accountability and reporting requirements as a recipient of funds from public sources. Any response or other information submitted by a respondent to OHIP is subject to disclosure by OHIP as required by law, including but not limited to, the American Recovery and Reinvestment Act of 2009 (Public Law 111-5). OHIP makes no agreements or representations of any kind, and expressly disclaims any requirement to
3 OHIP’s website and detailed links have changed since the RFI was issued. The main website is still www.ohiponline.org
Appendix H - HIE Request For Information (RFI)
H4
5
maintain the confidentiality of any information provided by respondent in response to this RFI. All material and information provided to OHIP in response to this RFI shall upon receipt become the property of OHIP and will not be returned. 4. By submitting a response, the respondent agrees that OHIP may copy the response for purposes of facilitating OHIP’s review or use of the information. OHIP will have the right to use ideas or adaptations of ideas that are presented in the response. The respondent represents that such copying will not violate any copyrights, licenses or other agreement with respect to the materials submitted. 5. Ohio law contains laws which restrict gifts which may be given or received by state employees and requires certain individuals to disclose information concerning their activities with state government. By submission of a response, respondent certifies that respondent has not paid or agreed to pay to any employee, official or current contracting consultant of OHIP any fee, commission or any other thing of value that is in any way contingent upon OHIP contracting with respondent. 6. OHIP reserves the right to modify this RFI at any time. OHIP reserves the right to contact respondents after the submission of responses for the purpose of clarifying any response. Respondent understands that any and all information provided in response to the RFI is subject to validation during any RFP process. By submitting a response each respondent agrees that it will not bring any claim or have any cause of action against OHIP, or any agent of OHIP or the State of Ohio, based on any misunderstanding concerning the information provided in the RFI or concerning OHIP’s failure, negligent or otherwise, to provide the respondent with pertinent information as intended by this RFI. 7. OHIP is not responsible for any costs incurred by a respondent which are related to the preparation or delivery of the response or any other activities of respondent related to this RFI. 8. The laws of the State of Ohio and the United States of America shall apply to and govern the interpretation, validity and effect of this RFI. OHIP contractors and subcontractors may be subject to federal or state laws or regulations applicable to recipients of funds from public sources. Respondents are responsible for determining the applicability of these laws to their activities and for complying with applicable requirements.
Appendix H - HIE Request For Information (RFI)
H5
6
APPENDIX A
Ohio Health Information Partnership Request for Information (RFI)
I. Organization Information Please provide the following information about your organization:
1. Contact information for the individual to whom RFI questions should be directed:
‐ Organization Name: ‐ RFI Contact: ‐ Title: ‐ eMail Address: ‐ Primary Phone Number: ‐ Secondary Phone Number: ‐ Mailing Address: ‐ City: ‐ State: ‐ Zip Code:
2. A brief history of how your organization began offering HIE services including an explanation of how your product(s) evolved from other products/services or were independently developed.
3. A list of where your data centers and staff are located including any critical sub-sourced locations or sites being considered for expansion.
4. Provide a recent white paper/case study prepared by your organization which provides a good explanation of your functional and technical model, strategy and lessons learned (e.g., hyperlink or e-document).
II. Financial Information Please provide the following financial information.
1. Please denote financial information from HIE services for the past three years. Describe the revenue source(s) for each year.
a. Annual revenue by calendar year (in dollars; CY-2009, CY-2008, CY-2007)
• This may include revenue from software license, subscription/participation fees, service/maintenance, public/grant and other
Appendix H - HIE Request For Information (RFI)
H6
7
b. Revenue source by calendar year (500 character maximum; CY-2009, CY-2008, CY-2007)
c. Research and development expenditures for HIE services (in dollars: CY-2008, CY-2008, CY-2007)
d. Provide additional explanation as necessary (free text)
2. Please identify which type of licensing fee your organization uses:
‐ Concurrent ‐ Named user ‐ Unlimited ‐ Role-based ‐ Other (please specify) ‐ N/A
3. Give an overview of your product pricing model beyond licensing fees including the
following: Maintenance fees; Hardware/storage fees; Transaction fees; Training fees; Implementation fees; Unbundled additional costs (third party products/support, etc); any other business models used to maintain financial viability (i.e., advertising placement, sponsorship, etc).
4. If your organization uses a participation fee model (ex., transaction or subscription
fees), describe the model, including which stakeholders pay and how fees are assessed. Please include if your model allows for potential revenue sharing between stakeholders.
5. Denote if you are a public or private entity and/or a for-profit or not-for-profit
organization.
6. Please describe if your organization has any type of minority business designation.
III. Product Offering Please provide the following information about your proposed HIE solution:
1. A brief executive summary including the name of the product(s) and version/release you are proposing for use.
2. A brief explanation of concerns you may have about your solution’s ability to meet any
of OHIP’s Technology Development Principles.
Appendix H - HIE Request For Information (RFI)
H7
3. A list of all certified EHR vendors with which you currently exchange clinical data using the proposed HIE solution including the information noted below. You will be provided an opportunity to provide additional comments as well.
EHR Vendor Product/Version Standard/Format Used
Bi-Directional or Uni-Directional
IV. Range and Type of Health Information Organizations Supported
1. List the health information organizations to which you provide services by type including the number of active users and start date.
Type Name of
Organization # of Active Users Mo/Year of
Go-Live State Designated HIO, Regional HIO, Health System HIO or University-Based HIO
2. Indicate the types of stakeholders who use your HIE services:
Stakeholders Use
(Yes/No) Hospitals Primary Care Physicians Specialty Care Physicians Ambulatory Care/Outpatient Clinics Nursing Homes Rehabilitation or Other Chronic Care Facilities Behavioral Health Providers or Facilities Laboratories Radiology Centers Pharmacies Pharmacy Benefit Managers (PBMs) Federally Qualified Health Centers (FQHCs) Other Community and/or Public Health Clinics Veterans Administration or Dept of Defense Hospitals/Medical Facilities Medicare or Medicaid Organizations
8
Appendix H - HIE Request For Information (RFI)
H8
9
Stakeholders Use (Yes/No)
Private Payer/Health Plans Other Local, State or Federal Governmental Agencies or Entities Employers or Healthcare Purchasers Quality Improvement Organizations Patient or Consumer Groups Other (please specify)
3. Describe your organization’s efforts to participate in the following:
a. Certification Commission for Health Information Technology (CCHIT); Examples: certified vendor, vendor seeking certification, a member of
the CCHIT Commission or an advisory task force) b. Office of the National Coordinator for Health Information Technology
(ONCHIT) Examples: Member of Policy, Standards and Meaningful Use Committees
c. National Health Information Network (NHIN) d. Other HIE Communities, Councils, Task Forces, Commissions, etc
V. Technical Architecture
1. What type of HIE architecture does your organization currently support?
HIE Architecture Type Supported
(Yes/No) Federated Centralized Hybrid Other (please specify)
2. Which of the following architectural elements do you support?
Architectural Element Supported (Yes/No)
Central registry of participating entities Central registry of users (centralized user authentication and authorization) Central patient index/Master patient index (central patient identity resolution)
Record locator service Clinical data repository (clinical data on patients stored centrally) Transaction logs (logs of who requested data and what data was provided) Portal for authorized viewing of data Document registry (locator of documents in federated systems)
Appendix H - HIE Request For Information (RFI)
H9
10
Other (please specify)
3. Is service-oriented architecture (SOA) used? (Yes/No) 4. Provide a high-level technical architecture diagram (hyperlink or e-document). 5. Describe all software and service components including subcontracted services used to
support your architecture and whether your organization or another entity is responsible for managing those components. Please specify open source components.
6. Describe the software, hardware or communication requirements that HIE
participants/providers must purchase/use in order to interface successfully with your HIE? VI. Data Exchange Information
Please provide the following data exchange information. If you support multiple HIOs, provide metrics for your three largest clients.
1. List below the type of data exchange your organization supports and the average number of daily transactions. Indicate “n/a” if not supported.
Data Exchanged Average Number of Daily
Transactions Comment (500 character max per text box)
Continuity of Care Document (CCD)
Continuity of Care Record (CCR)
Other clinical summaries Can include ER summary, discharge summary, referral summary, history and physical, etc
Clinical patient notes
Consultations and Referrals
Dictation Notes
Lab
Radiology
Cardiology
Other ancillary results
Digital chart information In comments, please describe the type of digital information supported (radiology
Appendix H - HIE Request For Information (RFI)
H10
11
Data Exchanged Average Number of Daily Transactions
Comment (500 character max per text box)
images, EKG readings, fetal monitoring results, etc)
e-Rx
Medication history
PBM/formulary integration
Patient messaging/alerts
PHR integration
Home-based monitoring integration
Reporting/receiving immunization data
Provider alerts to and from public health
Other population health reporting/exchange
Disease management reporting/exchange
Quality measure reporting
Eligibility inquiry/response
Referrals and Prior Authorization
Professional Claims
Institutional Claims
Dental Claims
Claim Attachments
Claim Status
Payment Advice
Patient appointment scheduling
2. List below the transaction standard used by your organization for each type of data exchange
you support (ex., HL7 2.5.1, HITSP C32, X12 835, custom/proprietary, PDF).
Data Exchanged Standard Used
Continuity of Care Document (CCD)
Appendix H - HIE Request For Information (RFI)
H11
12
Data Exchanged Standard Used
Continuity of Care Record (CCR)
Other clinical summaries
Clinical patient notes
Consultations and Referrals
Dictation Notes
Lab
Radiology
Cardiology
Other ancillary results
Digital chart information
e-Rx
Medication history
PBM/formulary integration
Patient messaging/alerts
PHR integration
Home-based monitoring integration
Reporting/receiving immunization data
Provider alerts to and from public health
Other population health reporting/exchange
Disease management reporting/exchange
Quality measure reporting
Eligibility inquiry/response
Referrals and Prior Authorization
Professional Claims
Institutional Claims
Dental Claims
Claim Attachments
Appendix H - HIE Request For Information (RFI)
H12
13
Data Exchanged Standard Used
Claim Status
Payment Advice
Patient appointment scheduling
3. List if the data exchange is occurring in a production or pilot environment and among which types of HIE participants. You will be provided an opportunity to provide additional comments as well.
Data Exchanged Prod
Or
Pilot
Hosp
IP
Hosp
OP
Phys
Office
FQHCs/
Public
Health
Facility
Ancillary
Service
Public/
Private
Payer
State
Gov’t
Registry
Continuity of Care Document (CCD)
Continuity of Care Record (CCR)
Other clinical summaries
Clinical patient notes
Consultations and Referrals
Dictation Notes
Lab
Radiology
Cardiology
Other ancillary results
Digital chart information
e-Rx
Medication history
PBM/formulary
Appendix H - HIE Request For Information (RFI)
H13
14
Data Exchanged Prod
Or
Pilot
Hosp
IP
Hosp
OP
Phys
Office
FQHCs/
Public
Health
Facility
Ancillary
Service
Public/
Private
Payer
State
Gov’t
Registry
integration
Patient messaging/alerts
PHR integration
Home-based monitoring integration
Reporting/receiving immunization data
Provider alerts to and from public health
Other population health reporting/exchange
Disease management reporting/exchange
Quality measure reporting
Eligibility inquiry/response
Referrals and Prior Authorization
Professional Claims
Institutional Claims
Dental Claims
Claim Attachments
Claim Status
Payment Advice
Patient appointment scheduling
Appendix H - HIE Request For Information (RFI)
H14
15
4. Which messaging standards and versions are supported: Messaging Standard Supported (Yes/No) Versions
HL7 DICOM NCPDP X12 CDA/CCR Other (please specify)
5. Which of the following data management strategies are supported by your service:
Data Management Strategy Supported (Yes/No)
Normalization and encoding Language normalization Export and registration of data objects/data staging Communication and display Correctness – data correction Data filtering Privileged data Data translation/file conversion (ex. proprietary to standard format or vice versa)
Other (please specify)
6. Which data vocabularies (i.e., reference terminologies) do you support?
Data Vocabulary Supported (Yes/No)
SnoMed LOINC NDC ICD-9 ICD-10 CPT-4 HCPCS RxNorm Other (please specify)
Appendix H - HIE Request For Information (RFI)
H15
16
VII. Additional Provider Services
1. Please denote the additional provider services you support:
Additional Provider Service Supported (Yes/No)
Full ASP-model EHR support (certified) e-Rx Document scanning Practice management solution Appointment scheduling solution PHR (specify type) Provider access to health research/educational information Patient access to health research/educational information Other (please specify)
VIII. Security and Privacy 1. Indicate which of the following security strategies are supported by your architecture:
Security Strategy Supported (Yes/No)
HIPAA Compliance (including ARRA requirements) FTC “Red Flag” rules for identity theft Access Role-based Encryption Entity/Individual Authentication/Trust Model Auditing/Logs/Review HISPC standards Other (please specify)
2. Does your HIE permit patient opt in/opt out? If yes, please indicate the type of opt in/opt out supported:
Type Opt-In, Opt-
Out or Both Supported (Yes/No)
By provider By facility
Appendix H - HIE Request For Information (RFI)
H16
17
By data type (specify behavioral health, infectious disease, etc.)
Other
IX. Staffing and Implementation Please provide the following information about your staff and implementation process:
1. A summary of your staffing history including the following:
a. Total number of full-time employees dedicated to your software solution broken down by sales, implementation, support and development (CY-2009, CY-2008, CY-2007)
b. Briefly describe any significant reorganizations or changes to your software lines of business in the past three years or planned in the next three years.
c. Briefly describe any significant changes in your executive leadership during the past three years and the impact on your software lines of business.
2. A sample work plan of the tasks and date ranges necessary to bring your proposed
solution live if implementation were to begin in May 2010 (hyperlink or e-document). 3. An example of the type of training materials you offer to HIE participants and the
mechanisms used (e.g., webcast, online training, e-document, on-site, etc; hyperlink or e-document).
X. Other At the end of the OHIP HIE RFI survey tool, you will be asked to provide the name and email address of the individual who completed the survey tool for your organization and to accept the terms and conditions of this RFI.
Appendix H - HIE Request For Information (RFI)
H17
ID Task Name Resource Names
1 OHIP Administrative Efforts
2 Expand Board Membership Exec Comm
3 Staffing
4 Hire President/CEO Exec Comm
5 Hire COO/CIO Exec Comm
6 Hire CFO Exec Comm
7 Hire Full-Time Communications Director Exec Comm
8 Hire Additional HIE Support Staff Exec Comm
9 OHIP Contract Resources
10 Contract with part-time financial expert Exec Comm
11 Contract with part-time communications expert Exec Comm
12 Contract with legal counsel Exec Comm
13 ONC PMO/GMO Coordination
14 HIE PMO Planning
15 Identify State HIT Coordinator Gov Office
16 ONC announces HIE awards ONC
17 Submit plan to complete strategic plan OHIP staff
18 Attend State HIE Leadership Summit OHIP
19 Complete HIE State Plan HIE Comm
20 Ongoing Webinars/Calls
21 Bi-weekly PMO calls OHIP staff
22 Bi-weekly CMS/HITECH calls OHIP staff
23 Weekly SLHIE webinars/calls OHIP staff
24 Routine NHIN webinars/calls OHIP staff
25 HIE Financial/Status Reporting
26 Establish reporting process
27 Register at FederalReporting.Gov (notify ONC) OHIP staff
28 Complete 199A DD form to PMS OHIP staff
2/26/10
9/30/10
10/1/10
12/31/10
11/1/10
10/31/10
3/1/10
5/1/10
3/27/10
1/1/10
2/12/10
3/15/10
5/12/10
7/26/10
2/1/11
9/27/10
2/1/11
2/1/11
4/29/104/29/10
3/2/10
3/2/10
Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 42009 2010 2011 2012 2013 2014
Task
Milestone
Summary
Rolled Up Task
Rolled Up Milestone
Rolled Up Progress
Split
External Tasks
Project Summary
Group By Summary
Inactive Task
Inactive Milestone
Inactive Summary
Manual Task
Duration-only
Manual Summary Rollup
Manual Summary
Start-only
Finish-only
Progress
Deadline
Incomplete tasks
Completed tasks
Completed Milestone
Ohio Health Information PartnershipHIE Technical Implementation Plan
Page 1
Project: ohip.hie.state.planDate: Tue 11/30/10
Appendix I
Revised 11/29/10 I1
ID Task Name Resource Names
29 Establish quarterly financial reporting process (FSR)
OHIP staff
30 Establish quarterly ARRA 1512 process OHIP staff
31 Determine HIE metrics
32 Document HIE metric reporting requirements ONC
33 Determine how HIE metrics will be gathered OHIP staff
34 Determine HIE metrics to be gathered by RPs OHIP staff
35 Update Sharepoint portal/CRM tool to support metrics
OHIP staff
36 Maintain reporting process
37 Submit Quarterly ARRA Reports OHIP staff
38 Submit Quarterly Financial Status Reports OHIP staff
39 Submit Semi-Annual ONC Program Process Reports
OHIP staff
40 Begin reporting HIE metrics OHIP staff
41 Stakeholder Engagement
42 HIE Committee
43 Form HIE Committee Exec Comm
44 Contribute to/oversight RFI process HIE Comm
45 Contribute to HIE State Plan HIE Comm
46 Contribute/oversight RFP process HIE Comm
47 Contribute/oversight HIE implementation process HIE Comm
48 Develop HIE communication strategy HIE Comm
49 Privacy and Security Workgroup
50 Finalize workgroup members and charter Exec Comm
51 Update pertinent legal citations P&S Comm
52 Recommend changes to state law if applicable P&S Comm
4/10/10
4/29/10
12/31/10
1/31/11
2/28/11
3/31/11
2/7/14
2/7/14
2/7/14
2/10/11
1/1/10
3/31/10
7/1/10
9/15/10
6/1/11
5/31/11
8/31/10
12/31/10
12/31/10
Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 42009 2010 2011 2012 2013 2014
Task
Milestone
Summary
Rolled Up Task
Rolled Up Milestone
Rolled Up Progress
Split
External Tasks
Project Summary
Group By Summary
Inactive Task
Inactive Milestone
Inactive Summary
Manual Task
Duration-only
Manual Summary Rollup
Manual Summary
Start-only
Finish-only
Progress
Deadline
Incomplete tasks
Completed tasks
Completed Milestone
Ohio Health Information PartnershipHIE Technical Implementation Plan
Page 2
Project: ohip.hie.state.planDate: Tue 11/30/10
Appendix I
Revised 11/29/10 I2
ID Task Name Resource Names
53 Recommend consumer consent model P&S Comm
54 Develop trust agreement and related policies P&S Comm
55 Address cross-state exchange policies P&S Comm
56 Develop privacy and security workflows and policies
P&S Comm
57 Develop privacy and security education materials P&S Comm
58 Promote model permission form and policy/procedures
P&S Comm
59 Determine limits on Medicaid eligiblity data P&S Comm
60 Recommend technical security model P&S Comm,HIE Comm
61 Eligibility Workgroup
62 Finalize workgroup members and charter Exec Comm
63 Determine PPACA (1561) impact on HIE efforts Elig Comm
64 Determine scope of eligibility services Elig Comm
65 Determine timeline for Medicaid integration Elig Comm
66 Pursue Medicaid eligiblity process changes Elig Comm
67 NHIN Workgroup
68 Finalize workgroup members and charter Exec Comm
69 Monitor national protocol development NHIN Comm
70 Create/distribute national protocol education materials
NHIN Comm
71 Plan interstate/federal agency exchange efforts NHIN Comm
72 Conduct interstate outreach efforts NHIN Comm
73 REC Committee
74 Coordinate HIE requirements for preferred vendors
REC Comm
75 Coordinate REC BH Workgroup adoption efforts REC Comm
12/31/10
12/31/10
12/31/10
12/31/10
3/1/11
6/1/11
3/1/11
3/1/11
8/31/10
12/31/10
12/31/10
12/31/10
12/31/10
1/31/11
9/1/11
9/1/11
12/30/11
12/30/11
6/1/11
6/1/11
Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 42009 2010 2011 2012 2013 2014
Task
Milestone
Summary
Rolled Up Task
Rolled Up Milestone
Rolled Up Progress
Split
External Tasks
Project Summary
Group By Summary
Inactive Task
Inactive Milestone
Inactive Summary
Manual Task
Duration-only
Manual Summary Rollup
Manual Summary
Start-only
Finish-only
Progress
Deadline
Incomplete tasks
Completed tasks
Completed Milestone
Ohio Health Information PartnershipHIE Technical Implementation Plan
Page 3
Project: ohip.hie.state.planDate: Tue 11/30/10
Appendix I
Revised 11/29/10 I3
ID Task Name Resource Names
76 Coordinate e-Prescription Workgroup efforts REC Comm
77 REC Regional Partners Committee
78 Coordinate HIE adoption efforts with RPs REC Comm
79 Communication Committee
80 Publish weekly OHIP newsletter Comm Comm
81 Update OHIP HIE internet portal Comm Comm
82 Create Sharepoint collaboration portal Comm Comm
83 Develop HIE materials for preferred vendors Comm Comm
84 Develop HIE outreach materials for RPs Comm Comm
85 Develop HIE education materials for RPs Comm Comm
86 Create method for gathering positive patient outcomes
Comm Comm
87 OHIP Board
88 Provide monthly status reports OHIP staff
89 Provide monthly HIE presentation updates OHIP staff
90 State Interagency Council
91 Form State Interagency Council State HIT
92 Contribute to HIE State Plan SIC
93 ODH: NHIN testing/development with CDC SIC
94 ODH: Immunization, surveillance and reportable lab
SIC
95 ODI: Coordinate health reform IT SIC
96 ODJFS: Coordinate incentive program requirements
SIC
97 ODJFS: Coordinate Medicaid eligibility data efforts
SIC
98 ODMH/ODADAS: BH health IT adoption efforts SIC,BH Comm
99 HCCQC HIT Task Force
100 Form HCCQC HIT Task Force Gov Office
6/1/11
6/1/11
2/7/14
7/1/10
8/31/10
5/31/11
5/31/11
5/31/11
12/30/11
1/31/14
1/31/14
4/1/10
7/8/10
12/31/10
2/7/14
2/7/14
2/7/14
2/7/14
7/25/12
4/1/10
Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 42009 2010 2011 2012 2013 2014
Task
Milestone
Summary
Rolled Up Task
Rolled Up Milestone
Rolled Up Progress
Split
External Tasks
Project Summary
Group By Summary
Inactive Task
Inactive Milestone
Inactive Summary
Manual Task
Duration-only
Manual Summary Rollup
Manual Summary
Start-only
Finish-only
Progress
Deadline
Incomplete tasks
Completed tasks
Completed Milestone
Ohio Health Information PartnershipHIE Technical Implementation Plan
Page 4
Project: ohip.hie.state.planDate: Tue 11/30/10
Appendix I
Revised 11/29/10 I4
ID Task Name Resource Names
101 Provide monthly HIE status updates State HIT
102 Contribute to HIE State Plan State HIT
103 Procurement Process
104 RFI Process
105 Develop RFI HIE Comm
106 Issue RFI HIE Comm
107 Respond to vendor questions HIE Comm
108 Close RFI HIE Comm
109 Review Responses HIE Comm
110 Select vendors to participate in RFP (8) HIE Comm
111 RFP Process
112 Prepare RFP documents
113 Develop RFP Draft HIE Comm
114 Finalize requirements HIE Comm
115 Finalize use cases OHIP staff
116 Finalize scoring criteria HIE Scoring Team
117 Finalize contractual terms Exec Comm,Legal
118 Finalize selection committee(s) Exec Comm
119 Finalize dates HIE Comm
120 Issue RFP
121 Notify vendors OHIP staff
122 Hold bidders webinar OHIP staff,Legal
123 Respond to vendor questions Legal,OHIP staff
124 Close RFP OHIP staff
125 Evaluate responses and client references HIE Scoring Team
126 Select first round HIE Scoring Team
127 Conduct use cases/demos HIE Scoring Team
128 Select second round HIE Scoring Team
129 Conduct site/client visits OHIP staff
12/30/11
7/8/10
1/1/10
1/21/10
2/19/10
3/1/10
3/31/10
3/31/10
5/14/10
8/20/10
8/20/10
8/20/10
8/20/10
8/20/10
8/20/10
9/16/10
9/17/10
10/1/10
10/22/10
11/8/10
11/8/10
11/23/10
12/3/10
12/10/10
Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 42009 2010 2011 2012 2013 2014
Task
Milestone
Summary
Rolled Up Task
Rolled Up Milestone
Rolled Up Progress
Split
External Tasks
Project Summary
Group By Summary
Inactive Task
Inactive Milestone
Inactive Summary
Manual Task
Duration-only
Manual Summary Rollup
Manual Summary
Start-only
Finish-only
Progress
Deadline
Incomplete tasks
Completed tasks
Completed Milestone
Ohio Health Information PartnershipHIE Technical Implementation Plan
Page 5
Project: ohip.hie.state.planDate: Tue 11/30/10
Appendix I
Revised 11/29/10 I5
ID Task Name Resource Names
130 Recommend final vendor HIE Scoring Team
131 Select final vendor OHIP Board
132 Select Vendor
133 Negotiate terms OHIP staff,Legal
134 Notify ONC/GMO OHIP staff,Legal
135 Finalize contract OHIP Board
136 HIE Implementation
137 Pre-Planning
138 Finalize core/phase deployment model Vendor,Exec Comm
139 Finalize key deliverables and dates Vendor,Exec Comm
140 Determine HIE staffing impact Vendor,Exec Comm
141 Create implementation workplan Vendor,OHIP Project Team
142 Select HIE Implementation Committee (s) Exec Comm
143 Hold Kick-Off Meeting Vendor,OHIP Project Team
144 Develop communication plan Vendor,OHIP Project Team
145 Requirements Planning
146 Technical system/network design Vendor
147 Trust model design P&S Comm
148 Functional component design core support Vendor,OHIP Project Team
149 Functional component design clinical services Vendor,OHIP Project Team
150 Functional component design administrative Vendor,OHIP Project Team
151 EHR integration strategy physicians Vendor,OHIP Project Team
152 EHR integration strategy hospitals and HIOs Vendor,OHIP Project Team
153 Provider on-boarding requirements Vendor,OHIP Project Team
154 NHIN protocol use Vendor,OHIP Project Team
155 Conversion/pre-load requirements Vendor,OHIP Project Team
156 Customization requirements Vendor,OHIP Project Team
157 Review conversion/pre-load requirements Vendor,OHIP Project Team
158 Review customization requirements Vendor,OHIP Project Team
1/21/11
1/21/11
1/21/11
1/24/11
1/31/11
2/15/11
2/15/11
2/15/11
2/15/11
2/15/11
3/1/11
2/28/11
4/1/11
3/31/11
3/31/11
3/31/11
3/31/11
3/31/11
3/31/11
3/31/11
3/31/11
3/31/11
3/31/11
3/31/11
3/31/11
Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 42009 2010 2011 2012 2013 2014
Task
Milestone
Summary
Rolled Up Task
Rolled Up Milestone
Rolled Up Progress
Split
External Tasks
Project Summary
Group By Summary
Inactive Task
Inactive Milestone
Inactive Summary
Manual Task
Duration-only
Manual Summary Rollup
Manual Summary
Start-only
Finish-only
Progress
Deadline
Incomplete tasks
Completed tasks
Completed Milestone
Ohio Health Information PartnershipHIE Technical Implementation Plan
Page 6
Project: ohip.hie.state.planDate: Tue 11/30/10
Appendix I
Revised 11/29/10 I6
ID Task Name Resource Names
159 Sign-off on requirements Exec Comm
160 System Development
161 Build system environments (test, prod, etc) Vendor
162 Build DR environment Vendor
163 Master Entity Index Development
164 Determine source extent/source of data Exec Comm
165 Developing on-boarding model Vendor,OHIP Project Team
166 Test on-boarding process Vendor,OHIP Project Team
167 Develop issue resolution process OHIP Proj Team
168 Disaster Recovery Planning
169 Review/refine vendor disaster recovery plan Vendor,OHIP Project Team
170 Develop required audit documentation Vendor,OHIP Project Team
171 Document DR staff and contact information Vendor,OHIP Project Team
172 System Testing
173 Develop system test plans Vendor,OHIP Project Team
174 Conduct functional/use case tests Vendor,OHIP Project Team
175 Conduct performance/load tests Vendor,OHIP Project Team
176 Conduct integration testing Vendor,OHIP Project Team
177 Conduct DR test Vendor,OHIP Project Team
178 Refine test plans and design Vendor,OHIP Project Team
179 Policies and Procedures
180 Document operating policies and procedures OHIP Proj Team
181 Document help desk policies and procedures OHIP Proj Team
182 Document help desk materials (FAQs, tools) OHIP Proj Team
183 Document provider on-boarding policies and procedures
OHIP Proj Team
184 Training Materials
4/1/11
4/29/11
4/29/11
4/15/11
5/30/11
4/29/11
4/29/11
4/15/11
4/29/11
5/16/11
4/15/11
4/29/11
5/2/11
5/2/11
5/2/11
5/18/11
4/29/11
4/29/11
4/29/11
5/15/11
Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 42009 2010 2011 2012 2013 2014
Task
Milestone
Summary
Rolled Up Task
Rolled Up Milestone
Rolled Up Progress
Split
External Tasks
Project Summary
Group By Summary
Inactive Task
Inactive Milestone
Inactive Summary
Manual Task
Duration-only
Manual Summary Rollup
Manual Summary
Start-only
Finish-only
Progress
Deadline
Incomplete tasks
Completed tasks
Completed Milestone
Ohio Health Information PartnershipHIE Technical Implementation Plan
Page 7
Project: ohip.hie.state.planDate: Tue 11/30/10
Appendix I
Revised 11/29/10 I7
ID Task Name Resource Names
185 Determine training approach/methodology Vendor,OHIP Project Team
186 Document/update entity training materials OHIP Proj Team
187 Document/update HIE staff training materials OHIP Proj Team
188 Document training schedule OHIP Proj Team
189 Marketing and Outreach Materials
190 Prepare final HIE marketing/outreach materials Vendor,OHIP Project Team
191 Review with regional partners/vendors REC Comm
192 Update OHIP HIE website OHIP staff
193 Core Support Go-Live
194 Finalize implementation plan Vendor,OHIP Project Team
195 Train implemementation staff Vendor,OHIP Project Team
196 Train users Vendor,OHIP Project Team
197 Conduct communication tasks in prep for go-live Vendor,OHIP Project Team
198 Resolve go/no-go issues Vendor,OHIP Project Team
199 Infrastructure Go-Live Vendor,OHIP Project Team
200 Phase I HIE Service Go-Live
201 Finalize implementation plan Vendor,OHIP Project Team
202 Train implemementation staff Vendor,OHIP Project Team
203 Train users Vendor,OHIP Project Team
204 Conduct communication tasks in prep for go-live Vendor,OHIP Project Team
205 Resolve go/no-go issues Vendor,OHIP Project Team
206 Phase I Go-Live Vendor,OHIP Project Team
207 Phase II HIE Service Go-Live
208 Finalize implementation plan Vendor,OHIP Project Team
209 Train implemementation staff Vendor,OHIP Project Team
210 Traini users Vendor,OHIP Project Team
4/29/11
4/29/11
4/29/11
4/29/11
5/31/11
5/31/11
5/31/11
6/30/11
6/30/11
6/30/11
6/30/11
6/30/11
7/1/11
7/29/11
7/29/11
7/29/11
7/29/11
7/29/11
8/1/11
11/11/11
11/11/11
11/11/11
Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 42009 2010 2011 2012 2013 2014
Task
Milestone
Summary
Rolled Up Task
Rolled Up Milestone
Rolled Up Progress
Split
External Tasks
Project Summary
Group By Summary
Inactive Task
Inactive Milestone
Inactive Summary
Manual Task
Duration-only
Manual Summary Rollup
Manual Summary
Start-only
Finish-only
Progress
Deadline
Incomplete tasks
Completed tasks
Completed Milestone
Ohio Health Information PartnershipHIE Technical Implementation Plan
Page 8
Project: ohip.hie.state.planDate: Tue 11/30/10
Appendix I
Revised 11/29/10 I8
ID Task Name Resource Names
211 Conduct communication tasks in prep for go-live Vendor,OHIP Project Team
212 Resolve go/no-go issues Vendor,OHIP Project Team
213 Phase II Go-Live Vendor,OHIP Project Team
214 Phase III HIE Service Go-Live
215 Finalize implementation plan Vendor,OHIP Project Team
216 Train implemementation staff Vendor,OHIP Project Team
217 Train users Vendor,OHIP Project Team
218 Conduct communication tasks in prep for go-live Vendor,OHIP Project Team
219 Resolve go/no-go issues Vendor,OHIP Project Team
220 Phase III Go-Live Vendor,OHIP Project Team
11/11/11
11/11/11
12/1/11
5/31/12
5/31/12
5/31/12
5/31/12
5/31/12
6/1/12
Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 4 Qtr 1 Qtr 2 Qtr 3 Qtr 42009 2010 2011 2012 2013 2014
Task
Milestone
Summary
Rolled Up Task
Rolled Up Milestone
Rolled Up Progress
Split
External Tasks
Project Summary
Group By Summary
Inactive Task
Inactive Milestone
Inactive Summary
Manual Task
Duration-only
Manual Summary Rollup
Manual Summary
Start-only
Finish-only
Progress
Deadline
Incomplete tasks
Completed tasks
Completed Milestone
Ohio Health Information PartnershipHIE Technical Implementation Plan
Page 9
Project: ohip.hie.state.planDate: Tue 11/30/10
Appendix I
Revised 11/29/10 I9
Permission to Use and Disclose Health Information for Treatment, Payment and Operations This form provides the permission needed to use and share your healthcare information in Ohio for medical care, payment for medical care and general operations of your healthcare providers and payers. This permission allows your health care provider to share information to assist in your care, and to provide information to your insurance company or other payer to obtain payment for care. Your information may also be disclosed when required by law. Read more about these required disclosures in our Notice of Privacy Practices. By signing this form, you are not giving your informed consent for medical treatment. The laws listed below may also apply to the release of your information. These definitions apply to the Permission Form. Mental health Stricter confidentiality rules protect your information if laws related to mental health cover any part of your records. See Ohio Revised Code (ORC) Section 5122.31. These laws prohibit anyone who receives your information from making any further disclosures without your specific written permission. A general permission for release of such information is not sufficient for this purpose. Mental health information released with your permission does not include psychotherapy notes. Also, state law may allow your provider to refuse to disclose mental health records to you if the provider thinks that releasing the information is not in your best interest. HIV/AIDS information Stricter confidentiality rules protect your information if laws related to HIV/AIDS cover any part of your records. See Ohio Revised Code (ORC) Section 3701.243. A general permission for release of such information is not sufficient for this purpose. Drug and alcohol treatment records Stricter confidentiality rules protect your information if drug and alcohol treatment laws (42 CFR Part 2) cover any part of your records. Federal law prohibits anyone who receives your information from making any further disclosures without your specific written permission. A general authorization for the release of medical or other information is not sufficient for this purpose. Federal law prohibits use of this information to criminally investigate or prosecute anyone having alcohol or drug abuse treatment records. Medicaid and public assistance programs If Ohio Medicaid or public assistance programs cover any part of your records, the Ohio Department of Job and Family Services (ODJFS) or a county equivalent may only release your records if you complete this form and meet all applicable conditions listed therein. These entities may only release your Ohio Medicaid (Chapter 5111 of the ORC) or public assistance information (found in Chapters 5101 and 5115) if both of the following apply:
A. The release of information is for purposes directly connected to administering the Medicaid and/or public assistance programs as defined in either federal or state law, whichever is directly applicable;
B. The information is released to persons or government entities that are subject to the standards of confidentiality and safeguarding of information substantially comparable to those established for the public assistance and/or Medicaid programs.
If this information is to be released for an insurance claim or tort action (lawsuit), Ohio law grants ODJFS rights of recovery against the liability of a third party for the cost of medical services paid by or billed to the agency. (See ORC Section 5101.58 and Ohio Administrative Code (OAC) Rule 5101:3-1-08.) When you or someone on your behalf requests a financial statement (a claim) from a Medicaid provider for services paid by or to be billed to ODJFS, the provider must immediately notify the agency when it receives your request (OAC 5010:3-1-08(L)). In addition, the provider must forward a copy of the request to the ODJFS Bureau of Plan Operations’ Benefit and Recovery Section. The provider must also stamp or type the following on each page of the financial statement: “Subject to right of recovery pursuant to Section 5101.58 of the Ohio Revised Code. Failure to comply may result in personal liability.” Workers Compensation If release of information is for use in administering an Ohio workers’ compensation claim, it is limited to medical, psychological and/or psychiatric data (excluding psychotherapy notes) causally or historically related to physical or mental injuries pertaining to that claim.
Appendix J - HISPC Model Permission Form
J1
Permission to Use and Disclose Health Information Treatment, Payment and Operations
[Insert name & Address of Provider or health plan/insurer]
Name: Date of birth (mm/dd/yyyy): Address: Telephone numbers: (home) (work) (cell) Email address: ________________________________________________________ Workers’ compensation claim number, if applicable: Social Security number (last four digits) Other identifier:
General Medical Use or Release
I give permission to [insert provider name or insurer/health plan] to use or release relevant personal health information, whether created by [insert provider name or insurer/health plan] or obtained from others, to any healthcare provider, facility, insurer or health plan so that I may receive treatment, pay for treatment or allow [insert provider or insurer/health plan] to conduct business necessary to treat or provide me with health care services. The person or entity will use or disclose only the minimum amount of information necessary. For treatment purposes, I understand that the minimum amount of information necessary may include all of my information. This permission includes records relating to (write your initials next to the records to be included and strike through lines that do not apply):
__ Diagnoses and/or treatment for alcohol and/or drug abuse or dependency; __ AIDS/AIDS-related complex (ARC) or HIV status diagnoses and/or treatment; __ Mental health records.
If this is a workers' compensation claim, I give permission for information relevant to my claim, either causally or historically, to be released to the Ohio Bureau of Workers’ Compensation (BWC), the Industrial Commission of Ohio (IC) and the following individuals or entities who are parties to my claim: the employer of record and/or any authorized representative(s), the employer of record’s managed care organization (MCO) or qualified health plan (QHP), and my authorized representative(s). This permission to release information in connection with my workers’ compensation claim will remain in effect for as long as my claim remains open under Ohio law. I request the following restrictions on the general release of my health information. I understand that my healthcare provider must agree with these restrictions:
Appendix J - HISPC Model Permission Form
J2
Signature
I have a right to inspect or copy my protected health information. You may charge me a reasonable fee for copies of my information. See instructions for the charges that apply. This permission continues unless I revoke it. If this permission applies to mental health records covered by ORC Section 5122.31, this permission expires 180 days from the date below unless I specify an earlier or longer date or a specific condition or event: ___________________________________
Patient: Date: OR: Personal/legal representative: I, (please print your name) ________________________, represent that I am the (circle one): legal healthcare agent/guardian/surrogate/parent of the patient named above. Signature: Date:
Appendix J - HISPC Model Permission Form
J3
Permission to Release Health Information This form combines all permissions needed to disclose your healthcare information in Ohio for specific reasons, other than for treatment, payment or operations. For example, this permission is necessary to allow access to your healthcare information in connection with legal medical claims, lawsuits, or other matters. Your information may also be disclosed when required by law. Notice of medical record copying charges Entities that charge individuals for copies of protected health information should insert fees and payment policy here. The laws listed below may also apply to the release of your information. These definitions apply to the Permission Form. Mental health Stricter confidentiality rules protect your information if laws related to mental health cover any part of your records. See Ohio Revised Code (ORC) Section 5122.31. These laws prohibit anyone who receives your information from making any further disclosures without your specific written permission. A general permission for release of such information is not sufficient for this purpose. Mental health information released with your permission does not include psychotherapy notes. Also, state law may allow your provider to refuse to disclose mental health records to you if the provider thinks that releasing the information is not in your best interest. HIV/AIDS information Stricter confidentiality rules protect your information if laws related to HIV/AIDS cover any part of your records. See Ohio Revised Code (ORC) Section 3701.243. A general permission for release of such information is not sufficient for this purpose. Drug and alcohol treatment records Stricter confidentiality rules protect your information if drug and alcohol treatment laws (42 CFR Part 2) cover any part of your records. Federal law prohibits anyone who receives your information from making any further disclosures without your specific written permission. A general authorization for the release of medical or other information is not sufficient for this purpose. Federal law prohibits use of this information to criminally investigate or prosecute anyone having alcohol or drug abuse treatment records. Medicaid and public assistance programs If Ohio Medicaid or public assistance programs cover any part of your records, the Ohio Department of Job and Family Services (ODJFS) or a county equivalent may only release your records if you complete this form and meet all applicable conditions listed therein. These entities may only release your Ohio Medicaid (Chapter 5111 of the ORC) or public assistance information (found in Chapters 5101 and 5115) if both of the following apply:
A. The release of information is for purposes directly connected to administering the Medicaid and/or public assistance programs as defined in either federal or state law, whichever is directly applicable;
B. The information is released to persons or government entities that are subject to the standards of confidentiality and safeguarding of information substantially comparable to those established for the public assistance and/or Medicaid programs.
If this information is to be released for an insurance claim or tort action (lawsuit), Ohio law grants ODJFS rights of recovery against the liability of a third party for the cost of medical services paid by or billed to the agency. (See ORC Section 5101.58 and Ohio Administrative Code (OAC) Rule 5101:3-1-08.) When you or someone on your behalf requests a financial statement (a claim) from a Medicaid provider for services paid by or to be billed to ODJFS, the provider must immediately notify the agency when it receives your request (OAC 5010:3-1-08(L)). In addition, the provider must forward a copy of the request to the ODJFS Bureau of Plan Operations’ Benefit and Recovery Section. The provider must also stamp or type the following on each page of the financial statement: “Subject to right of recovery pursuant to Section 5101.58 of the Ohio Revised Code. Failure to comply may result in personal liability.” Workers’ Compensation If release of this information is for use in administering an Ohio workers’ compensation claim, it is limited to medical, psychological and/or psychiatric data (excluding psychotherapy notes) causally or historically related to physical or mental injuries pertaining to that claim.
Appendix J - HISPC Model Permission Form
J4
Permission to Release Health Information For purposes other than treatment, payment or healthcare operations
[Insert name & address of Provider or Health Plan/Insurer]
Name: Date of birth (mm/dd/yyyy): Address: Telephone numbers: (home) (work) (cell) Email address: ________________________________________________________ Workers’ compensation claim number, if applicable: Social Security number (last four digits) Other identifier:
I authorize [insert provider name or insurer/health plan] to disclose (write your initials next to the records to be included and strike through lines that do not apply):
All records (whether originally created or obtained from others) ___
OR (choose from below)
__ Hospital/Emergency department records ___ Physician/Clinic records __ Skilled nursing facility/long term care records
__ Dental records ___ Physical/Occupational/Speech Therapy records ___ Treatment facility records ___Other: ________________________
This permission includes records relating to (check if applicable):
__ Diagnoses and/or treatment for alcohol and/or drug abuse or dependency; __ AIDS/AIDS-related complex (ARC) or HIV status diagnoses and/or treatment; __ Mental health records.
Send this information by (circle one) U.S. mail or electronically to: Name Email Address City, State, ZIP code Telephone Fax
If this is a workers' compensation claim, information will be released to the Ohio Bureau of Workers’ Compensation (BWC), the Industrial Commission of Ohio (IC) and the following individuals or entities previously identified who are parties to my claim: the employer of record and/or any authorized representative(s), the employer of record’s managed care organization (MCO) or qualified health plan (QHP), and my authorized representative(s). Purpose of disclosure: __ At my request __ Workers’ compensation; for use in administering my Ohio workers’ compensation claim identified above __ Other – Describe why you are disclosing information:
Appendix J - HISPC Model Permission Form
J5
By signing below, I understand that: I have the right to revoke this permission at any time by giving written notice to (insert name and address). This revocation must be in writing except in the case of drug and alcohol treatment records [insert provider name] will honor my revocation after [insert provider name] receives it, but I understand that my revocation will have no impact on uses or disclosures made while this permission was in effect. This permission will remain in effect for one year or until I revoke it, whichever comes first. If this permission applies to mental health records covered by ORC Section 5122.31, then this permission expires 180 days from the date below or an earlier or longer date or a specific condition or event that I specify: ___________________________________ Except as noted in the instructions, any information used or disclosed by this specific permission may be re-disclosed by the person or entity receiving the information and may no longer be protected by federal or state law. I have a right to inspect or copy my protected health information. You may charge me a reasonable fee for copies of my information. See instructions for the charges that apply. If by law you cannot send the protected health information to the entity listed above, I will initial the following space to have you send a copy of the information directly to me:__________. I am not required to sign this permission. If I refuse to sign this form, it will not affect my treatment, payment for treatment or eligibility for healthcare benefits to which I may be entitled. However, if I request a release of information, you cannot release it unless I sign this form. I have a right to receive a copy of this signed form.
Signature Patient: Date: OR: Personal/legal representative: I, (please print your name) ________________________, represent that I am the (circle one): legal healthcare agent/guardian/surrogate/parent of the patient named above. Signature: Date:
Appendix J - HISPC Model Permission Form
J6
Ohio’s Road to Health Information Exchange
What is OHIP’s
Strategy and How
can we help you? Executive Brief
2010
www.ohiponline.org 3455 Mill Run, Hilliard, OH 43026
Appendix K - HIE White Paper
Submitted 11/29/10 K1
2
TABLE OF CONTENTS
Executive Summary of OHIP’s Health Information Exchange (HIE) State Plan ................................................................... 4
What is a Health Information Exchange (HIE)? ................................................................................................................... 4
What is driving OHIP’s HIE Strategy? .................................................................................................................................. 5
Meaningful Use ................................................................................................................................................................ 5
Balancing Core Services with Regional Flexibility ............................................................................................................ 6
Sustainability .................................................................................................................................................................... 7
National Standards Development.................................................................................................................................... 7
Who Can Participate? .......................................................................................................................................................... 8
What Can OHIP Do for Ohio? .............................................................................................................................................. 8
Services to allow you to easily find patient information from trusted sources .............................................................. 8
Services to achieve meaningful use ............................................................................................................................... 10
Integration with Health Information Technology Vendors ........................................................................................... 11
Services to achieve administrative efficiency ................................................................................................................ 12
Is the technology ready? ................................................................................................................................................... 12
Can privacy and security be achieved? ............................................................................................................................. 13
Who Pays for it? ................................................................................................................................................................ 14
OHIP’s Sustainability Objectives .................................................................................................................................... 15
OHIP’s Sustainability Strategy ........................................................................................................................................ 15
Timeline ............................................................................................................................................................................. 16
Who Will Lead the Project? What is the Governance Model? ......................................................................................... 17
OHIP Leadership Staff .................................................................................................................................................... 17
OHIP Stakeholder Engagement...................................................................................................................................... 18
State Government Collaboration ................................................................................................................................... 19
Appendix K - HIE White Paper
Submitted 11/29/10 K2
3
OHIP Was Created to Help Ohio .................................................................................................................................... 19
Appendix a- HIE phases ......................................................................................................................................................... 20
TABLE OF FIGURES
Figure 1 OHIP Revenue Chart ................................................................................................................................................ 16
Figure 2 OHIP Committees .................................................................................................................................................... 18
TABLE OF TABLES
Table 1 OHIP HIE ................................................................................................................................................................... 16
OHIP is funded through the Office of the National Coordinator, Department of Health and Human Services, grant number 90HT0024/01
Appendix K - HIE White Paper
Submitted 11/29/10 K3
4
EXECUTIVE SUMMARY OF OHIP’S HEALTH INFORMATION EXCHANGE (HIE) STATE PLAN
On July 26, 2010, the Ohio Health Information Partnership (OHIP) formally submitted their HIE State Plan to the Office of the National Coordinator (ONC) as required under the State Grant to Promote Health Information Technology Planning and Implementation to obtain additional funding for HIE development. Developed collaboratively with OHIP’s board, staff, HIE Committee Members and privacy and security experts, the plan contains critical information regarding OHIP’s strategic and operational efforts for Ohio’s statewide HIE. The document will be made publicly available upon approval by ONC, which is expected in early 2011.
WHAT IS A HEALTH INFORMATION EXCHANGE (HIE)?
An HIE moves patient information electronically among physician offices, hospitals and other parties directly involved in a patient’s care. If you were to think of patient health information as mail and OHIP as the post office, the network of zip codes and designated mail routes is the HIE . Also like a post office, OHIP will use minimal, demographic information to ensure that patient data is sent to the correct, authorized recipients.
OHIP will concentrate on offering services that are most logical to be provided at a state level. Listed below are the services that will enable providers and other stakeholders to achieve efficiencies and cost savings and, most importantly, meaningful use.
Services to allow the discovery of patient information from trusted sources easily – Pre Phase Core Support
Master Patient Index (MPI)
Master Provider/Entity Index
Record Locator Services
Trust Enablement
OHIP’s state HIE will allow clinical data to travel among health care systems that would otherwise not be connected. The OHIP HIE will allow all providers’ and stakeholders’ efficiency and cost savings through their core services and begin implementation with healthcare providers in the summer of 2011.
This paper outlines key points contained in OHIP’s HIE State Plan and is intended to address the fundamental questions succinctly:
o What is OHIP’s HIE strategy? o How can it help Ohio?
Appendix K - HIE White Paper
Submitted 11/29/10 K4
5
Services to achieve Meaningful Use – Phase 1
e-Prescription
Structured lab results
Patient care summaries
Quality measures, Registry and surveillance data
Integration with OHIP’s preferred EHR vendors
Services to achieve administrative efficiencies – Phase II
Advanced insurance eligibility verification and connectivity
Coordination of benefits(COB) including Rx
Pre-authorization and referral routing
Advanced claim status and remittance coordination
Payor/Employer treatment cost and screening information Services to achieve enhanced integration – Phase III
Advanced data aggregation and reporting
National Health Information Network connectivity
Consumer integration and support
Community web portals
Address verification eligibility
WHAT IS DRIVING OHIP ’S HIE STRATEGY?
MEANINGFUL USE
Providers and hospitals are both incentivized and dis-incentivized to achieve meaningful use. There are over 11 objectives contained in the Electronic Health Record (EHR) Incentive Program Final Rule requiring providers to exchange health data electronically to receive incentive funding.
As the state-designated entity, OHIP is required to offer HIE services that support meaningful use objectives to every provider in Ohio, including hospitals, physicians, specialists, labs, pharmacies, health plans, nursing homes and other care providers. ONC requires that every state HIE focus on three specific priorities in Stage 1 of Meaningful Use. These three priorities are e-Prescription, the exchange of lab results using structured integration with EHRs and patient care summary exchange across unaffiliated organizations.
A detailed overview of the services and a timeline for service delivery is found in Appendix A
Appendix K - HIE White Paper
Submitted 11/29/10 K5
6
OHIP can efficiently and cost effectively assist providers in attesting HIE capabilities as required to achieve Stage 1 Meaningful Use to apply for Medicare and Medicaid incentive payments. For more information about meaningful use, see www.ohiponline.org/Pages/MU.aspx.
BALANCING CORE SERVICES WITH REGIONAL FLEXIBILITY
While the delivery of healthcare is local, the data needed to deliver quality care can be located locally, regionally and nationally. As a result, it is important to provide a core infrastructure that facilitates a broad exchange, as well as engage stakeholders at a local level to cultivate community exchange.
This principle tenet of OHIP’s state HIE strategy is exemplified through OHIP’s Regional Extension Center (REC) program and approach to provider outreach. OHIP’s REC program consists of seven regional RECs that are a collaboration of local entities that work together to assist providers with the adoption of EHRs. Each REC is comprised of hospital systems, physician groups, quality improvement organizations, universities, and community colleges, professional associations, consultants and operational HIEs.
The primary focus of OHIP’s REC program is to provide educational and technical EHR support to providers, in both urban and rural areas. The relationships that the regional RECs will cultivate with the local hospitals and physicians through the REC program, will situate these RECs be in a unique position to coordinate health IT adoption efforts through close alignment of EHR and HIE adoption strategies.
The map below shows how each REC is divided within Ohio. The area in grey is serviced by the regional health information organization (RHIO), HealthBridge.
Central Ohio Health Information Exchange
Northwest Ohio Regional Extension Center
Dayton West Central Ohio Regional Extension Center
Case Western Reserve University Regional Extension Center
NorthEast Central Ohio Regional Extension Center
NEO Health Connect
Ohio University/Appalachian Health information Exchange
Many of you are exchanging data regionally or within your hospital networks. OHIP does not intend to replace your existing exchange service providers or capabilities, but rather connect them, creating a more robust network that will support meaningful use across the state and among a larger range of providers.
Figure 1- OHIP
Regional Partners
Appendix K - HIE White Paper
Submitted 11/29/10 K6
7
OHIP marketing and outreach efforts will be coordinated through RECs and will be used to encourage awareness and adoption of the state HIE, as well as identify issues at the community level. As the state designated entity, OHIP can deploy HIE outreach education across the state in an organized, efficient manner leveraging the expertise, communication channels, market knowledge and stakeholder relationships of the RECs. These partnerships will allow OHIP to receive direct feedback regarding adoption barriers and local concerns.
SUSTAINABILITY
HIEs across the country have had to deal with the inherent dilemma between the party that pays for the service and whether or not they are paying enough to sustain it.
OHIP’s financial strategy is discussed in more detail on p.11
NATIONAL STANDARDS DEVELOPMENT
National Health Information Network (NHIN). NHIN Exchange. NHIN Direct. National Information Exchange Model.
These terms refer to efforts at the national level to harmonize standards used to exchange data to allow for easier adoption of standards among providers, payors, labs, pharmacies and others on a local, statewide and national level. This is a worthy cause, but a technology team knows this is no easy task. IT experts refer to the seven layers of interconnectivity and national efforts address only a portion of those layers.
As the state-designated entity for Ohio, OHIP intends to facilitate exchange across state borders by supporting the service layers necessary to exchange data using NHIN protocols. One example is the development of statewide discovery and location services to help providers find information from trusted sources that are interested in data exchange using the NHIN framework. Our plans include establishing an NHIN Workgroup under our HIE Committee to facilitate this development and address cross-border issues.
OHIP will also provide support for regional HIE programs and communities that do not have established HIEs. These programs will provide a virtual exchange that may be branded for that region and supported by the state HIE. These virtual exchanges will also be able to leverage all the services that the state HIE offers.
OHIP’s strategy addresses this dilemma through plans to offer additional services beyond those required to support meaningful use and leverage Ohio’s economies of scale to offer significant opportunities for cost reduction. Ultimately providers and other stakeholders only pay for those services they determine add value and in which they participate.
Appendix K - HIE White Paper
Submitted 11/29/10 K7
8
WHO CAN PARTICIPATE?
Unlike the limitations on eligibility for Medicare and Medicaid incentive payments, all primary care providers, specialty providers and hospitals will be eligible to participate in OHIP’s state HIE. In addition, OHIP plans to connect existing RHIOs, labs, pharmacies, long-term care organizations, health plans and other important organizations involved in a patient’s continuity of care. The state HIE will also interact with the state Medicaid program, Ohio Department of Health and other state and federal agencies to create additional efficiencies. Most important, OHIP intends to provide future integration options for consumers.
WHAT CAN OHIP DO FOR OHIO?
SERVICES TO ALLOW YOU TO EASILY FIND PATIENT INFORMATION FROM TRUSTED SOURCES
Master Patient Index (MPI)
The MPI is the foundation that all HIE services will be based upon. The MPI must be capable of pulling the data from
multiple entities into one longitudinal record. The primary function of the MPI will be to utilize demographic data to
identify patients accurately. As the state HIE collects updated demographic data through subsequent medical
encounters, the MPI validates information to maintain a current profile.
Ohio has over 11 million residents. Many integrated delivery networks pull patients from Ohio’s bordering states.
Additionally, Ohio providers and other stakeholders offer virtual services that obtain patients from not all over the
United States, but the world. Ohio is a diverse state with many different ethnicities and OHIP’s MPI must accommodate
the idiosyncrasies and other name variations (i.e., maiden names, aliases, etc.). Due to the high volume of patients from
other states, OHIP’s MPI must be able to accommodate three to four times the number of patients, exceeding the
number of residents of Ohio.
Consistent with meaningful use, providers are advised to implement or upgrade to HHS-certified EHR applications to ensure robust integration with OHIP’s HIE. The OHIP REC program can provide the assistance necessary to achieve certification.
A high volume MPI tool is expensive. OHIP brings the ability to offer this tool at a much lower price point than an organization would be able to purchase individually. Facilities that want to consolidate disparate clinical data will be able to leverage the OHIP MPI for internal use to improve services for their patients.
Appendix K - HIE White Paper
Submitted 11/29/10 K8
9
Master Entity Index
The primary function of the master entity index will be to store relevant information about providers, hospitals, labs and
any other entities necessary to facilitate exchange with trusted sources. Organization information related to these
entities changes frequently, thus difficult to keep up to date and organized. The master entity index will allow any entity
within the exchange to discover and locate other providers who may have information about their patients. The
effective use and maintenance of this index will ensure that contributors to the state HIE as well as the consumers of
this information are more efficient.
Record Locator Service (RLS)
The MPI contains algorithms that assign a unique identifier for each patient. The unique identifier is then used by the
Record Locator Service (RLS) to identify the location of multiple records that match that patient's unique identifier. The
RLS can indicate all of the different locations where medical information resides for the specified patient. The RLS only
stores information identifying the type of record and its location, not the actual record with the patient’s medical
information.
Trust Enablement
Trust enablement consists of the technology solutions necessary to validate and support privacy policies required by
state and federal law. The weakest link to security involves manual processes. Ensuring that manual processes are used
to collect the proper authorization from the patient is the important part of the trust enablement. The technology just
indicates if the manual processes have been properly executed.
It is extremely important that all members of the HIE use the same processes and documents for trust authorization. Consistent process and execution ensure that medical data on a patient is only released when the patient authorizes the release of the data. Extending the HIPAA privacy rules from the administrative data to the clinical data will require everyone involved to ensure that the desires of the patient are maintained.
One specific example of this inability to maintain proper entity information is the limitations of health plans to perform electronic funds transfers because they are not able to collect and maintain accurate banking information for low claim volume providers. A centralized index would allow health plans to subscribe to this service to obtain complete and accurate information.
When an HIE allows medical information to be held locally with the creator (provider or lab) or remotely by a third party data center, the HIE model is called a “Hybrid” model.
Appendix K - HIE White Paper
Submitted 11/29/10 K9
10
SERVICES TO ACHIEVE MEANINGFUL USE
ePrescribing
The ability for a physician to send an accurate, error free and understandable prescription to a pharmacy is integral to
optimum patient care. In Ohio, the Ohio Board of Pharmacy must certify ePrescribing components before they can be
used. OHIP will create an ePrescribing Task Force to address this and other barriers to adoption and will include
representatives from the Board of Pharmacy, retail chain and independent pharmacies, hospitals, physicians and the
Ohio Pharmacists Association. The charge of this task force will be to improve the ease of e-Prescription use, align
software certification requirements with those on a national level and demonstrate quality improvements such as
avoidance/decrease of adverse drug events.
OHIP’s preferred EHR vendors must support ePrescribing and meet the requirements of the Ohio Board of Pharmacy.
The use of these preferred EHR vendor solutions will make the transition to ePrescribing that much easier for providers.
Structured lab results
When sharing information between clinical laboratories and EHR system, standardized formatting and coding of the
information must take place to provide a common language for the patients’ health information. If the systems
between a lab and provider are interoperable, the need to manually enter the data or scan reports is eliminated. Timely
access, along with the ability to analyze the data effectively and the opportunity to use intelligent design to trigger
treatment protocols is also achievable. This functionality will help office staff maximize their time by automating what is
frequently a tedious process.
Patient care summaries
Sharing patient care summaries across EHRs is a service that will ultimately lead to better patient outcomes. Stage 1
Meaningful Use only requires that these summaries be exchanged, in human readable format (i.e., PDF). OHIP intends
to offer clinical summaries in both human readable and structured formats so the information contained in the
summaries can integrate with an EHR. Much of the data that needs to be shared exists today; however, it is not
necessarily in a consistent data vocabulary or accessible format. OHIP sees opportunities in offering the initial exchange
of human readable information and data management services that could normalize and aggregate the data until
widespread adoption of interoperability standards among providers is achieved.
Quality Measures, Registry and Other Surveillance Data
The OHIP state HIE will provide the primary interface for public health reporting, reducing the need for separate
interfaces to individually connect reporting agencies. The HIE will allow for state level integration of registries for public
health assessment, newborn screenings, vital statistics, cancer and other priority disease, injury or adverse health
Appendix K - HIE White Paper
Submitted 11/29/10 K10
11
conditions. This will help streamline processes that can be highly labor intensive and dramatically increase the quantity
and quality of public health information available.
Cancer Surveillance is one example of a process that would be drastically improved with the implementation of a state
HIE. In order to assess the prevalence of cancer in Ohio, state law requires the reporting of all new cancer cases
diagnosed among Ohio residents to Ohio’s Cancer Incident Surveillance System (OCISS). Any practitioner that diagnoses
and/or treats cancer is required to report the incident within six months to OCISS. As OHIP combines state HIE services
with the ability to transmit cancer data, providers will be able to simplify their reporting processes.
OHIP’s state HIE can also streamline the process of surveillance to detect and track health events such as pandemic
influenza, bioterrorism, outbreaks, seasonal illnesses, injuries and environmental exposures by monitoring and analyzing
the health behavior of Ohio’s population in real-time. Instead of having a data feed from each health care provider to
the Ohio Department of Health, the HIE will allow for one data feed from RHIOs and other exchanges, reducing the
amount of technical work necessary to maintain the connections. It will also allow physician offices and outpatient
clinics to submit syndromic surveillance information to the Ohio Department of Health, something that is currently
limited to hospital emergency departments and urgent care centers. The additional data types will enhance Ohio’s
situational awareness and event detection capabilities.
INTEGRATION WITH HEALTH INFORMATION TECHNOLOGY VENDORS
OHIP preferred vendors
EHR vendors selected as part of OHIP’s preferred vendor program, have agreed to
become certified to ensure interoperability with the state HIE. The Board of
Pharmacy has approved each of the preferred vendors to perform ePrescribing. The
OHIP HIE can capitalize on the RECs work with the preferred vendors. The RECs will
be able to communicate the benefits of linking to the HIE via the preferred vendors to
their clients.
Market Leaders in Ohio
OHIP’s strategy is to not compete with the work already being done in Ohio, but capitalize on that work. As with the
OHIP Preferred Vendor program the concept is to bring other key players to the table and work with them to maximize
investments already made by providers in Ohio. This would include the important market leaders in the hospital and
ambulatory health information technology space, the e-prescription networks and lab companies. Creating strategic
partnerships with these entities will allow the OHIP HIE to connect rapidly to the majority of Ohio providers.
OHIP Preferred Vendors
dorendors Sage
NextGen eClinicalWorks
AllScripts eMDs
Appendix K - HIE White Paper
Submitted 11/29/10 K11
12
SERVICES TO ACHIEVE ADMINISTRATIVE EFFICIENCY
Eligibility & Address Verification
OHIP will provide a centralized service for providers to verify patient insurance eligibility. The eligibility service will meet
HIPAA’s requirements for version 5010 and the operational rules established by the Patient Protection and Affordable
Care Act (PPACA). This centralized system will conversely provide payors a single place to provide services to the entire
healthcare community in Ohio.
Since OHIP’s MPI requires validated demographic data for patients, the burden of validating the data is lifted from the
entities utilizing the HIE.
Claims
In addition to the regulations for Meaningful Use, there are additional changes in the PPACA. This requires health plans
to publish their validation rules. In addition to eligibility verified claims, claims can be validated for administrative rules
as defined in HIPAA through the WEDI SNIP 1-7 rules as well as the clinical coding rules. Applying these three rules
consistently across the state would increase the payment propensity of a physician’s claim from 95% to 99%.
Performing these rules on a consistent basis across the state, would improve the quality of the data that payors receive.
Payors would be able to increase automation with a data verified quality claim. A high quality claim would allow payors
to provide adjudicated claim information quickly to the provider and drastically reduce provider relation interfacing.
Coordination of Benefits (COB)
Coordination of Benefits (COB) was very prevalent in the 90s with as high as 15% of patients having more than one
source of coverage. At the time, secondary and tertiary coverage was common, but over the past 10 years secondary
coverage has dropped as low as 5%. Now, with the advent of HSAs that are affecting coverage levels and lower
contributions, there is an increase in the dual coverage concept again.
The application of these rules to COB processing has caused numerous problems for providers to file claims properly.
The MPI systems have capabilities to store multiple ids that allow for the tracking of multiple coverage information. The
provider can inquire to the MPI to find multiple sources of coverage for a patient. This discovery process will allow
providers to bill payors properly, as well as collect all unclaimed funds.
IS THE TECHNOLOGY READY?
The industry of clinical data exchange has drastically improved over the last two years. The basic information for lab
results has been established along with basic information for a discharge summary or office visit. Some of the more
complicated data conditions still need to be improved. The standards for the data are in good working condition, but
there is still a lot of information in clinical conditions that are not codified well in messages exchanged.
Appendix K - HIE White Paper
Submitted 11/29/10 K12
13
The issue that the industry still has to deal with is what clinical information is relevant? One example that illustrates this
issue today is that of a diabetic. Would a physician really want the last 10 A1C results or would the last three be enough
for a care decision? As the industry implements the technology to find and assimilate a medical record for a patient,
OHIP will be able to organize, filter and present the data to providers in a manner useful for making care decisions.
The industry has come a long way in the past 10 years with respect to EHRs clinical exchange; however, there is still
more to learn and implement. This industry will only move forward and improve if every stakeholder is networked
together.
CAN PRIVACY AND SECURITY BE ACHIEVED?
Individually, this issue is being address through avenues of legal, technical and operational expertise. There is a
common understanding of the complex nature of this challenge and the additional barrier of a more restrictive set of
state laws then those of HIPAA. Where stakeholders tend to differ is their interpretation of these laws and their
execution.
To address this important issue, OHIP has comprised a highly experienced team of legal experts to clarify, harmonize and
execute legal actions necessary to facilitate statewide and cross-border exchange. Many of these experts participated in
the Health Information Privacy and Security Collaboration (HISPC) effort concluded in July 2009 and identified barriers
and opportunities for facilitating exchange in Ohio. They concur that action will be needed on multiple levels from
education and awareness to provider policy, HIE policy and technical infrastructure. The OHIP Privacy and Security
Committee will keep the following principles in mind as they work through issues regarding consent, trust agreements
and general policies and procedures for the HIE.
Privacy and Security standards should protect patient rights while encouraging high participation in the HIE
Policies created should be technically achievable and actionable
Policies created should be operationally achievable and actionable
Policies created will be in compliance of Ohio and federal law
One major privacy issue the committee will work through is what type of consent is needed for a patient’s information
to be entered into the HIE. Every state is different and has different state law regarding the consent that must be given
before medical information is shared in any fashion, whether it is phone, fax or an electronic method. The OHIP Privacy
and Security Committee will provide clear direction for HIE participants regarding what consent is required to transfer
patient information through an HIE consistent with Ohio law.
OHIP provides a unique opportunity for all stakeholders to agree to a common understanding and
interpretation of privacy and security requirements in Ohio necessary to exchange data to achieve
consistency and confidence among Ohio’s consumers.
Appendix K - HIE White Paper
Submitted 11/29/10 K13
14
The ultimate success of the HIE will depend on consumer confidence in its privacy and security. OHIP will follow the
framework outlined on the next page that is endorsed by the National Health Information Policy Committee for Privacy
and Security and adopted by the Department of Health and Human Services Office of the National Coordinator as the
HIE is developed.
WHO PAYS FOR IT?
The notion of how to sustain a statewide HIE beyond core ARRA funding has been the single most vetted topic through
the OHIP stakeholder engagement process. The good news is OHIP and its stakeholders wholeheartedly concur that the
statewide HIE’s ability to add value to the existing HIE environment in Ohio is a critical consideration in establishing the
priorities of OHIP. Below outlines OHIP’s strategies for sustaining the HIE over time.
Privacy and Security for the HIE
Individual Access – Individuals should be provided with a simple and timely means to access and obtain their individually identifiable health information in a readable form and format.
Correction – Individuals should be provided with a timely means to dispute the accuracy or integrity of their individually identifiable health information, and to have erroneous information corrected or to have a dispute documented if their requests are denied.
Openness and Transparency – There should be openness and transparency about policies, procedures and technologies that directly affect individuals and/or their individually identifiable health information.
Individual Choice – Individuals should be provided a reasonable opportunity and capability to make informed decisions about the collection, use and disclosure of their individually identifiable health information.
Collection, Use and Disclosure Limitation – Individually identifiable health information should be collected, used, and/or disclosed only to the extent necessary to accomplish a specified purpose(s) and never to discriminate inappropriately.
Data Quality and Integrity – Persons and entities should take reasonable steps to ensure that individually identifiable health information is complete, accurate, and up-to-date to the extent necessary for the person’s or entity’s intended purposes and has not been altered or destroyed in an unauthorized manner.
Safeguards – Individually identifiable health information should be protected with reasonable administrative, technical and physical safeguards to ensure its confidentiality, integrity and availability and to prevent unauthorized or inappropriate access, use or disclosure.
Accountability – These principles should be implemented, and adherence assured, through appropriate monitoring and other means and methods should be in place to report and mitigate non-adherence and breaches.
SOURCE: http://healthit.hhs.gov/portal/server.pt/gateway/PTARGS_0_10731_848088_0_0_18/NationwidePS_Framework-5.pdf
Appendix K - HIE White Paper
Submitted 11/29/10 K14
15
OHIP’S SUSTAINABILITY OBJECTIVES
OHIP’s sustainability strategy is based on three core objectives:
These three objectives will help create a sustainable HIE that will assist direct participants (e.g., providers, payors, labs
and pharmacies) in achieving meaningful use while providing potential revenue streams from current secondary data
users (e.g., government agencies, payors, accreditation bodies and researchers). As EHR adoption wanes with a
growing number of PPCPs attaining meaningful use, the data value of the HIE will increase. This enhances the
capabilities for revenue to be generated from participation in the HIE services provided by OHIP. Through the
progressive development of an effective and comprehensive HIE, greater value for providers, researchers, payors and
others will be realized, encouraging further stakeholder buy-in and more opportunities for non-traditional revenue
streams. With the expansion of the clinical exchange creating an ever-increasing provider base, the integration of
administrative functions will help improve health care quality and curtail costs through improving operational
efficiencies.
OHIP’S SUSTAINABILITY STRATEGY
OHIP will leverage federal grant money to offset the initial build-out and core services of the statewide HIE to encourage
stakeholder participation. Concurrently, OHIP will utilize its REC to expand provider EHR adoption, directly increasing
the possible user base of the HIE. As the HIE attains a critical mass of users, additional services will be phased-in to offer
value-added, services that can be purchased by current users and secondary data users who may not require bi-
directional functionality.
OHIP has identified that sustainability is best achieved through multiple revenue streams that do not simply rely on the
exchange of clinical data. This multi-revenue stream model will leverage the buy-in of all types of stakeholders, using a
variety of services to capture their individual desires for operational efficiency and cost reduction. Similar to OHIP’s
phased implementation approach, revenue from HIE services is projected to fall into one of three tiers.
Leverage OHIP REC’s EHR adoption goals to assist the HIE with first year services; o e-Prescribing o Exchange of structured lab results o Sharing of patient care summaries across unaffiliated organizations
Offer HIE core and basic clinical data exchange services at competitive prices Developing additional value added services
Appendix K - HIE White Paper
Submitted 11/29/10 K15
16
Figure 1 OHIP Revenue Chart
TIMELINE
OHIP began an extensive procurement effort in January 2010 by issuing a Request for Information (RFI) to identify full
service HIE vendors with the “breadth, depth and width’ to support a substantially-sized statewide HIE. Following
review of responses, OHIP selected eight vendors to participate in a Request for Proposal (RFP) issued in September
2010 following completion of OHIP’s HIE State Plan in July 2010.
The remaining timeline for selection and implementation of HIE services is noted in Table 1.
Table 1 OHIP HIE
Month/Year Key Action
September 2010 Request for Proposal (RFP) issued to 8 vendors selected to participate in RFP process
October 2010 Vendors submit proposals to OHIP
October-December 2010 OHIP conducts five-stage vendor evaluation process
January 2011 OHIP finalizes negotiations with HIE vendor and awards contract
January- June 2011 OHIP works with Ohio stakeholders to prepare for HIE launch
Appendix K - HIE White Paper
Submitted 11/29/10 K16
17
o During this time the implementation plan is created with the vendor, the system is designed, developed and tested.
June 2011 OHIP’s core support services begin o See next page for detailed plan for a phased implementation
August 2011 HIE service phase I begins (meaningful use)
December 2011 HIE service phase II begins (administrative efficiency)
June 2012 HIE service phase III begins (enhanced administrative efficiency and integration)
WHO WILL LEAD THE PROJECT? WHAT IS THE GOVERNANCE MODEL?
OHIP was created in 2009 with the help of key healthcare stakeholders. These stakeholders represent statewide
interests and structured OHIP in a manner that would ensure continued alignment with stakeholder priorities.
At the highest level, OHIP’s fifteen-member board provides strategic, staff, fiduciary and community direction.
Comprised of industry leaders representing hospital, physician, payor, state agency, consumer and behavioral health
organizations located throughout the State, the Board provides active and valuable insight into Ohio’s dynamic
healthcare system.
OHIP LEADERSHIP STAFF
The Executive Committee is a subset of the Board and oversees the staff and daily operation. OHIP is a flat organization
with few layers of management to best facilitate teamwork and collaboration between the HIE staff and Regional
Extension Center (REC) staff under the oversight of the Executive Board. REC staff works to assist providers in
converting their record management to electronic systems with additional federal funding OHIP has secured. This REC
staff provides trusted unbiased support to providers making this often challenging transition and will help to assist the
same providers if they choose to join the HIE.
OHIP’s leadership team is comprised of seasoned health technology experts from Ohio who
have extensive new organization development, legal, government and health IT experience.
They understand the value of HIE and are passionately committed to delivering services which
will add value and efficiency to Ohio’s healthcare system. To view staff bios, see
www.ohiponline.org/Pages/Staff.aspx
To learn more about OHIP’s Board, go to www.ohiponline.org/Pages/Leadership.aspx.
Appendix K - HIE White Paper
Submitted 11/29/10 K17
18
OHIP STAKEHOLDER ENGAGEMENT
OHIP is fortunate to have many interested and active stakeholders engaged in committee work. As a lean organization,
OHIP engages stakeholders through two primary committees that serve in a strategic advisory role: the HIE and REC
Committee. Underneath these committees, ad hoc workgroups are regularly formed to address specific issues or
provide defined deliverables as noted in Figure 2.
Figure 2 OHIP Committees
The Executive Committee reviews the recommendations made by the committees. Once the recommendations by the
committees are approved, the staff of OHIP will put the recommendations into action.
To keep the process manageable, only a few workgroups are active at the same time, which does limit the number of
positions for participation; however, that does not mean OHIP is not interested in future engagement with individuals
who express interest.
As new OHIP workgroups are formed, stakeholders are considered for participation based on
their interest, availability and expertise. To indicate interest in participation, please see
ohiponline.org/Pages/CommitteeInterestForm.aspx to share information about your expertise
that will help us in selecting future committee or workgroup members.
Appendix K - HIE White Paper
Submitted 11/29/10 K18
19
STATE GOVERNMENT COLLABORATION
OHIP’s Board Chair, Amy Andres, is the federally designated State Health IT Coordinator as well as Chief of Staff the Ohio
Department of Insurance, the state agency with primary authority for health reform initiatives. Amy’s unique
experience and cross-agency authority positions her well to move critical stakeholders and the state’s administration to
achieve the necessary legislative and agency collaboration for OHIP to be successful.
OHIP also closely aligns its strategic direction with the Governor’s Health Care Coverage and Quality Council (HCCQC)
and the State Interagency Council (SIC). The HCCQC represents a broad range of stakeholders from nursing homes to
dentistry and is focused on improving the coverage, cost and quality of Ohio’s health insurance and health care system
through payment reform, medical home concepts, consumer engagement and health IT.
OHIP WAS CREATED TO HELP OHIO
As the state-designated entity for HIE in Ohio, OHIP is well positioned to effect change at the
state and federal level necessary to achieve true integration and administrative efficiency.
For more information about OHIP please visit www.ohiponline.org
Appendix K - HIE White Paper
Submitted 11/29/10 K19
20
APPENDIX A- HIE PHASES
HIE Service Benefits Phase
Services to allow you to easily find patient information from trusted sources
Master Patient Index (MPI)
Master Provider/Entity Index
Record Locator Services
Trust Enablement
Eliminate interfaces you currently support to connect disparate MPIs
OHIP will validate the data so end users do not have to
OHIP can validate the source is trusted and has agreed to exchange terms even if across state borders
One consistent interpretation of HIPAA and Ohio Law
Pre-Phase Core Support
June 2011 (Target)
Services to achieve meaningful use
e-Prescription
Structured lab results
Patient care summaries
Quality measures
Registry and surveillance data
Integration with OHIP preferred EHR vendors
OHIP maintains interfaces with EHR vendor so end users do not have to
Exchange data with public health, labs, pharmacies, nursing homes and others without adding more interfaces
Eliminate Board of Pharmacy approval process by using pre-approved preferred vendors
Service Phase I August 2011 (Target)
Services to achieve administrative efficiency
Advanced insurance eligibility verification and connectivity
Coordination of benefits including Rx
Pre-authorization and referral routing
Advance claim status and remittance coordination
payor /Employer treatment cost and screening information
Maintain one interface to payor information instead of several
Achieve consensus among payors on the quality and consistency of data exchanged
Integrate with employers to improve accuracy of benefit coverage
Replace slow and paper-based pre-authorization and referral processes with automation
Use claim/payor data to project reimbursement under ICD-10
Deliver to physicians the estimated cost of treatment at the point of service
Service Phase II and III Dec 2011 and June
2012 (Target)
Enhanced Integration
Advance data aggregation and reporting
NHIN connectivity
Consumer integration and support
Scalable services to meet providers capability (web , secure email, structured integration)
Significantly reduce population reporting requirements through streamlined integration with state agencies
Service Phase III June 2012 (Target)
Appendix K - HIE White Paper
Submitted 11/29/10 K20
21
Community web portals
Address verification capability
Exchange data across state borders using NHIN protocols without having to maintain them (OHIP will)
Access consumer preferences and deliver information without having to maintain individual interfaces to PHRs or data banks
Mine de-identified data to monitor clinical trends
Appendix K - HIE White Paper
Submitted 11/29/10 K21
Appendix L
Ohio Health Information Partnership Regional Extension Center
Behavioral Health Sub‐Committee
Regional Partner or Other
Representation Title/Organization Name
Akron Regional Hospital Association (ARHA)
CEO Community Health Center Ziegler, Ted
Case Western Reserve University (CWRU) CEO, Crossroads Lindstrom, Wayne
Central Ohio Health Information Exchange (COHIE)
CEO, Southeast, Inc Lee, Bill
Dayton‐West Central Ohio Regional extension Center (DWCO REC)
President/CEO, Samaritan Behavioral Health
McGatha, Sue
HealthBridge Director/Reimbursement Systems, Talbert House
Ripley, Maury
Northeast Ohio Health Connect (NEOHC) Executive Director, Burdman Group
Caruso, Joseph
Northwest Ohio Regional Extension Center (NW Ohio REC)
Vice President, Firelands Counseling and Recovery Services
Mruk, Marsha
Ohio Association of County Behavioral Health Authorities (OACBHA)
Director of Legal Affairs, ADAMHS Board of Cuyahoga County
Fini, Rose
Ohio Association of County Behavioral Health Authorities (OACBHA)
CIO, OACBHA Kiesel, Kurtis
Ohio Council of Behavioral Health and Family Service Providers
Consultant, Steve Duff, LLC Duff, Steve
Ohio Department of Alcohol and Drug Addiction Services (ODADAS)
CIO, ODADAS Rodriquez, Rudy
Ohio Department of Mental Health (ODMH)
Chief, Medicaid Policy Bergefurd, Angie
Ohio Health Information Partnership (OHIP)
Vice President, REC Services, Ohio Health Information Partnership
Costello, Cathy
Ohio Health Information Partnership (OHIP), Administrative Support
Administrative Assistant James, Amy
Ohio Health Information Partnership (OHIP); Outside Counsel
AttorneyBricker and Eckler
Smith, Karen
Ohio Health Information Partnership, Sub‐Committee Chair
Administrator, Behavioral HealthNationwide Children's Hospital
Lucas, Amanda
Ohio University, Appalachian Health Information Exchange (OU)
CIO, Ohio University Appalachian Health Information Exchange
Phillips, Brian
Ohio University, Appalachian Health Information Exchange (OU)
CEO Tri‐County Mental Health and Counseling Services
Weigly, George
Submitted 11/29/10 L1
November 2010 FOR YOUR FEEDBACK
www.OHIPonline.org 3455 Mill Run Drive, Suite 315 Hilliard, Ohio 43026 614-664-2600
Goals and Objectives
Encouraging adoption of certified electronic health record (EHR) and health information exchange (HIE) technology among non-hospital behavioral health providers to allow them to achieve meaningful use
Facilitating electronic access to and retrieval of clinical data to provide better, more timely, efficient, patient-centered care across health care settings and provider types
Actively engaging Ohio’s community behavioral health care system in healthcare reform by leveraging collaboration and related initiatives through a single voice
Identifying financial and human resources necessary to support health IT adoption
Promoting collaboration between behavioral health and priority primary care providers (PPCPs) across Ohio
Behavioral Health Subcommittee
Vision
Behavioral Health Care Providers will successfully adopt electronic health record solutions and have the
capacity to fully participate in the electronic exchange of health care information.
Strategies: Electronic Health Records*/Health Information Exchange
I. Governance
Ohio Health Information Partnership (OHIP)
Designated by Governor Strickland, OHIP is a public/private partnership which serves as the lead entity in the implementation and support of health information technology throughout Ohio.
OHIP Behavioral Health Subcommittee
The focus of this subcommittee is specifically on how to achieve meaningful use at the behavioral health provider level which will ultimately assure these providers participate in Ohio’s Health Information Exchange.
Stakeholders and Regional Partners
Collaborate with key partners in the Regional Extension Center Regions.
Communication
** For purposes of this subcommittee, the definition of an electronic health record encompasses a complete solu-tion covering all of the following system functions necessary to achieve meaningful use: EHR, Practice Management (including scheduling), Billing, Clinical Decision Support, Patient Portal, e-Prescribing, Laboratory and related Inter-faces.
Continued...
Submitted 11/29/10 L2
Page 2 FOR YOUR FEEDBACK
www.OHIPonline.org 3455 Mill Run Drive, Suite 315 Hilliard, Ohio 43026 614-664-2600
Behavioral Health Subcommittee
Strategies: EHR/HIE
II. Adoption & Financing
Federal efforts (e.g., SAMHSA) Health IT Loan Program Preferred Vendor Software Discounts supported through the Regional Extension Center Program Development of provider-based consortia and volume purchasing across providers Stark Exemptions and partnership with other health care systems Behavioral health-specific vendor certification Development of business opportunities/administrative service organization capacity at the provider level
III. Policy & Regulatory
Health Reform
Position Ohio’s community behavioral health care system to fully engage in health care reform initiatives.
Take advantage of options within the health care reform legislation which will enable behavioral health care providers to integrate into the larger health care community.
State Initiatives
Reduce administrative burden at the provider level by:
Identifying and, if possible, eliminating requirements that are barriers to behavioral health care providers when considering IT solutions that are effective options for other health care provider types.
Utilizing Ohio’s HIE to more efficiently and effectively collect data for reporting, research and other purposes at all levels — local, state and federal.
Next Steps
Educate behavioral health providers on what questions to ask vendors, types of certifications to expect from vendors, and details to consider in contract terms.
Identify core elements of EMR that would be universal for behavioral health providers in Ohio. Continue advocacy efforts for H.R. 5040 and adoption of behavioral health providers for meaningful use
incentive payments, including expansion of provider definition to include social workers and counselors.
** For purposes of this subcommittee, the definition of an electronic health record encompasses a complete solu-tion covering all of the following system functions necessary to achieve meaningful use: EHR, Practice Management (including scheduling), Billing, Clinical Decision Support, Patient Portal, e-Prescribing, Laboratory and related Inter-faces.
Submitted 11/29/10 L3
Appendix L
Ohio Health Information Partnership ‐ Behavioral Health Sub‐Committee Workplan
# Task / Deliverable / Phase Target Start
Date
Target
Completion
Date
Owner
S O N D J F M A M J J A S O N D J F M A M J J A S O N D
1 Sub‐Committee Planning
1.1 Sub‐Committee Planning
1.1.1 Return COI Forms 8/25/10 10/24/10 OHIP d
1.1.2 Schedule ongoing meetings/webinars 8/25/10 10/24/10 Lucas d
1.1.3 Distribute final list of members 8/25/10 10/24/10 OHIP d
1.1.4 Coordinate with HCCQC PC/BH Workgroup 8/25/10 10/24/10 Lucas d
2 Collaboration
2.1 Sub‐Committee Portal/Communication
2.1.1 Make HIE State Plan available 8/25/10 10/24/10 OHIP d
2.1.2 Make REC documents available 8/25/10 10/24/10 OHIP d
2.2 OHIP BH WebPage
2.2.1 Create BH‐specific webpage 1/1/11 1/31/11 OHIP
2.2.2 Define content/links for webpage 1/1/11 1/31/11 OHIP
2.3 Coordinate with Regional Partners
2.3.1 Contact/introduction 1/1/11 1/31/11 Committee
2.3.2 Defining role/relationship/participation 1/1/11 1/31/11 Committee
3 Education/Awareness
3.1 Materials
3.1.1 Finalize BH Strategy Document 8/25/10 10/24/10 Lucas d d
3.1.2 Brand document (OHIP) 11/1/10 11/30/10 OHIP d d
3.2 Education
3.2.1 Prepare for OHIP MU BH Breakout 1/1/11 3/31/11 OHIP
4 Electronic Health Record Adoption
4.1 Software Analysis for BH Use
4.1.1 Welch Allyn 1/1/11 1/31/11 Committee
4.1.2 Preferred EHR Vendors 1/1/11 3/31/11 Committee
4.1.3 Identify required BH customization req in Ohio 1/1/11 1/31/11 Lucas/Duff
4.1.4 Identify EHR Vendors Who Support BH in Ohio 11/20/10 12/31/10 Duff d
4.1 EHR Adoption Strategies
4.2.1 Determine specific strategies to assist in adoption 8/25/10 10/24/10 Lucas d d
5 Privacy and Security
5.1 HIE Privacy and Security
5.1.2 Identify issues requiring resolution 3/1/11 4/30/11 Committee
6 Medicaid Incentive Payment Program
6.1 Coordination with ODJFS
6.1.1 Clarify eligibility and requirements 8/25/10 4/30/11 Bergefurd
6.1.2 Clarify process for psychiatrists and NPs 8/25/10 4/30/11 Bergefurd
2011 2012
11/30/2010 1Submitted 11/29/10 L4
Appendix M
Ohio Health Information Partnership E‐Prescribing Task Force Members
Organization Name Title
AARP, Ohio Chapter Joanne Limbach President
Berger Hospital Tiffin Barthelmas, MBA, RN Clinical Systems Analyst
Central Ohio Primary Care Rob Strohl CIO
Children’s Hospital of Dayton Doug Wurtzbacher, Pharm D, PhD
Clinical information Pharmacist
CVS Ed Chessar, RPh Pharmacy Supervisor
Firelands Regional Medical Center
James Spicer, Pharm D, CACP Director, Pharmacy Services
Firelands Regional Medical Center
Steve Ayres Assistant Director, Information Systems
Memorial Hospital Cindy Gu, Pharm D Clinical Technology Pharmacist
Mercy Health Partners Mike Hibbard, RN, MBA, PMP CIO
Mercy Health Partners Wayne Bohenek, Pharm D, MS, FASHP
VP, Patient Safety and Pharmacy Excellence
Ohio Board of Pharmacy Mark Keeley Legislative Affairs Administrator
Ohio Osteopathic Association Martha Simpson, DO, MBA, FACOFP
General Practice Physician
Ohio Pharmacists Association Ernie Boyd, RPh, CAE Executive Director
Ohio State Medical Association Lisa Eidelberg Senior Account Manager
OHIP Cathy Costello, JD REC Project Manager
Summa Health System Pam Banchy, RN, PMP System Director, Clinical Information Systems
Toledo Clinic Ian Scott Elliot, MD Internal Medicine Physician
TriHealth, Inc Sue McBeth, RPh, MBA Director of Pharmacy
University Hospitals Dan Georges, MS Clinical Application Specialist
University of Findlay Patrick Malone, Pharm.D.,FASHP Associate Dean and Professor of Pharmacy
Submitted 11/29/10 M1
Appendix N
Ohio Health Information Partnership Privacy Work Group Members
Organization Name Title
Bricker and Eckler Karen Smith Legal Counsel
Bricker and Eckler Claire Turcotte Legal Counsel
Executive Medicaid Management Agency (EMMA)
Brad Singer Legal Counsel
Galion Community Hospital Andy Daniels Director of IS
Kegler, Brown, Hill and Ritter Jeff Porter Legal Counsel
Medicaid Rob Bergin HIPAA Project Director
Ohio Chapter AARP and OHIP Board Member
JoAnne Limbach President
Ohio Department of Mental Health
Janice Franke Legal Counsel
Marion Technical College Marge White Director of Health Information Technologies
Ohio Hospital Association Dan Paoletti OHIP Interim CEO
Ohio Hospital Association Rick Sites Legal Counsel
Ohio Osteopathic Association Martha Simpson Physician
Ohio State Medical Association Nancy Gillette Chief Legal Counsel
OHIP Andrea Perry Project Manager
The Ohio State University Medical Center
Jenny Barnes Assistant General Counsel
Providence Medical Group Yvonne Tudor Operations Manager
Walter and Haverfield Amy Leopard Legal Counsel
Submitted 11/29/10 N1
Appendix O - OHIP Financial Policies and Procedures
Submitted 11/29/10 O1
Appendix O - OHIP Financial Policies and Procedures
Submitted 11/29/10 O2
Appendix O - OHIP Financial Policies and Procedures
Submitted 11/29/10 O3
Appendix P HIE State Plan Amendments Approved January 25, 2011
#/Page(s) SectionReference
Amendment
1 Executive Summary
S‐5 1.1.3 An Executive Summary was added to provide an overall context for OHIP’s strategy for HIE development.
2 Meaningful Use Attainment
S‐27 1.2.5.6 Further explanation of Ohio’s current adoption environment and strategies to achieve top meaningful use exchange priorities (i.e., e‐Prescription, structured lab results and patient care summaries) was provided.
O‐3 2.1.2 Project risks and mitigation strategies were updated to reflect the formation of OHIP’s e‐Prescription Task Force.
M1 Appendix M A list of OHIP’s e‐Prescribing Task Force membership was provided.
3 HIE Deployment Strategy
S‐39 1.2.6.6 A description of goals and specific strategies for HIE deployment was added. This description includes current estimated adoption rates as well as targeted estimates for physicians, hospitals, labs, payers or other adopters per strategy.
4 Preferred EHR Vendor Strategy
S‐38 1.2.6.5 OHIP’s preferred EHR vendors were selected on September 28, 2010. S‐51 1.3.1.3
5 Federally Funded, State‐Based Program Coordination
S‐54 1.3.2.1 Strategies for engagement of members of the State Interagency Council (SIC), the committee responsible for coordination of federally funded, state based programs, were clarified.
S‐83 1.4.4 In the diagram of State of Ohio stakeholder committees, the State Interagency Council (SIC) was updated to reflect the addition of the Medical and Nursing Boards.
6 Medicaid Coordination
S‐67 1.3.5 An updated status of Ohio’s State Medicaid Health Information Plan (SMHP) was provided along with further explanation of Ohio’s Medicaid administrative structure and related OHIP coordination strategy.
S‐3 1.1.2 Bullet #4
The Ohio Department of Job and Family Services (ODJFS) which administers Medicaid in Ohio adjusted their target go‐live date for MITS to First Quarter 2011. S‐36 1.2.6.2
Bullet #3
7 Federally Qualified Health Center Update
S‐78 1.3.7.2 Current statistics regarding FQHC EHR adoption rates and practicing providers were noted.
S‐17 1.2.5.1 Table 1 FQHC statistics were updated.
P1
#/Page(s) SectionReference
Amendment
8 Sustainability Strategy
S‐87 1.5.1 Further explanation of OHIP’s sustainability strategy was provided.
9 HIE Vendor Procurement Status
S‐94 1.6.1 An update about OHIP’s HIE vendor procurement process was provided.
10 HIE Flow Chart
S‐99 1.6.2.4 An explanation and schematic of OHIP’s authentication and patient query flow was provided (Diagram 3).
S‐35 1.2.6 A business model diagram was removed.
11 Privacy and Security Updates
S‐106 1.8.1‐1.8.6 Several updates were provided by OHIP’s Privacy and Policy Committee.
S‐82 1.4.3 The diagram of OHIP’s committee structure was updated to reflect the Privacy and Policy Committee’s new name.
O‐3 2.1.2 Project risks and mitigation strategies were updated to reflect the Privacy and Policy Committee’s new name.
O‐25 2.8.1‐2.8.2 These sections were updated to reflect the Privacy and Policy Committee’s new name.
N1 Appendix N This Appendix contains a list of OHIP’s Privacy and Policy Committee members.
12 Updated HIE Project Plan
O‐1 2.1.1 OHIP’s HIE Implementation Plan was updated to reflect completed tasks, interdependencies and role assignments. To allow for explanation, OHIP’s deployment strategy was documented separately in Section 1.2.6.6 (See Amendment #3).
I1 Appendix I OHIP’s HIE Implementation Project Plan was updated.
13 Formation of Behavioral Health REC Sub‐Committee
O‐5 2.2.1.1 In August 2010, OHIP formed a Behavioral Health REC Sub‐Committee that is assisting with EHR and HIE adoption.
L1 Appendix L This Appendix includes the Behavioral Health Sub‐Committee Strategy Document, a sub‐committee membership list and a list of important sub‐committee tasks.
14 Cost Estimate Updates
O‐10 2.5 OHIP’s HIE Budget (Table 8) was updated to reflect budget figures currently filed with the Grants Management Office (GMO).
O‐13 2.5.1 OHIP’s staffing plans were updated to reflect current status.
O‐14 2.5.2 Current status and explanation of OHIP’s financial policies and procedures were provided.
O1 Appendix O This Appendix includes OHIP’s financial policies and procedures.
15 Health IT Regulatory, Certification and Other Standards References Updated
A1 Appendix A Appendix A was designed to be a “living” document. Since the plan’s original submission, OHIP’s Privacy Committee has added several regulatory references pertinent to consumer consent and related privacy policies.
P2
#/Page(s) SectionReference
Amendment
16 HIE White Paper
K1 Appendix K On September 30, 2010, OHIP released a white paper to explain core concepts included in the HIE State Plan to stakeholders interested in HIE development.
17 HIE Implementation Model
Q1 Appendix Q This document identifies the potential HIE gaps in Ohio and core strategies for supporting Stage 1 meaningful within a Direct Project framework.
P3
1
AMENDMENT 17 – HIE IMPLEMENTATION MODEL
This document describes the phases of the Ohio Health Information Partnership (OHIP)’s planned HIE
Implementation Model with special focus on the initial stage of implementation. The focus of this
amendment is on the initial phase of implementation to assist providers with their ability to achieve
Stage 1 of meaningful use. The approaches outlined are consistent with OHIP’s HIE State Plan, but are
structured to specifically respond to the outstanding questions requiring additional explanation as
requested in the January 3, 2010 email, “ONC Feedback on Updated OHIP State Plan.” This
amendment:
‐ Highlights from our environmental landscape that are of particular relevance to our Phase 1 strategy;
‐ Identifies gaps in our current capabilities for supporting Stage 1 Meaningful Use; ‐ Discusses our strategy for addressing those gaps; and ‐ Provides context for Phase 1 approach by outlining future phases.
Additional footnote cross‐references to OHIP’s HIE State Plan are also provided.
1 LANDSCAPE SUMMARY AND GAP ANALYSIS
1.1 PROVIDER READINESS FOR EXCHANGE
1.1.1 LANDSCAPE1
The results of OHIP’s environmental scan conducted in June 2010 reflect the environmental factors
driving OHIP’s strategy. For example, Ohio is experiencing significant activity in electronic health record
(EHR) implementation. Prior to stimulus funding, close to half of the providers who responded to the
survey were entirely paper‐based or using a practice management system only. OHIP estimates that
actual EHR adoption rates (~ 25%) are lower than reported in the survey due to the variance in
respondent roles and the potential for the respondent’s confusion between practice management
applications and a true EHR system.
1 Section 1.2.5 (Environmental Scan), S‐16 and Appendix B (EHR/HIE Survey Tool)
Appendix Q - HIE Implementation Model
Q1
2
In the current environment, there are large rural/Appalachian sections of geography that have no
current or planned resources to facilitate secure messaging. OHIP will invest federal dollars to focus on
helping providers in those areas to meet Stage 1 meaningful use. This is evidenced in the policy used to
identify priority settings for OHIP’s implementation of the Regional Extension Center (REC) Cooperative
Agreement Program approved by ONC on August 17, 2010. OHIP’s policy targets settings that
predominantly serve uninsured, underinsured and medically underserved populations. This policy is
included as Attachment A.
OHIP’s REC services2 are currently assisting Priority Primary Care Providers (PPCPs) to meet meaningful
use in these focus areas highlighted in orange in Figure 1. Additionally, the remaining geography of the
state is mostly urban/metropolitan and has the resources to facilitate secure messaging between their
organizations, but need a neutral convening body to facilitate secure messaging between disparate
organizations. There is only one small section of the state in the Cincinnati area (part of the
HealthBridge Tri‐State Health Information Exchange) that is currently utilizing Direct protocols to send
data between disparate organizations and providers. As a result, the majority of Ohio is looking to OHIP
to help facilitate secure messaging through the Direct Project for them to send data between
organizations in a meaningful way.
2 Section 1.3.1 (Regional Extension Center Services), S‐48
Appendix Q - HIE Implementation Model
Q2
3
Figure 1: Map Identifying OHIP’s High‐Priority, Underserved Areas
This environment has created a highly motivated group of stakeholders that have already spent millions
of dollars of in‐kind expenses working towards the success of OHIP’s mission and goals for both the HIE
and REC programs. Because we (OHIP) were awarded grants for both the HIE and REC programs,
coordination between the two programs is seamless. Stakeholders for both programs have come
together in a shared governance model directing OHIP towards success in all aspects of their work. This
collaboration filters down to hundreds of participants on different committees and organizations
volunteering their time and resources3.
3 Section 1.4 ( Governance), S‐78 and Appendix E (HIE and REC Committees), Appendix M (ePrescribing Task Force),
Appendix N (Privacy and Policy Committee)
Appendix Q - HIE Implementation Model
Q3
4
Figure 2: OHIP’s High‐Level Governance Structure
The OHIP structure, as depicted in Figure 2 above, has made it efficient and streamlined for us to
coordinate the dollars received between the HIE and REC programs and ensure that efforts are not
duplicated. This has been critical with the early success of OHIP and is reflected in the fact that OHIP’s
REC leads the nation with over 2700 PPCPs as of 1/7/11 who have already signed contracts committing
to the purchase and adoption of EHRs. Defying conventional wisdom that larger practices or those in
urban areas would be the first to respond to incentives, the regional partners with the highest
recruitment numbers are in Ohio’s gap/rural areas.
Appendix Q - HIE Implementation Model
Q4
5
Figure 3 ‐ OHIP's REC Regional Partners
OHIP’s REC program consists of seven regional partners that are a collaboration of local entities that
work together to assist providers with the adoption of EHRs. Each REC is comprised of hospital systems,
physician groups, quality improvement organizations, universities, and community colleges, professional
associations, consultants and operational HIEs. The primary focus of OHIP’s REC program is to provide
educational and technical EHR support to providers, in both urban and rural areas. The relationships
that the regional RECs will cultivate with the local hospitals and physicians through the REC program, will
situate these RECs be in a unique position to coordinate health IT adoption efforts through close
alignment of EHR and HIE adoption strategies. Figure 3 above shows how each REC is divided within
Ohio. The area in grey is serviced by the regional health information organization (RHIO), HealthBridge.
Appendix Q - HIE Implementation Model
Q5
6
In Figure 4 below, the blue line indicates the actual signed PPCP contracts recruited through OHIP’s
regional partners as reported in the ONC CRM system. The dashed red line is the projected number of
contracts we anticipate will be signed based upon our estimates of the s pipeline. The OHIP REC has
been actively working with our stakeholders to focus on the PPCPs per the ONC approved policy, while
addressing all PPCPs in OHIPs 77 county focus. OHIP has the highest number of signed PPCP contracts in
the country. The PPCP contracted services will create the installed EHR base necessary to build a robust
statewide HIE service delivery system.
Figure 4: OHIP’s REC Milestone 1 Contracted PPCPs
1.1.2 ANALYSIS
In response to a request under OHIP’s REC program, ONC approved OHIP’s prioritization strategy on
August 17, 2010. In this strategy, OHIP identified 57 of Ohio’s 88 counties as formally designated rural,
Appalachian or underserved areas of the state. This area represents 3.2 million Ohioans and
approximately 28.5% of the total health care provided in Ohio. These geographic regions have been
identified as the areas of Ohio that, without the support of the federal and state funding allocated to
facilitate secure messaging and future HIE development, will probably not meet Stage 1 and later stages
of meaningful use.
Appendix Q - HIE Implementation Model
Q6
7
Figure 5: Number of PPCPs in OHIP’s High‐Priority, Underserved Areas
The gap area also represents 2,402 PPCPs as displayed in Figure 5 that will be a priority of OHIP’s efforts
to assist them in meeting Stage 1 meaningful use. In these 57 counties, 30% of the lab results are
provided by the Critical Access or Small and Rural Hospital affiliated labs, which will be a priority in
moving to structured lab results and facilitating the movement of those data as discussed below.
1.2 EPRESCRIBING4
1.2.1 LANDSCAPE
4 Section 1.2.5.6 (Specific HIE Service Issues, ePrescription), S‐27
Appendix Q - HIE Implementation Model
Q7
8
In Ohio, 98.7% of pharmacies are activated for ePrescribing. As in many other states, there are very few
independent pharmacies, with the vast majority of prescription being filled by pharmacy chains capable
of accepting electronic prescriptions. The majority of the 1.3% gap appears to fall within the individual
or small pharmacy chains.
Figure 6: Concentration of Pharmacies by Zip Code
Figure 6 above shows the distribution of the pharmacies in Ohio, all of which are capable of receiving
prescriptions electronically. These ePrescribing‐enabled pharmacies are found in every county,
providing Ohioans the ability to access an e‐Rx‐ready pharmacy within 30 minutes of home.
On the physician side, adoption rates for ePrescribing remain relatively low (18%) compared to other HIT
activities in Ohio and compared to other states with similar sized markets. Ohio is the only state in the
country that requires Board of Pharmacy (BOP) approval for software to ePrescribe. The BOP has taken a
very strict approach to ensuring physicians provide dual authentication when signing every prescription
they send. EHR systems are not designed for dual authentication and vendors have resisted modifying
Appendix Q - HIE Implementation Model
Q8
9
their systems for one state. Over time, the Ohio State Medical Association (OSMA) created a preferred
vendor program and worked with EHR vendors and the BOP to find an alternate solution. To date, the
BOP has approved approximately 75 ePrescribing systems for hospitals and office settings in Ohio. New
adopters tend to ePrescribe, but many of the original EHR adopters did not implement the ePrescription
module due to BOP requirements.
In the fall of 2010, the Drug Enforcement Agency (DEA) announced that it was adopting an approach
very similar to the BOP’s requirements. As a result of the collaboration between OHIP and the BOP, the
BOP approved an Ohio rule to adopt the DEA standard for certifying ePrescribing systems in Ohio. This
rule went into effect January 1, 2011.
1.2.2 ANALYSIS
ePrescribing Gap 1: Less than 2% of pharmacies cannot accept electronic prescriptions.
As nearly 99% of all retail pharmacies in Ohio are capable of receiving prescriptions electronically, there
is no gap in pharmacy adoption. The few independent pharmacies that have not yet adopted
ePrescribing do not restrict eligible providers (EPs) from achieving stage 1 meaningful use in 2011.
ePrescribing Gap 2: Physicians either do not have e‐prescribing technology, or they have the capability
to ePrescribe but have not enabled the module.
With less than 25% adoption of ePrescribing among prescribers, this represents the true gap in ePrescribing.
1.3 LABORATORIES5
1.3.1 LANDSCAPE
Statewide adoption of structured lab results delivery in Ohio is estimated to be less than 10%. Reported
top barriers to adoption are the lack of integration between EHR vendors and HIE networks, insufficient
information on HIE options coupled with privacy and security concerns.
5 Section 1.2.5.6 (Specific HIE Service Issues, Electronically Delivered Lab Results), S‐30
Appendix Q - HIE Implementation Model
Q9
10
As noted in the HIE State Plan, LabCorp, Quest and MedPlan are the three major lab market leaders in
Ohio and comprise 70% of the current lab services offered today. The other 30% of lab work is being
done by hospital‐based laboratories inside Critical Access Hospitals (CAHs) or other rural or underserved
community hospitals that are not in areas being supported by HIE networks today and therefore, are not
exchanging information electronically (see Figure 7 below).
Figure 7: Lab Distribution in OHIP’s High Priority, Underserved Area
Note that, in contrast to other states, small community labs that are not physician or hospital‐based no
longer exist in Ohio. For historical context, in the late 1980s the Health Maintenance Organizations
(HMOs) and Preferred Provider Organizations (PPOs) began contracting with national laboratories for
the delivery of clinical lab services. As these managed care plans increased in the early 1990s, the
hospital lab business drastically declined. This required hospitals in Ohio to negotiate lab services with
these managed care organizations and helped to bring business back to the hospitals. Because of the
hospitals and national labs, the regional labs were either purchased or went out of business.
Appendix Q - HIE Implementation Model
Q10
11
Consequently, the lab services in Ohio are currently delivered by two national laboratories (LabCorp and
Quest), one statewide lab provider (MedPlan) and the hospitals. As the use of EHRs has grown,
physicians have begun ordering lab services through their EHRs, rather than the more manual process
that is required when dealing with hospitals. This has created a need in rural hospitals to create the
ability for the delivery and creation of lab results to retain business. Hospital laboratories are also
motivated by the meaningful use incentives to electronically manage their internal lab results delivery.
1.3.2 ANALYSIS
Laboratory Gap 1: Hospital laboratories in rural or underserved areas have few affordable and
manageable options to deliver results to physicians involved in a patient’s care in a
secure manner
Thirty percent of lab work is being done by hospital‐based laboratories inside Critical Access Hospitals
(CAHs) or other rural or underserved community hospitals who are not in areas being supported by HIO
networks today and therefore are not exchanging information electronically.
Laboratory Gap 2: Few hospital laboratories in rural or underserved areas have the means to exchange
laboratory data in a structured or encoded form.
The majority of hospitals located in rural or underserved areas can generate lab results in unstructured
or semi‐structured forms, but do not have the resources to upgrade to fully structured formats using
federally endorsed interoperability standards.
Laboratory Gap 3: The Ohio Department of Health (ODH) would like to increase the number of hospitals
providing reportable lab results through its Ohio Disease Reporting System (ODRS)
Due to gaps 1 and 2, ODH is unable to gather reportable laboratory information from these rural and
underserved areas.
Laboratory Gap 4: The three lab providers offering statewide services can generate electronic lab
results, but they are not able to reach each provider in the state electronically.
The three major laboratories business model in the current point‐to‐point model can only justify
working with the EHR market leaders to move lab results to physician practices that produce significant
Appendix Q - HIE Implementation Model
Q11
12
volume. Any physician practice below this level will either need to pay for the service or not receive lab
results electronically through its EHR.
1.4 PATIENT CARE SUMMARY EXCHANGE6
1.4.1 LANDSCAPE
While hospital organizations and large physician practices may be able to send these records within
their closed environments, there is almost no exchange that occurs between disparate offices or
organizations. The exception to this is HealthBridge, which is exchanging care summaries in the Greater
Cincinnati area between unaffiliated organizations.
1.4.2 ANALYSIS
Patient Care Summary Gap 1: There is little to no care summary exchange in Ohio that occurs between
disparate offices or organizations.
1.5 LEGAL AND PRIVACY7
1.5.1 LANDSCAPE
The privacy rights of patients in Ohio are protected by a combination of Ohio statute, statutory
interpretation of the American Medical Association (AMA) physician code of ethics, Ohio case law and
the HIPAA. These regulations reflect a strong desire to ensure that patients are protected from
unauthorized uses of personal health information. Ohio law puts significant restrictions on transferring
records in any form, electronic or otherwise, that preempt the HIPAA requirements. While Ohio statute
does not explicitly require written patient consent for medical record disclosure when used for
treatment purposes, there is an Ohio statute that contains an express requirement for written patient
consent when a health provider discloses medical records to a patient, the patient’s authorized
representative or to a third party.
6 Section 1.2.5.6 (Specific HIE Service Issues, Patient Care Summaries), S‐31 7 Section 1.8 (Legal/Policy), S‐106 and Appendix A (Health IT Regulatory, Certifications and Other References), Appendix J (HISPC Model Permission Form)
Appendix Q - HIE Implementation Model
Q12
13
Ohio case law that interprets physician/patient privilege and the recognition of the tort for unauthorized
disclosure of nonpublic medical information shows a strong support in Ohio law for a patient’s right to
confidentiality of their medical records, absent disclosures required by law or disclosures necessary to
protect a countervailing interest that outweighs the patient’s interest in confidentiality. Furthermore,
under Ohio statute a physician may be sanctioned for violating any provision of a code of ethics of the
AMA that includes the opinion that transferring physician records to another treating physician requires
“proper authorization for the use of records must be granted by the patient.”
1.5.2 ANALYSIS
Privacy Gap 1: While Ohio statute does not explicitly require written patient consent for medical record
disclosure when used for treatment purposes, there is an Ohio statute that contains an
express requirement for written patient consent when a health provider discloses
medical records to a patient, the patient’s authorized representative or to a third party.
In Ohio and across the country, HIEs are struggling to operationally define what constitutes adequate
and meaningful patient consent in the new era of electronic exchange of health information. All HIEs
must balance what is required legally, what is appropriate for risk management purposes, what
constitutes good public policy, what will hold up in an evolving market of commercialization of health
information and what is feasible from an implementation perspective. This is especially the case in Ohio
where a patchwork of statute and case law interpretations provides no clear guidance on what level or
type of consent is required to access a patient’s health record. In order for a provider to protect
themselves from litigation, the most prudent way to handle the disclosure of health information is with
a formal consent process.
Privacy Gap 2: Providers are confused about what constitutes meaningful patient consent. The different requirements under HIPAA and Ohio law have created confusion among health providers
and patients with regard to consent requirements. Many physicians in Ohio and across the country may
be under the false assumption that HIPAA supersedes state law and are not aware of the additional
privacy protections required when practicing in Ohio.
Appendix Q - HIE Implementation Model
Q13
14
As a result, there are conflicting views in Ohio as to whether explicit consent is required for disclosures
of health records when released for treatment. Ohio health care providers have adopted patient
consent policies and procedures that differ throughout the state.
1.6 ADDITIONAL HIE ASSETS
1.6.1 LANDSCAPE8
OHIP has had several communications with multiple licensing boards in Ohio. The Medical and Nursing
licensing boards were looking for OHIP to assist in the collection of quality provider data for the purpose
of developing a statewide provider directory. Data quality continues to plague their current process and
the boards began to negotiate with OHIP to assist in the development of a new licensing system. The
process was placed on hold when the current administration was replaced. Once the new
administration has been properly briefed on the current situation, OHIP plans that the administration
will see the benefit of this public/private partnership and encourage its continuation.
OHIP sought different provider repositories for use with the REC program. As each alternative was
reviewed, the quality of the data was found to be inadequate. OHIP identified that the data necessary
to populate an authoritative Master Provider directory was not available in the data that is currently
collected by the licensing boards, association member lists and Medicare/Medicaid billing information.
1.6.2 ANALYSIS
HIE Assets Gap 1: The state of Ohio has no validated repositories to utilize in the development of a
Master Provider Directory.
Although separate provider data sources exist, none of the sources currently available to OHIP are
considered comprehensive and reliable at this point in time.
8 Section 1.3.2.1 (Role of State Inter‐Agency Council, Licensing), S‐56
Appendix Q - HIE Implementation Model
Q14
15
2 GAP FILLING STRATEGY
The core strategies identified below will be used to assist providers with achieving the HIE PIN
requirements necessary to meet Stage 1 Meaningful Use.
2.1 CORE STRATEGIES
We are in the final stages of our Request for Proposal (RFP) process, through an appointed committee of
stakeholders, as defined by the OHIP Board. OHIP and the committee are currently performing due
diligence and work plan development. The final strategies below will be dependent upon negotiations
with our technical service provider.
Core Strategy 1: Facilitate Exchange Leveraging Direct Protocols
The Phase 1 level of physician‐oriented development will enable baseline services for “gap” providers to
facilitate point‐to‐point exchange (Direct Project) of clinical information necessary to achieve Stage 1
meaningful use. This would include the unsolicited exchange (push) of clinical care summaries, lab
results or medication history information. The Phase One development strategy would include options
for “gap” providers to rapidly and affordably connect to the HIE, identify and interface with other
providers using the Direct framework and select the level and range of sophistication consistent with
their capabilities (unstructured, semi‐structured or structured data).
Core Strategy 2: Establish Open Provider Directory
OHIP can leverage the information obtained through physician REC recruitment to create a
comprehensive provider directory necessary to support the Direct framework for point‐to‐point
exchange. This directory will include provider health domain addresses as issued. As the new state
administration takes hold, OHIP will resume discussions with licensure boards to leverage existing data
along with association member contacts. OHIP intends to reach out to all providers in the state to
ensure that the directory will be authoritative. OHIP will work with ONC and other states to leverage
the work of ONC’s HIT Standards Committee to establish the standards and protocols for offering
provider directory services to facilitate health information exchange using the Direct framework.
Appendix Q - HIE Implementation Model
Q15
16
Core Strategy 3: Provide HISP Services
Through a structured procurement process, OHIP will contract with a Health Information Service
Provider (HISP) to support the sending and receiving of secured messages for clinical information using
Direct Project protocols. The HISP will provision health domain addresses that will allow physicians to
be reached by other physicians.
OHIP’s contracted (HISP) will be accessible to any provider that needs one. The OHIP HISP will work with
existing HISPs and encourage other HISPs to provide their services in Ohio to ensure that every provider
has their choice of service offerings. This includes a commitment to facilitate exchange using Direct
protocols with the State’s designated Beacon community supported by the regional HIE network,
HealthBridge. OHIP only requires that if another HISP wishes to provide their services in Ohio, they must
be willing to exchange with any other HISP that operates in Ohio. Through this strategy, OHIP will not
constrain the market and will ensure through contractual authority that all HISPs operating in Ohio will
allow secure messages to pass between them. OHIP will offer two options to enable the Direct Project to
support any Ohio provider and lab who desires to meet Stage 1 Meaningful Use.
Option 1 (Physician Baseline HISP Services)
For those providers who do not require OHIP’s assistance in managing the coordination of patient
consent, OHIP will make freely available a complete Master Provider Directory and a list of HISPs that
offer services in Ohio. For providers who have chosen to handle consent for themselves, OHIP will not
allow the secure message to travel through its HISP. This prohibition is due to the liability incurred on
the part of OHIP if either party, sending or receiving, has not fulfilled the requirements under Ohio law
surrounding patient consent.
Option 2 (Physician HISP Services with Trust Management)
If providers decide that they would rather have OHIP assist with the collection and storage of patient
consent, OHIP will provide the services listed in Option 1 and include the patient consent coordination
layer through OHIP’s HISP. This option will require a minimal subscription fee, but the added step of
ensuring all parties have received consent is handled by OHIP. It will also require that the receiving
physician is located on OHIP’s HISP.
Appendix Q - HIE Implementation Model
Q16
17
Option 3 (Laboratory HISP Services)
For those labs that wish to send lab results for free, OHIP will provide their Master Provider Directory, a
list of HISPs and certificate authorities that operate in Ohio, and a their own basic certificate authority
for free.
Option 4 (Laboratory Data Management Services)
If labs require translation to LOINC, a data repository or assistance to create structured lab results, OHIP
will provide the services above, as well as the additional services they require. OHIP’s data repository
services are planned primarily for rollout in Phase 2. OHIP will, however, offer data repository services
to support hospital laboratories as described in Section 2.2.1.2 (Laboratories) on page 24.
Core Strategy 4: Offer Bundled Core Services at No Cost to Support Secure, Point‐to‐Point Messaging
OHIP will offer the Master Provider Directory, a list of HISPs and certificate authorities operating in Ohio,
and its own basic certificate authority at no charge. These free tools will be located on the OHIP website
and will be available for download on demand.
Core Strategy 5: Offer Trust and Consent Management Services for Nominal Fee
OHIP’s chosen technical service provider will also assist OHIP in creating a consent management
operational process that all providers will be able to use for a nominal fee. The first phase of this
development will include the following deliverables:
Public Education on Ohio and Federal Privacy Law
This step includes the publication of the Research and Recommendations for HIE Patient Consent
Policies white paper for a 60‐day public comment period (see Attachment B). An educational toolkit
regarding consent policy is also being developed for deployment through OHIP’s regional partners, the
media and other healthcare forums.
Creation of HIE Participant Trust Agreements
This statewide‐applicable model trust agreement is currently being developed and will align with Ohio
and federal law, clearly articulate sending and receiving provider responsibilities and speak to consumer
Appendix Q - HIE Implementation Model
Q17
18
consent requirements. Adaptions of this agreement may be necessary depending on the type of HIE
participant (e.g., data receiver, centralized publisher, federated publisher).
Creation of Business Associate Agreements (BAA)
Since an HIE is considered a “business associate” under HIPAA, the necessary BAA agreement must be
developed to facilitate use of the HIE among providers.
Implementation of a Technical Trust Model
This step will align with policies put forth by OHIP’s Privacy and Policy Committee, the HIE Committee
and will be endorsed through the stakeholder comment period. It would include tasks that address
provider provisioning, identity proofing, digital certificate management and related issues of on‐
boarding, access rights, preferences and relationships.
Core Strategy 6: Provide Education and Outreach to Providers and Vendors on Leveraging Direct
Protocols to Facilitate Secure Messaging
OHIP’s REC structure can be leveraged to deploy education about the Direct Project and develop
outreach programs for physicians to raise awareness of Direct and other options available to them in
their region. OHIP will provide affordable opportunities to leverage the Direct Project and assist with
the creation of secure, point‐to‐point exchange. OHIP will also spread awareness of vendors who
support Direct protocols and strategies for connecting with hospitals.
Education and outreach materials and programs will be developed to help providers understand what is
required to conduct secure messaging using Direct protocols and which EHR vendors support these
protocols.
Core Strategy 7: Leverage OHIP REC Provider Services
OHIP would leverage its existing REC partner model to rapidly deploy the Direct framework throughout
Ohio focusing on “gap” providers first.
Preferred Vendor Program
Appendix Q - HIE Implementation Model
Q18
19
OHIP will work with the EHR vendors in their preferred EHR program9 to develop support for the Direct
framework. Four of the five vendors in the EHR preferred vendor program currently participate in the
Direct Project with the fifth anticipated to join in 2011.
WelchAllyn
OHIP can use the valuable and affordable EHR selection tools available through its REC program to assist
physicians with Phase One adoption. The WelchAllyn readiness assessment tool assesses where a
physician is in the process to move to an EHR, what steps still need to be completed to ensure the
smoothest transition possible and to create the RFP for the EHR solution that best suits their office.
Loan Program10
OHIP worked with three banks based in Ohio and one national bank to develop a program for physicians
desiring to implement an EHR. The program, created by OHIP, offers a simple process with lower
interest rates to assist physicians in supplementing their implementation costs. This easy process is
another component to make the process of transition simple and painless to move physicians toward
achieving Stage 1 meaningful use.
Core Strategy 8: OHIP Will Serve as a Convener of Interested HIT Stakeholders
OHIP will convene Ohio’s hospital system market leaders11 to encourage development of Direct
protocols within their ambulatory solutions, so that physicians using EHRs deployed under Stark
arrangements can communicate with physicians outside their existing hospital‐centric HIE platforms.
The REC programs for OHIP and HealthBridge have been working together to propagate PPCP contracts
for each organization. The two organizations have been sharing contracts with organizations that cross
the boundaries of their respective territories. The Loan Program that OHIP developed has also been
made available to providers that are located within HealthBridge’s 11 county area.
2.2 PHASING, TIMELINE AND MILESTONES12
9 Section 1.2.6.6 (HIE Deployment Strategy, Strategy #2‐ OHIP EHR Preferred Vendor Program), S‐42, Section 1.3.1.3 (EHR Preferred Vendor Program), S‐51, Appendix D (EHR RFP), S‐51 10 Section 2.1.2 (Risks and Mitigation Strategy, Provider Adoption), O‐2
11 Section 1.2.6.6 (HIE Deployment Strategy, Strategy #3 – Ohio Hospital EHR Market Leaders), S‐43
Appendix Q - HIE Implementation Model
Q19
20
OHIP will employ a phased approach to support the Direct Project in Ohio that focuses first on
addressing our gaps for supporting Stage 1 meaningful use. This will ensure that those providers who do
not have the tools necessary to share information in a secure way are guaranteed access to the
resources offered by OHIP. These resources will help them meet Stage 1 meaningful use and offer them
the ability to participate in future exchange options that may be more robust than secure, point‐to‐point
messaging.
A more phased approach that targets Ohio’s gaps will give providers the tools to share information in
the short run, increasing their motivation and readiness to participate in more robust exchange options
in the long run. OHIP has identified this phased approach as the HIE Implementation Model. This model
was designed to be consistent with the anticipated continuum of HIT adoption and is broken down into
three (3) phases:
‐ Phase 1: Initialization (Leverage the Direct Project to achieve Stage 1 Meaningful Use in 2011) o Plan Approval: January 2011 o Vendor Selection: January 2011 o Contract Finalized: February 2011 o Privacy Whitepaper Public Comment: February 2011 o Launch of HIE Education and Awareness Campaign: March 2011 o Privacy Whitepaper Comment Period Ends: April 2011 o Initial Consent Model Finalized and Education Campaign Started: April 2011 o Development of goals in coordination with stakeholders: May 2011
Goals will measure progress and success against the three PIN objectives required to meet Stage 1 Meaningful Use.
Agreed upon measurable goals will be benchmarked and tracked. o Completion of EHR Vendor Commitments to HIE: April 2011 o Phase 1 Core Services Go‐Live: June 2011
‐ Phase 2: Development (Longitudinal Patient Record) o Development of goals in coordination with stakeholders: May 2011
Goals will measure progress and success against future Meaningful Use requirements.
Agreed upon measurable goals will be benchmarked and tracked o Phase 2 Core Services Go‐Live: June 2012
Phase 2 services include:
Master Patient Index
Master Entity Index
Record Locator Service
12 Section 1.2.6 (Proposed HIE Model), S‐35, Section 1.2.6.6 (HIE Deployment Strategy), S‐39, Section 1.7.1 (Implementation), S‐100, Section 2.1.1 (Project Plan), O‐1 and Appendix I (HIE Project Plan)
Appendix Q - HIE Implementation Model
Q20
21
Consent Tracking and Management
Community Data Repository Services
‐ Phase 3: Optimization (Sustainability) o With stakeholder involvement and in collaboration with ONC, we will develop a set of
services to integrate clinical and administrative data to streamline the efficiencies of payment processes.
The overall goal of the HIE Implementation Model is to ensure that all providers in Ohio are on equal
footing as OHIP progresses towards true HIE optimization. Figure 8 provides a visual representation of
OHIP’s timeline.
Figure 8: OHIP’s Implementation Timeline
Per the July 6, 2010, Program Information Notice (PIN) from ONC, recipients of HIE federal grants are
required to track and set goals for HIE adoption rates among stakeholder groups. OHIP will track rates
consistent with final ONC guidance and will set targets in collaboration with our REC and stakeholders.
This strategy allows for benchmarking and encourages healthy competition towards adoption of services
necessary to achieve meaningful use. It has been a successful, proven approach for motivating the REC
toward PPCP recruitment and aligns with strategies for leveraging the REC structure for education and
Appendix Q - HIE Implementation Model
Q21
22
outreach. For success, it is important to garner regional partner buy‐in when setting the measures and
targets and to develop a continuous improvement plan to ensure success moving forward.
2.2.1 PHASE ONE: MEETING STAGE 1 MEANINGFUL USE
This stage recognizes the service development steps necessary to enable Stage 1 meaningful use with a
focus on “gap” providers. Leveraging Direct provides the foundation to support transaction‐based,
secure messaging to replace current paper‐based processes in areas of the state where providers have
little to no options today (e.g., sending patient information electronically from one provider to another).
2.2.1.1 EPRESCRIBING
ePrescribing Gap 1: Less than 2% (30/2,157) of pharmacies cannot accept electronic prescriptions.
ePrescribing Strategy 1: OHIP will personally contact the 30 pharmacies that are not SureScripts
activated pharmacies.
OHIP will identify the reason they are not currently accepting electronic prescriptions and work with
them to resolve their issues and track the ongoing success of their adoption.
ePrescribing Strategy 2: Provide focused education to these small chains through OHIP’s Regional
Partners and ePrescribing Task Force members.
This task force includes physicians, hospitals, pharmacists, BOP and small and large pharmacy chains.
This group’s task is to do what is necessary to address the issues preventing ePrescribing and
widespread adoption.
ePrescribing Gap 2: Physicians have e‐prescribing technology, but do not have it enabled or are not using it.
The OHIP HIE will collaborate with its REC to ensure that providers with ePrescribing capabilities have
the functionality enabled and are actually able to use it to e‐prescribe.
ePrescribing Strategy 3: Ensure EHR software is not only ONC certified, but Ohio Board of Pharmacy
Approved.
Appendix Q - HIE Implementation Model
Q22
23
After the DEA rules were announced, OHIP worked with the Board of Pharmacy for a commitment that
the Board would now go with the national standard to approving EHRs, rather than an Ohio‐specific
approach. The Board agreed and approved an Ohio rule which went into effect January 1, 2011. OHIP
also included the Board on our Preferred EHR Vendor Selection Committee (part of our REC program) to
ensure the Preferred Vendors were in good standing with the Board. In the fall of 2010, OHIP created an
ePrescribing Task Force with members from:
Mercy Health Partners/CHP
Firelands Regional Medical Center
TriHealth, Inc.
Summa Health System
Mercy Health Partners/CHP
University Hospital, Cleveland
OHIP
Memorial Hospital
Toledo Clinic
Ohio Board of Pharmacy
Ohio University College of Medicine
Berger Hospital
Ohio Pharmacy Association
University of Findlay
Children's Dayton
COPC, Columbus
CVS
The Task Force is charged with removing barriers to widespread e‐prescribing in Ohio. The HIE and REC
divisions of OHIP are represented on the Task Force and will leverage that team to ensure collaboration
between EHR vendors, HISP vendors and the BOP.
ePrescribing Strategy 4: Ensure physicians have e‐prescribing technology.
Work with the REC and Regional Partners to ensure physicians select EHRs that are ONC certified and
BOP approved. Each of OHIP’s five preferred EHR vendors were required to offer an ePrescription
module that was certified by the BOP prior to selection into the program. Each preferred vendor has
agreed to connect to the statewide HIE using federally‐endorsed interoperability standards without
additional cost to users. As a bridge strategy, through the RFP process OHIP required the offering of an
ePrescribing capability as a cloud service. Once an HIE vendor is selected, OHIP will fast‐track
certification of these services, if not already certified, through its e‐Prescribing Task Force, which
includes BOP representatives. This modular functionality will be offered to any eligible provider in the
State who desires to use the service to meet meaningful use requirements.
2.2.1.2 LABORATORIES
Appendix Q - HIE Implementation Model
Q23
24
Laboratory Gap 1: Hospital laboratories in rural or underserved areas have few affordable and
manageable options to deliver results to physicians involved in a patient’s care in a
secure manner.
Laboratory Strategy 1: Through OHIP’s RFP process, OHIP will offer HISP services in a Direct Project
framework so that any laboratory will be able to push results to the ordering
physician.
Any ordering physician that receives laboratory results will be able to push those results to other
providers involved in a patient’s care in either a structured or unstructured format. OHIP will provide a
free, Master Provider Directory so that information may be exchanged using OHIP’s HISP or any other
HISP service available in the State to securely deliver the results.
Laboratory Gap 2: Few hospital laboratories in rural or underserved areas have the means to exchange
laboratory data in a structured or encoded form.
Laboratory Strategy 2: OHIP’s strategy will target all of the 69 hospital labs located in the
underserved, priority settings to identify sites to serve as early integration
points for HIE deployment.
This process will involve assessing the hospital’s current laboratory systems and interoperability
capabilities, IT staff capacity, upgrade requirements and other key factors for structured laboratory
deployment. Leveraging the REC CAH supplemental grant program, OHIP will address issues identified
during the assessment, establish implementation teams and begin integration steps to connect these
hospitals and their referring physicians.
This strategy will address anticipated issues as follows:
Inability to support HL‐7 v2.5.1 or LOINC codes – OHIP will provide data management services to
allow for the necessary translation of formats (e.g., prior versions of HL‐7) or codes (e.g. SNOMED to
LOINC) efficiently and accurately.
Variances in narrative versus discrete laboratory data results ‐ OHIP’s data translation services will
identify and appropriately handle or route laboratory results based on result type.
Appendix Q - HIE Implementation Model
Q24
25
Inability to persist structured data ‐ For those hospital labs that do not have the technical
infrastructure to support a data management strategy, a data “canister” in the OHIP HIE
environment that will be made available for those providers to store and manage that data in a
structured way.
By implementing these strategies, physicians located in these underserved areas will gain access to
laboratory results they are currently unable to obtain electronically.
Laboratory Gap 3: The Ohio Department of Health (ODH) would like to increase the number of hospitals
providing reportable lab results through its Ohio Disease Reporting System (ODRS).
Laboratory Strategy 3: Through laboratory gap strategies 1 and 2, OHIP will not only increase the
degree of structured laboratory data exchange between hospitals and
providers, but it will also assist public health efforts by expanding the sources
of information available to ODRS in an efficient manner.
OHIP is currently coordinating efforts with ODH through the investigation of other grant funding sources
and providing education to align with LOINC laboratory coding best practices. OHIP will also work with
ODH to facilitate the education and communication to laboratory directors regarding itsunderstanding
of CLIA/CAP requirements for validating clinical laboratory results exchanged electronically.
Laboratory Gap 4: The three lab providers offering statewide services can generate electronic lab
results, but they are not able to reach each provider in the state electronically.
Laboratory Gap Strategy 4: Similar to Laboratory Gap Strategy 1, OHIP will offer HISP services in a
Direct Project framework so that any laboratory provider will be able to
push results to the ordering or other physicians.
OHIP will provide a free, Master Provider Directory so that information may be exchanged using OHIP’s
HISP or any other HISP service available in the State to securely deliver the results.
2.2.1.3 PATIENT CARE SUMMARY EXCHANGE
Appendix Q - HIE Implementation Model
Q25
26
Patient Care Summary Gap 1: There is little to no care summary exchange in Ohio that occurs between disparate offices or organizations. Patient Care Summary Strategy 1: To help raise the level of exchange of CCDs and structured lab
results, OHIP will leverage the core strategies that have been
outlined in Phase 1 of their HIE Implementation Strategy.
OHIP will encourage the use of the Direct Project protocols for providers to send secure messages to
each other. OHIP will offer the tools for free, but will charge a minimal subscription fee if providers
choose to have OHIP handle patient consent.
OHIP is using the Direct Project because there are currently no available assets on a state scale that can
be leveraged to achieve the same outcomes as Direct. Using the Master Provider Directory, any
physician desiring to share information with other providers involved in a patient’s care can do so
electronically by obtaining their health domain address through the transparent Provider Directory and
pushing the information through the secure HISP service. If the receiving provider chooses to use a
different secure HISP service, OHIP will still facilitate exchange across HISPs using Direct protocols;
however, consent must be managed by the receiving provider.
This type of basic transactional exchange can be used to exchange any type of clinical care summary
document (discharge summary, CCD or other) as well as fact sheets, referral documents or other
unstructured records, which may be of interest to other providers. Expediting this process from paper
to electronic could make a significant difference in a patient’s care and/or their ability to secure
insurance coverage for treatment that requires referral documentation and approval.
In addition, all of OHIP’s preferred EHR vendors support CCDs in both structured and unstructured
formats.
2.2.1.4 LEGAL AND PRIVACY
Privacy Gap 1: While Ohio statute does not explicitly require written patient consent for medical record
disclosure when used for treatment purposes, there is an Ohio statute that contains an
express requirement for written patient consent when a health provider discloses
medical records to a patient, the patient’s authorized representative or to a third party.
Appendix Q - HIE Implementation Model
Q26
27
Privacy Strategy 1: OHIP will create a statewide‐applicable model trust agreement and business
associate agreement (BAA) which addresses privacy and related consent
requirements in a virtual environment.
Privacy Gap 2: Providers are confused about what constitutes meaningful patient consent.
Privacy Strategy 2: OHIP will publish a Privacy White Paper for public comment and follow‐up with a
privacy‐focused education campaign and toolkit.
2.2.1.5 ADDITIONAL HIE ASSETS
HIE Assets Gap 1: The state of Ohio has no validated repositories to utilize in the development of a
Master Provider Directory.
HIE Assets Strategy 1: OHIP will leverage information obtained through multiple database including
those from the REC recruitment, associations and licensing boards.
While OHIP has identified discrepancies in their data, there are portions of their data that will be helpful
to create the base for a reliable Master Provider Directory. OHIP will explore importing those accurate
elements of current data sets to add value to the directory while continually validating and scrubbing for
inaccuracies and discrepancies. This directory will be the authoritative Provider Directory for Ohio and
will be accessible to any provider that needs it, at no charge.
2.2.2 CORE STRATEGIES: PHASE TWO13
OHIP will work with ONC to chronicle lessons learned as Phase 1 services are rolled out to assess
penetration and overall project success. OHIP plans to build on the framework provided in Phase 1 to
move towards the creation of a longitudinal record and recognizes the service development steps
necessary to expand connectivity to support providers with this effort in Phase 2. Longitudinal patient
records provide an aggregated view of health‐related information on an individual, gathered
cumulatively across more than one health care organization involved in the patient’s care. A powerful
13 Section 1.2.6 (Proposed HIE Model), S‐34, Section 1.7.1 (Implementation), S‐100
Appendix Q - HIE Implementation Model
Q27
28
example of the potential for these services is the ability of an emergency responder (EMT) to
immediately access patient information from several providers at the point of emergency response.
OHIP’s strategy is to use the NHIN Exchange to provide a framework for how to connect existing
networks together.
In Phase 2, if physicians do not adopt Direct in a meaningful way, OHIP will accelerate the build out of
Phase 2 with the core infrastructure built in Phase 1.
2.2.3 CORE STRATEGIES: PHASE 314
By 2013, OHIP’s anticipates a significant convergence of clinical and administrative exchange processes
based on the following drivers:
‐ In 2010, Medicare established pay‐for‐performance standards for end‐stage renal disease (ESRD)
facilities. The ESRD Quality Incentive Program (QIP) is based on a set of quality measures including
specific lab results. Medicare uses the clinical information to rate providers’ quality of dialysis care
and establishes a sliding scale for payment adjustments based on the facility’s performance. This is
the first of many administrative payments processes that will be based upon clinical circumstances.
The commercial payors will soon follow Medicare with payment being based upon documented
outcomes.
‐ In 2013 the industry will transition from the International Coding of Diseases (ICD 9) to ICD‐10. The
specificity for ICD‐10 coding will change the way payments are processed. The coding will allow
payors to make payments based upon intensity and complications of the procedure. This new
payment process will require additional clinical documentation to justify the additional payment.
The healthcare industry as a whole will need a fluid method to move the additional clinical data.
The industry will utilize the attachment transaction to convey clinical data to payors.
‐ The current trend in primary care is the concept of a patient centered medical home (PCMH). The
PCMH management process cannot be accomplished without interfacing with medical record
information.
14 Section 1.5.1 (Sustainability), S‐87
Appendix Q - HIE Implementation Model
Q28
29
‐ The industry is showing the trend in payment management that will require the merger of clinical
data with payment data to justify the expected payment amount. The HIE will need to build services
that will feed clinical data into the administrative payment processing.
To convene the stakeholders around these drivers, the OHIP Board has approved the formation of a new
committee. The committee has been given the objective of finding a process that combines
administrative and clinical data to improve the cost of data management. The second objective of the
committee is to look at the effect of ICD‐10 on payment process and work through how to ensure the
issues will not affect current payment functions. The committee will begin work on the objectives in
February 2011. The timing of the implementations of the recommendations will depend upon the
findings of the committee.
3 SUMMARY
In this addendum we provide a thorough analysis of factors that affect the current HIT landscape and
their influence on the success of optimization of our state plan. This includes a discussion of the
comprehensive and measured approach taken in prioritizing the population we seek to assist in
exchanging health data. We also identify the potential gaps in our current capabilities for supporting
Stage 1 Meaningful Use and present our strategic approach for how to address them. These strategies
include:
Core Strategy 1: Facilitate Exchange Leveraging Direct Protocols Core Strategy 2: Establish Open Provider Directory Core Strategy 3: Provide HISP Services Core Strategy 4: Offer Bundled Core Services at No Cost to Support Secure, Point‐to‐
Point Messaging Core Strategy 5: Offer Trust and Consent Management Services for Nominal Fee Core Strategy 6: Provide Education and Outreach to Providers and Vendors on
Leveraging Direct Protocols to Facilitate Secure Messaging Core Strategy 7: Leverage OHIP REC Provider Services Core Strategy 8: OHIP Will Serve as a Convener of Interested HIT Stakeholders
Finally, we identify Phases 2 and 3 of our implementation. All of the strategies for these future Phases
are contingent on maintaining our large stakeholder commitment. We recognize that this stakeholder
commitment is imperative to ensure that OHIP continues to be successful in the development of the
HIE, just as it has been on our REC side and is evidenced in the fact that Ohio is currently leading the
Appendix Q - HIE Implementation Model
Q29
30
country in REC PPCP sign ups. We look forward to your response to this amendment and are anxious to
capitalize on the REC momentum and move forward with our stakeholders on Phase 1 of our plan.
Highlights of this amendment include:
‐ Inherent flexibility of our phased approach – will be able to leverage all capabilities of the core
services implemented in phase 1
‐ We can use our contracting and preferred vendor influence to ensure that we can leverage
Direct effectively. (everyone adopting is adopting Direct‐ready systems)
‐ Great stakeholder commitment – demonstrated by active participation and in‐kind donations –
helps ensure that we will be successful.
‐ REC/HIE combination maximizes our ability to coordinate and rapidly implement and adapt.
‐ Three priority areas
o ePrescribing – Pharmacy adoption is not the problem, so we’re focusing on prescriber
adoption
o Lab – Focusing on hospital labs by providing a robust set of services to enable electronic
delivery of lab results; statewide lab services providers will be supported through
provider directory services.
o Care Summary Exchange – No existing exchange capabilities of significance that occurs
between disparate offices or organizations. OHIP will leverage the Direct Project.
4 ATTACHMENTS
‐ Attachment A – Regional Extension Center PIN # ONC‐REC‐IP‐002 and # ONC‐REC‐IP‐001, August
24, 2010
‐ Attachment B – Privacy White Paper
Appendix Q - HIE Implementation Model
Q30
Attachment A
3968264v1
Ohio Health Information Partnership’s Policy for Defining Priority Settings – Program Information Notice # ONC‐REC‐IP‐002 and Program Information Notice # ONC‐REC‐IP‐001 Per the August 17, 2010 Office of the National Coordinator (“ONC”) Program Information Notice No. ONC‐REC‐IP‐002, entitled “Internal Process – Other Underserved Setting Policy”, and Program Information Notice No. ONC‐REC‐IP‐001, entitled “Internal Process – ‘Practice Consortium’ Policy” (the “PINs”), the Ohio Health Information Partnership (“OHIP”) has developed the following policy for defining the priority settings for OHIP’s implementation of the Regional Extension Center Cooperative Agreement Program. To the extent OHIP encounters practice situations not addressed above but which also predominantly serve uninsured, underinsured and medically underserved populations, OHIP will request approval for a modification of this policy.
Eligible professionals who are directly or indirectly employed by or otherwise practicing primarily in the following settings will be counted and entered into the CRM tool as follows:
1. Individual and small group practices of ten or fewer professionals per primary practice site
2. Public or not‐for‐profit hospitals (per HITECH Act Section 3012(c)(4) and as cited in both PINs and including providers and practices wholly‐owned or controlled by hospitals)
3. Critical access hospitals
4. Community health centers and federally qualified health centers (“FQHCs”)
5. Rural health clinics
Other Underserved Settings
For the sixth priority setting, “settings that predominantly serve uninsured, underinsured and medically underserved populations,” OHIP will apply the following guidelines consistently across the practices with which OHIP is working to those practices that do not otherwise fit within one of the other five priority settings but meet any one of the following definitions:
1. Practices located in a “Rural” county (defined as a county that is not considered as a “metropolitan” county by the Office of Management and Budget) or a county that is within the “Appalachian region” (as defined by Section 403 of the Appalachian Regional Development Act of 1965).
Appendix Q - HIE Implementation Model
Q31
Mat Kendall Page 2 August 24, 2010
3968264v1
2. Practices located in and serving an area that has been identified as being in “situational distress” as defined by the Ohio Department of Development (see Ohio Revised Code Chapter 122), or those located in an “economically depressed” county, defined as a county where the poverty level is higher than the national average poverty level based on data from the most recent U.S. Census Bureau’s American Community Survey.
3. Practices located in and serving an area that has been identified as a Health Professional Shortage Area, as that term is defined at 42 U.S.C. 254e and 42 C.F.R. § 5.2.
4. Practices that have (a) at least twenty percent (20%) of their revenues derived from Medicaid beneficiaries, Medicare beneficiaries and uninsured patients; or (b) at least twenty percent (20%) of their patient visits are attributed to Medicaid beneficiaries, Medicare beneficiaries and uninsured patients; or (c) at least twenty percent (20%) of the practice’s active patients (defined as having been seen by a practice physician at any time within the past three years) are or were at the time of their treatment Medicaid beneficiaries, Medicare beneficiaries or uninsured.
5. Clinics that offer free or discounted services for patients who meet guidelines established by the clinic for receiving such free and discounted services and at least twenty percent (20%) of the patients served by such clinic qualify for free or discounted services.
6. Practices in remote areas with more than 10 primary care providers with prescriptive privileges.
Practice Consortium Definition
Practice “consortiums” defined as a group practice with more than 10 primary care providers all operating under a single tax identification number at more than one location but where each such location has either (a) historically operated independently in terms of physician‐patient encounters; or (b) functions independently in terms of physician‐patient encounters but consolidates billing and other administrative functions. Practice consortiums may target and enroll up to 10 primary care providers per primary practice location.
Appendix Q - HIE Implementation Model
Q32
Attachment B
Research and Recommendations for HIE Patient Consent Policies for
Health Information Exchange in Ohio
Prepared for Stakeholder Review
December 2010
Ohio Health Information Partnership Privacy and
Policy Committee
Appendix Q - HIE Implementation Model
Q33
Research and Recommendations for HIE Patient Consent Policy and Procedures Page | 2
CONTENTS
Contents ........................................................................................................................................................................ 2
1. Introduction and Background .................................................................................................................................... 4
2. OHIP Organizational Structure ................................................................................................................................... 4
3. Scope of OHIP’s HIE ................................................................................................................................................... 5
3.1 Technical Infrastructure for Statewide HIE ...................................................................................................... 6
4. Policy Development Process ...................................................................................................................................... 7
4.1 Phased Approach to Recommendations ......................................................................................................... 8
4.2 Review of Previous work Conducted by HISPC ................................................................................................ 9
4.3 Model Permission Form ................................................................................................................................... 9
4.4Review of ONC Directives ................................................................................................................................. 9
4.5 Consent Environment Under Ohio Law ......................................................................................................... 10
4.6 Review of Other States Consent Models ....................................................................................................... 11
4.7 Consent Environment Under HIPAA .............................................................................................................. 11
5. Current Consent Environment ................................................................................................................................. 12
6. Recommended Policy and Processes for OHIP HIE .................................................................................................. 13
6.1 Scope of Governed Activities ............................................................................................................................. 13
6.1.2 Uses of Health Information ......................................................................................................................... 14
6.1.3 Policies as the Floor for Interstate Exchange .............................................................................................. 15
6.2 HIE Participant Requirements ............................................................................................................................ 15
6.2.1 Business Associate and TEchnical Certificate ............................................................................................. 15
6.2.2 Population of the Master Patient Index ..................................................................................................... 16
6.2.3 Movement of A Patient Health Record Across the Statewide HIE ............................................................. 17
6.3 Patient Engagement .......................................................................................................................................... 18
6.4 Consent .............................................................................................................................................................. 18
6.4.1 Application of Consent ............................................................................................................................... 19
Appendix Q - HIE Implementation Model
Q34
Research and Recommendations for HIE Patient Consent Policy and Procedures Page | 3
6.4.2 Information about Participating Entities .................................................................................................... 19
6.4.3 Exceptions to Consent ................................................................................................................................ 19
6.4.4 Improvement and evaluation of Statewide HIE .......................................................................................... 20
6.4.5 Treatment and Coverage not Conditioned on Consent .............................................................................. 20
6.4.6 Consent Form ............................................................................................................................................. 20
6.4.7 Durability and Revocability ......................................................................................................................... 21
6.4.8 Audits and Enforcement ............................................................................................................................. 21
7. Next Steps ................................................................................................................................................................ 22
8. Terms and Definitions ......................................................................................................................................... 22
Appendix Q - HIE Implementation Model
Q35
Research and Recommendations for HIE Patient Consent Policy and Procedures Page | 4
1. INTRODUCTION AND BACKGROUND
This document sets forth research and recommendations surrounding the collection, use, access and disclosure of
health records in an electronic Health Information Exchange (HIE). The information collected in this document was
compiled by a committee of legal, provider and patient representatives convened by the Ohio Health Information
Partnership (OHIP). This document will be used to solicit feedback and guide the development of the final policies
and procedures used for OHIP’s statewide HIE.
The OHIP statewide HIE will permit the exchange of health information across diverse patient care delivery settings
throughout Ohio. Participants in the HIE will include:
Hospitals (Including Critical Access and Federally Qualified Hospitals)
County and State Health Departments
Physician Offices
Community Health Centers
Large Academic Medical Centers
Nursing Homes
Ambulatory Surgery Centers
Labs
Pharmacies
Other Government Health Agencies
These participants will be in geographic locations ranging from rural Appalachia to large metropolitan areas. The
statewide HIE is essential to realizing the expected value of health information technology to support patient care
improvements. Without it, the health information of Ohio residents will remain in isolated information systems
hampering continuity of care and the adoption of health IT tools.
It is necessary for health systems to work together in order to compile the complete experience of a patient’s care
and ensure accessibility of that information to clinicians as the
patient moves through various health care settings. The
statewide HIE will support clinicians in making cost‐effective,
fact‐based decisions that will reduce medical errors, decrease
redundant tests and improve care coordination with the help of
timely and standardized data aggregation.
One of the most important elements in creating an
interoperable HIE for the State of Ohio is patient consent. It is
important to emphasize that consent policies must be
accompanied by privacy and security protections relating to
authentication, authorization, access controls and auditing to
earn patient trust. The consent must also satisfy all federal and Ohio laws and regulations. The research and
recommendations included in this document are a starting point for the comprehensive privacy and security
policies and procedures that will be published by OHIP in the second quarter of 2011.
2. OHIP ORGANIZATIONAL STRUCTURE
OHIP is a nonprofit entity founded by health care industry stakeholders who have a vested interest in the use of
EHRs and the creation of a true statewide HIE infrastructure. The founders of OHIP include top leadership from the
Ohio State Medical Association, the Ohio Osteopathic Association, the Ohio Hospital Association, BioOhio and the
State of Ohio. The five founding members of this nonprofit organization serve as the executive board on the 15‐
“The statewide HIE is essential to realizing
the expected value of health information
technology to support patient care
improvements. Without an HIE, the health
information of Ohio resident’s will remain
in isolated information systems hampering
continuity of care and the adoption of
health IT tools.”
Appendix Q - HIE Implementation Model
Q36
DRAFT: Research and Recommendations for HIE Patient Consent Policy and Procedures Page | 5
member OHIP Board of Directors, made up of IT, medical, hospital, behavioral health and health insurance leaders.
OHIP is one of six state‐designated entities that also is a Regional Extension Center (REC) awardee and involves
experts who have a local, grass‐roots interest in the integration of EHRs into an HIE infrastructure.
The board’s diverse membership gives clear representation of the medical and health care communities across
Ohio and these leaders have the clout to create and implement an HIE that their organizations will use. For
instance, the board includes a member from each of the Cleveland Clinic, United HealthCare and a member of
AARP, each representing different perspectives and issues. Two committees – the Regional Extension Center
Committee and the Health Information Exchange Committee – form the umbrella for various subcommittees and
workgroups. One of these workgroups is the Privacy and Policy Committee that performed the research and
recommendations related to patient consent presented in this document.
3. SCOPE OF OHIP’S HIE
The vision for the statewide HIE is to make the exchange of health records sustainable, secure, and allow
physicians and other health care professionals to have patient authorized access to health information. The four
drivers for OHIP’s HIE development strategy include:
Helping physicians achieve meaningful use within the timeframe developed by the Department of Health
and Human Services (HHS) Office of the National Coordinator (ONC);
The use of national standards to ensure health system coordination;
Balancing the core HIE services with regional differences; and
Ensuring that the HIE is sustainable.
Core services will include a patient look up, a physician, lab, or participant registry, and patient health record
locator. A patient’s consent will be required to exchange the patient’s records electronically and only authorized
users will be able to access those records. Subsequent sections of this document give recommendations for how
and when this consent should be collected.
OHIP’s initial deployment strategy for the statewide HIE is to
reach out to 200 key technology partners and health care entities
so that roughly 80 percent of Ohio’s population potentially could
be reached by the end of 2011. This strategy will help physicians
achieve the meaningful use criteria with HIE implications within
the timeframe established by the Department of Health and
Human Service’s Office of the National Coordinator (ONC). This
resulting assistance will help physicians take advantage of the
Medicare/Medicaid financial incentives made available by HHS.
These 200 “touchpoints” will become both participants and users
of the HIE.
In addition to the work performed to ensure patient privacy, OHIP has developed an integration strategy that will
assist providers and vendors with their connection to the HIE. OHIP will define a technical model, clarify
“Participants will be able to connect to the
HIE in three different ways depending on
the maturity of their Electronic Health
Record (EHR) system: web portal access
through the provider’s browser; access to a
shared repository to facilitate data
exchange; and the ability to access records
on demand though the data remains at the
original source.”
Appendix Q - HIE Implementation Model
Q37
DRAFT: Research and Recommendations for HIE Patient Consent Policy and Procedures Page | 6
integration standards necessary to connect to the statewide HIE, and offer tiered connectivity options for
providers to participate at a level compatible with their existing technology. Participants will be able to connect to
the HIE in three different ways depending on the maturity of their Electronic Health Record (EHR) system: web
portal access through the provider’s browser; access to a shared repository to facilitate data exchange; and the
ability to access records on demand through the data remains at the original source.
3.1 TECHNICAL INFRASTRUCTURE FOR STATEWIDE HIE
OHIP will create a trusted HIE platform that ultimately allows for the secure, electronic exchange of patient
information in real time. The HIE will not be a centralized repository or huge database; but will be a hybrid model
enabling federated access to data that remains stored at the original source of creation whenever possible.
Ohio is very fortunate to have many knowledgeable and
actively engaged stakeholders interested in OHIP’s technical
development strategy and they have been very clear and
consistent in their message to OHIP regarding their desires for
infrastructure design. These messages have been the
foundation of OHIP’s technology principles and development
strategy and are detailed below:
A sustainable, technical infrastructure that connects and leverages existing HIE activity as well as links providers, health plans, labs, pharmacies and other healthcare stakeholders currently not connected;
Desire for a hybrid model that only stores data within the HIE Master Patient Index necessary to facilitate exchange;
Desire for discovery and location services that streamline the identification of trusted sources both inside the state and across state borders;
Clear and consistent use of federally endorsed interoperability standards where defined and, where not defined, OHIP will set the standards;
Assurance that the privacy and security of patient data is consistent with Ohio and federal laws;
Recognition of the rapidly evolving standards environment and the need to select an innovative and easily adaptable technical platform;
Recognition of the incremental interoperability among stakeholders (i.e., the varying degree of technical capability of stakeholders);
Recognition that the historically separate administrative and clinical data flows are blending and will have significant impact on the future cash flow of providers; and
The strong desire for execution, action and deliverables.
These messages have formed the following action steps for OHIP toward the development of a statewide HIE
infrastructure:
Release of Request for Information (RFI) to potential HIE vendors in First Quarter 2010
Selection of 8 HIE vendors to participate in RFP process in April 2010
Completion of HIE State Plan in July 2010
“The HIE will not be a centralized repository
or huge database; but will be a hybrid
model that enables access to data that
remains stored at the original source of
creation whenever possible.”
Appendix Q - HIE Implementation Model
Q38
DRAFT: Research and Recommendations for HIE Patient Consent Policy and Procedures Page | 7
Release of HIE vendor Request for Proposals (RFP) in September 2010
Selection of HIE vendor in January 2011
Implementation of core services in June 2011
The core attributes of the HIE are identified in Table 1: Core Attributes of OHIP HIE.
TABLE 1: CORE ATTRIBUTES OF OHIP STATEWIDE HIE
Core Attribute Characteristics of the OHIP statewide HIE
Nature of Participants Involves multiple stakeholders across the patient care setting including hospitals, physician offices, community health centers, large academic medical centers, nursing homes, ambulatory surgery centers, county and state health departments, other government health agencies, labs and pharmacies
All patients receiving treatment in Ohio can participate in the HIE regardless of health status and insurance
Governance Structure State designated nonprofit entity
Strong leadership from founding members including representatives from: Ohio Hospital Association, Ohio Osteopathic Association, Ohio State Medical Association, State of Ohio and BioOhio
Purpose of exchange/mission Improve quality, safety, accessibility, availability and efficiency of health care for the citizens of Ohio
Type of information exchanges
Clinical data, prescriptions, lab results, patient care summaries, registry and surveillance data
How information is exchanged
The HIE will not be a centralized repository or huge database; but will be a hybrid model that enables access to data that remains stored at the original source of creation whenever possible.
Scope of services Privacy
Security (Authorization, Authentication, Access Controls and Auditing)
Consent Policy Development
HIE Sustainability
Enforcement of Policies and Procedures
4. POLICY DEVELOPMENT PROCESS
As previously mentioned, the OHIP Executive Board creates workgroups to address specific needs for the
development of the statewide HIE. Originally, a Committee was formed to address all of the Privacy and Security
issues surrounding HIE. This Committee held a kick‐off meeting on September 1, 2010 to devise a strategy to meet
the privacy and security objectives established by the OHIP Board in its State Plan. The Committee is comprised of
stakeholders throughout Ohio with representation from providers, practice managers, hospitals, Medicaid, and
Osteopathic and Allopathic associations. After the first two meetings, the Committee determined that given the
complexity of Ohio case law related to privacy and the background of their membership the best direction would
be to focus entirely on the privacy and policy aspects of HIE, and the Committee became the OHIP Privacy and
Policy Committee. The HIE Committee will assume the role of providing guidance on the technical security
components needed for the HIE, as this Committee’s membership has a technical background. The Privacy and
Policy Committee reports to the HIE Committee on a monthly basis to ensure that the privacy policies are
developed in tandem with security policies. The work of both Committees is presented to the full OHIP Board on
an as needed basis.
Appendix Q - HIE Implementation Model
Q39
DRAFT: Research and Recommendations for HIE Patient Consent Policy and Procedures Page | 8
4.1 PHASED APPROACH TO RECOMMENDATIONS
The Privacy and Policy Committee adopted a four‐phase approach to develop the policies and procedures for the
statewide HIE related to privacy. The first phase included a review of the work of a previous Ohio legal work group
created to address privacy concerns as part of the national Health Information Security and Privacy Collaboration
(HISPC) as well as a review of Ohio law, consent models of other states, publications from the Office of Civil Rights
and publications from ONC.
During Phase II, the Committee compiled their research and drafted the recommendations for the standardized
consent policies and procedures found in this document. Phase III of the Committee’s work will include soliciting
stakeholder feedback surrounding the policies presented in this document, making revisions as necessary and
presenting the revised recommendations to the OHIP board for final approval. During this phase, the Committee
will work to address any items that were not included in the original recommendations, such as administrative
services and sensitive information. The final phase, Phase IV, of the Committee’s work will include the creation of
a comprehensive policy and procedure manual that will include the required Participant Agreements, Business
Associate Agreements and Trust Agreements for the statewide HIE.
The work conducted thus far and planned for in the future is itemized in Table 2: Privacy and Policy Committee
Work Phases.
TABLE 2: PRIVACY AND POLICY COMMITTEE WORK PHASES
Phase I 9/1/10‐ 10/20/10
Review work of HISPC Legal Work Group
Update model permission form created by HISPC Legal Work Group
Review ONC Tiger Team Privacy Directives
Review Ohio statutes and rules related to medical record privacy
Review Ohio Case Law
Research other State consent models
Phase II 10/20/10‐12/10/10
Draft summary of items reviewed in Phase I and recommendations for standardized consent policies and procedures
Review Research and Recommendations at December 1st Committee meeting
Present Research and Recommendations to OHIP Board on Dec 10th
Phase III 12/10/10‐ 3/2/11
90 day period to solicit stakeholder feedback on recommended consent policies and procedures
The document will be posted on the OHIP webpage, sent to provider associations, RECs and a summary of the document will be prepared for consumer associations
The recommendations will be adjusted if needed and resubmitted to OHIP board
Items not included in original recommendations will be addressed including sensitive health information, privacy rights of minors, research and the transfer of administrative data
During this period of public comment, the Privacy and Policy Committee will draft Business Associate Agreements, Participant Agreements and a formal Policy and Procedures Manual
Phase IV 3/2/11‐ 5/25/11
Final Policy and Procedures Manual approved by OHIP Board
Final Participant Agreements, Business Associate Agreements, and Technical Certificate Agreements approved by OHIP Board
The Privacy and Policy Committee will address the consent required for administrative transactions in this
Appendix Q - HIE Implementation Model
Q40
DRAFT: Research and Recommendations for HIE Patient Consent Policy and Procedures Page | 9
time period which will then undergo a public review process similar to that performed for consent for treatment
4.2 REVIEW OF PREVIOUS WORK CONDUCTED BY HISPC
The OHIP Privacy and Policy Committee is continuing the work conducted by the HISPC Legal Work Group that was
active from June 2006 to July 2009. Ohio was one of 42 states that participated in the HISPC project. HISPC was a
nationwide effort lead by RTI International. The goal of the HISPC project was to identify the state and federal
laws that create barriers to information exchange within and between states, and to recommend solutions to
overcome those barriers. This group examined a myriad of issues related to privacy and security challenges
relative to the electronic exchange of health information.
HISPC Phase I required an assessment of state law and business policies that affect HIE and proposal of practical
solutions, taking into account the requirements of state and federal law. Ohio identified variations in Ohio law as
compared to federal law that affect HIE in the specific scenarios presented by HHS. Ohio’s final report outlined the
variations discovered and concludes, for the most part, that there are no legal barriers in the sense that covered
entities must apply both federal and state law, or whichever law is more stringent, in order to use or disclose or
exchange health information. The HISPC report does not address the merits of trying to update state law to be
more conducive to privacy, security or exchange concerns. The HISPC Legal Work Group identified that Ohio has
consent requirements for not only specially protected information such as HIV/AIDS, mental health, and drug
abuse and alcohol records, but also for treatment, payment and health care operations as evidenced by Ohio
statute (ORC Section 3701.74), Ohio case law interpreting the statutory physician/patient privilege (ORC Section
2317.02(B)) and Ohio case law interpreting the physician duty of confidentiality and recognizing the tort for
unauthorized, unprivileged disclosure to a third party of nonpublic medical information learned from a
physician/patient relationship.
4.3 MODEL PERMISSION FORM
The HISPC Legal Work Group produced a two‐part model permission form, hereafter referred to as the Ohio Law
Consent form, which complies with state and federal requirements for use, disclosure and exchange of information
as of December 2007. The Ohio Law Consent form is a model permission form that reconciles state and federal law
into two documents, one for the use of treatment, payment and operations (TPO) and one for non‐TPO purposes.
The TPO form demonstrates the baseline consent needed for a physician to treat a patient and release information
for treatment and payment purposes. The second form is a Health Information Portability & Accountability Act
(HIPAA) compliant authorization for use and disclosure of health records for non‐TPO purposes. The OHIP Privacy
and Policy Committee updated the legal citations and forms as necessary. They are found in Appendices A and B.
4.4 REVIEW OF ONC DIRECTIVES
The Privacy and Policy Committee reviewed information disseminated by ONC and is following the work of their
Tiger Team that is currently addressing and receiving public comment on the issue of consent.
The Tiger Team identified a set of principles constituting good data stewardship to build a foundation of public
trust in the collection, access, use and disclosure of a health record. These principles were reviewed by and guided
the work of the OHIP Privacy and Policy Committee. They are listed in Table 3: ONC Tiger Team Principles.
Appendix Q - HIE Implementation Model
Q41
DRAFT: Research and Recommendations for HIE Patient Consent Policy and Procedures Page | 10
TABLE 3: ONC TIGER TEAM PRINCIPLES
4.5 CONSENT ENVIRONMENT UNDER OHIO LAW
The Privacy and Policy Committee started its analysis of the Ohio law that applies to consent to use health records
with the work already performed by the HISPC Legal Work Group, discussed further above. The Committee
reviewed
the HISPC report;
Ohio law pertaining to the statutory provision for a patient or authorized representative’s access to
records;
Ohio’s physician/patient privilege law;
and Ohio’s tort of unauthorized, unprivileged disclosure of medical information.
While no specific Ohio statute exits that requires written patient consent for medical record disclosure when used
for treatment purposes, there is an Ohio statute that contains an express requirement for written patient consent
when a health provider discloses medical records to the patient, the patient’s authorized representative or to a
third party. In addition, Ohio case law interpreting physician/patient privilege and the recognition of the tort for
unauthorized disclosure of nonpublic medical information show a strong support in Ohio law for the patient’s right
to confidentiality of medical records absent disclosures required by law or disclosures necessary to protect a
countervailing interest that outweighs the patient’s interest in confidentiality. Thus there is no one place where
one can go and find Ohio’s stance on whether patient consent is required for medical record disclosure for
treatment purposes. As a result, there are differing views around the state as to whether explicit written
Individual Access – Individuals should be provided with a simple and timely means to access and obtain their individually identifiable health information in a readable form and format.
Correction – Individuals should be provided with a timely means to dispute the accuracy or integrity of their individually identifiable health information, and to have erroneous information corrected or to have a dispute documented if their requests are denied.
Openness and Transparency – There should be openness and transparency about policies, procedures and technologies that directly affect individuals and/or their individually identifiable health information.
Individual Choice – Individuals should be provided a reasonable opportunity and capability to make informed decisions about the collection, use and disclosure of their individually identifiable health information.
Collection, Use and Disclosure Limitation – Individually identifiable health information should be collected, used, and/or disclosed only to the extent necessary to accomplish a specified purpose(s) and never to discriminate inappropriately.
Data Quality and Integrity – Persons and entities should take reasonable steps to ensure that individually identifiable health information is complete, accurate, and up‐to‐date to the extent necessary for the person’s or entity’s intended purposes and has not been altered or destroyed in an unauthorized manner.
Safeguards – Individually identifiable health information should be protected with reasonable administrative, technical and physical safeguards to ensure its confidentiality, integrity and availability and to prevent unauthorized or inappropriate access, use or disclosure.
Accountability – These principles should be implemented, and adherence assured, through appropriate monitoring and other means and methods should be in place to report and mitigate non‐adherence and breaches.
SOURCE: http://healthit.hhs.gov/portal/server.pt/gateway/PTARGS_0_10731_848088_0_0_18/NationwidePS_Framework‐5.pdf
Appendix Q - HIE Implementation Model
Q42
DRAFT: Research and Recommendations for HIE Patient Consent Policy and Procedures Page | 11
consent is required for disclosures of health records when disclosed for treatment. Due to this complexity, Ohio
health care providers have adopted patient consent policies and procedures that differ throughout the state.
Accordingly, after reviewing Ohio law and considering the principles of openness and transparency (identified by
the ONC Tiger Team), the Committee is recommending that the HIE provide patients with a choice to opt‐in to
allow the HIE to access their health records. The Committee is also recommending that the HIE require
participants, such as hospitals and physician practices, to use a standardized consent form to permit them to
access a patient’s record through the HIE which will reassure patients that all HIE participants are meeting
applicable consent requirements for exchange of their health records. A summary of the analysis of Ohio law
related to patient consent is included in Appendices C and D.
4.6 REVIEW OF OTHER STATES CONSENT MODELS
The Committee conducted a thorough examination of the policies and procedures of other states that are in the
process or have created an HIE. Performing additional due diligence, a number of Committee members contacted
several state privacy staff experts and discussed their adoption process and the steps they took to develop consent
models in their states. The information learned on these calls informed the work of the Committee. This
additional research revealed that the optimal solution to the issue of consent would be specific federal legislation
regarding the consent required for electronic exchange of health information or state legislation that clearly
directs Ohio practitioners to follow the current federal guidance. The Committee created a table to capture the
summary of the models and enabling legislation of other state consent models and it is included in Appendix E.
4.7 CONSENT ENVIRONMENT UNDER HIPAA
In addition to the Ohio consent law discussed above, the federal Health Insurance Portability and Accountability
Act (HIPAA) affects how health care providers may access, use and disclose a patient’s records. Unlike Ohio law,
HIPAA does not require a patient’s consent for a health care provider to use or disclose a patient’s record for
purposes of the patient’s own treatment, or payment for their treatment. The differing requirements under
HIPAA and Ohio law have created some confusion among health care providers and patients about consent
requirements. However, HIPAA defers to state law where state law offers more privacy protection or stronger
individual’s rights relative to patient health information. As a result, the Committee concluded that although
HIPAA does not require patient consent to use the patient’s health record for treatment and payment, the HIE
must obtain consent from the patient to “opt‐in” to allow a health care provider to obtain the record using the HIE
(HIE Consent) because of the stricter Ohio law consent requirements discussed above. To eliminate the need for
the HIE Consent and to align Ohio law with HIPAA would require Ohio to change its statutes to permit health
record exchange using an HIE without patient consent.
In addition, the Committee contacted the federal Office of Civil
Rights (which interprets and enforces HIPAA) to confirm that
HIPAA permits an HIE to create an index of the patient’s whose
information is accessible through the HIE (the Master Patient
Index) by asking participating health care providers to give the
HIE limited information about the patients who have records
stored on their systems. The Committee was able to confirm
that the Office of Civil Rights views an HIE as a “business
“the Committee concluded that although
HIPAA does not require patient consent to
use the patient’s health record for
treatment and payment, the HIE must
obtain consent from the patient to “opt‐in”
to allow a health care provider to obtain
the record using the HIE (HIE Consent)
because of the stricter Ohio law consent
Appendix Q - HIE Implementation Model
Q43
DRAFT: Research and Recommendations for HIE Patient Consent Policy and Procedures Page | 12
associate” under HIPAA. Under HIPAA, a “business associate” is an organization that assists a health care provider
in performing certain health‐related or administrative functions, and receives, creates or maintains health record
information in connection with these activities. HIPAA allows health care providers to give health records to
“business associates” for these permitted purposes, including for purposes of an HIE. Health care providers that
participate in the HIE will treat the HIE as their “business associate.” Most health care provider participants will
use the HIE only as a conduit to ask for and receive health records that are stored at another health care provider.
A small number of health care provider participants in the HIE may store their health records on systems operated
by the HIE, if for example, they do not have appropriate storage systems. In either case, participating health care
providers will upload applicable health record information to the HIE under the terms of a Business Associate
Agreement that meets all HIPAA requirements. However, when a patient’s participating health care provider
wants to access a patient’s record using the HIE (such as a treating the provider seeking and want to find the
patient’s records located on another health care provider’s system), the health care provider will need to obtain an
HIE Consent to permit them to get the patient’s record using the HIE.
5. CURRENT CONSENT ENVIRONMENT
Health information exchanges across the country are struggling to define what constitutes adequate and
meaningful patient consent in this new era of electronic exchange of health information. Opinions are varied
among stakeholders as to what is required legally, what is appropriate for risk management purposes, what
constitutes the best public policy, what will hold up in an evolving market of commercialization of health
information and what is feasible from an implementation perspective. The introduction of a statewide HIE
represents a paradigm shift in the way information is shared among health care providers. In today’s largely
paper‐based world, the patient generally manages the exchange his or her health information between providers.
In order for Provider A to obtain health information from Provider B, the patient must tell Provider A that he or she
is receiving care from Provider B, would like their health information to be shared and sign a form confirming this
request. In the paper‐based world, the patient is the gatekeeper of the records and, in many instances, the courier
of the records.
The HIE will remove many of the current burdens placed on
patients surrounding the exchange of their health records.
Instead of the patient facilitating the exchange through direct
dialogue between previous and current providers, the patient is
now only required to provide consent to the current provider.
This enables current providers to reach out to large networks of
clinicians that have administered care to the patient and obtain
a more accurate and complete record of the patient’s previous
care. The HIE will eliminate the burden of gathering and
transporting paper records, help prevent duplicate tests and
procedures and ensure that providers have the best information
available to make coordinated medical decisions.
“The HIE will remove many of the current
burdens placed on patients surrounding
the exchange of their health records.
Instead of the patient facilitating the
exchange through direct dialogue between
previous and current providers, the patient
is now only required to provide consent to
the current provider.”
Appendix Q - HIE Implementation Model
Q44
DRAFT: Research and Recommendations for HIE Patient Consent Policy and Procedures Page | 13
6. RECOMMENDED POLICY AND PROCESSES FOR OHIP HIE
After reviewing the work conducted by the HISPC workgroup, the consent policies of other states, Ohio law and
Ohio case law, and ONC privacy directives, the Committee crafted recommendations on the consent process for
the statewide HIE. These recommendations balance the need to protect patient privacy rights with the goal of
enabling a highly interoperable HIE. The recommendations are summarized in Table 4: Recommended Policy and
Processes for OHIP HIE, and a more through explanation of each recommendation follows.
TABLE 4: RECOMMENDED POLICY AND PROCESSES FOR OHIP HIE
6.1 SCOPE OF GOVERNED ACTIVITIES
All entities participating in the statewide HIE will be required to follow the policies and procedures established by
OHIP. Participants in the HIE will include:
Hospitals (Including Critical Access and Federally Qualified Hospitals)
County and State Health Departments
Physician Offices
Community Health Centers
Large Academic Medical Centers
Nursing Homes
Ambulatory Surgery Centers
Labs
Pharmacies
Other Government Health Agencies
1. Scope of Governed Activities of Statewide HIEThe policies for consent apply to all entities in the state that wish to share information on the statewide HIE. The initial scope of information exchange is for treatment purposes only, which includes uses that are likely to be expected by a patient and bring the patient direct medical benefit.
2. HIE Participant Requirements In order for an entity to participate in the Statewide HIE, the participant will be required to sign a Business Associate Agreement (BAA) and a Participant Agreement. These agreements will require participants to comply with current laws, policies and procedures pertaining to patient consent, and adopt the consent policies developed by OHIP to access a patient’s health record using the HIE.
Population of the OHIP Master Patient Index (MPI) OHIP will populate a Master Patient Index (MPI) with basic demographic information. The information within the HIE will not be available to participant entities until affirmative patient consent for the Participant to access the HIE is obtained.
3. Patient Engagement OHIP will implement a patient outreach plan to educate the public about the statewide HIE and the consent policies that govern health records. 4. Consent Every entity participating in the statewide HIE must obtain a signed HIE Consent form from the patient prior to viewing the patient’s medical records. The consent for accessing data on the statewide HIE has a time limit of one year. The OHIP statewide HIE will have policies and procedures in place to ensure the occurrence of audits and transparency of operations. Consent standards will be enforced contractually and by OHIP staff.
Appendix Q - HIE Implementation Model
Q45
Attachment B
To become a successful HIE the term “liquidity” is often used. A liquid exchange is one where almost all consent
based queries succeed in finding information about a patient to inform medical decisions. An exchange would be
perceived as illiquid (i.e., unsuccessful) if a large number of queries result in failures. OHIP aspires to create a
liquid exchange and the key to this is stakeholder support.
6.1.2 USES OF HEALTH INFORMATION
The HIE Consent form will be for uses expected by a patient and benefit the patient directly. These uses currently
include:
Information exchange for the purposes of treatment;
Quality improvement; and
Care management.
Treatment is defined as the provision, coordination, or management of health care and related services among
health care providers or by a health care provider, and may include providers sharing information with a third
party. Consultation between health care providers regarding a patient and the referral of a patient from one
health care provider to another also are included within the definition of treatment. All participating entities must
follow these policies and procedures. The following elements or uses are from the first phase of implementation of
the HIE:
De‐identified data and
Sensitive health information
Health records of minors
Administrative Transactions
6.1.2.1 DE‐IDENTIFIED DATA
While the disclosure of de‐identified data may be extremely useful to advance important healthcare research and
public health goals, it is not the intent of OHIP to address the use of this data at this time. Once the statewide HIE
is operational, and OHIP has engaged the public regarding this topic, the concept of using de‐identified data will be
addressed.
6.1.2.2 SENSITIVE HEALTH INFORMATION
The Code of Federal Regulations (42 CFR Part 2) sets forth limitations on the release of alcohol and drug related
health records maintained in connection with any federally assisted
alcohol and drug abuse program. This includes the requirement for
patient consent for disclosure to include the name/title of the
individual‐ organization to whom/which disclosure is to be made.
The Substance Abuse and Mental Health Services Administration
(SAMHSA), under HHS, has interpreted this provision as requiring
that a patient’s consent for inclusion of these records on an HIE list
the names of each person or organization to whom disclosures are
authorized, as well as the purposes for the disclosure. A similar
requirement is included in the Ohio Administrative Code section
applicable to release of information by agencies certified to provide mental health services by the Ohio
Department of Mental Health (OAC 5122‐27‐08).
At this point, there is uncertainty as to whether the statewide HIE will be capable of permitting a selective/granular
exchange of records among specific participants in order to comply with the regulatory limitations outlined above.
Therefore, the Privacy and Policy Committee has recommended that alcohol, drug, and mental health records not
“…the Privacy and Policy Committee has
recommended that alcohol, drug, and
mental health records not be included in
the HIE until further relevant technical,
legal and policy considerations are
considered. This will take place in the
fourth phase of policy development.”
Appendix Q - HIE Implementation Model
Q46
DRAFT: Research and Recommendations for HIE Patient Consent Policy and Procedures Page | 15
be included in the HIE until further relevant technical, legal and policy considerations are considered. This will take
place in the fourth phase of policy development.
6.1.2.3 HEALTH RECORDS OF MINORS
The consent required for a physician to access the health records of minors will be addressed in Phase III which will
take place in the first quarter of 2011.
6.1.2.4 ADMINISTRATIVE TRANSACTIONS
OHIP will address administrative transactions in the second quarter or 2011 during Phase IV of the Committee’s
work. OHIP’s original HIE RFP chose not to seek an administrative vendor.
6.1.3 POLICIES AS THE FLOOR FOR INTERSTATE EXCHANGE
The policies set forth in this document will serve as the floor, rather than the ceiling of consent policies required
for exchange between the statewide HIE and exchanging with other states. These states may choose to implement
less stringent policies for HIE within their state, but if their participants desire to exchange with Ohio, they will be
required to have patients sign OHIP’s HIE Consent form before any information is exchanged.
6.2 HIE PARTICIPANT REQUIREMENTS
6.2.1 BUSINESS ASSOCIATE AND TECHNICAL CERTIFICATE
In order for an entity to join the statewide HIE as a Participant, it must follow a two‐stage connection protocol.
The first stage of this protocol will require the entity to provide all policies and procedures surrounding patient
consent to OHIP for review. The entity will then be asked to sign a Participant Trust Agreement and Business
Associate Agreement.
During the second stage of the protocol, the entity will conduct a trial exchange of patient data with the statewide
HIE. The complexity of the exchange will determine the level of connectivity between the entity and the HIE. This
test will determine whether the entity will connect to the HIE via a web portal or directly through its EHR. This two‐
stage protocol is shown in Diagram 1: OHIP Connection Protocols.
Appendix Q - HIE Implementation Model
Q47
DRAFT: Research and Recommendations for HIE Patient Consent Policy and Procedures Page | 16
DIAGRAM 1: OHIP CONNECTION PROTOCOLS
6.2.2 POPULATION OF THE MASTER PATIENT INDEX
The MPI must be a single‐source of truth with the most accurate and validated information available. Currently,
the most validated information regarding patients is held at the provider level. As providers adopt EHRs, they will
begin to create and update their records electronically. Once these providers have successfully completed the
OHIP on‐boarding process, their “validated” records (patient demographic data) will be uploaded to an interim
data store within the MPI. As these records are added, they will then be scrubbed (e.g., verified against identity
sources like Lexus‐Nexus) and posted to the production MPI, ensuring the highest probability of validity. The
statewide HIE will only hold the demographic information necessary to provide the highest, deterministic match on
its MPI. HIPAA regulations do not require consent for a health care provider to store or otherwise share patient
information with HIPAA identified business associates that hold the information purely as a custodian for the
provider. Health care providers are not required to obtain consent from patients when they store the patient’s
information on that patient with data warehouses or remotely hosted medical record systems. They also are not
required to obtain consent when they share information with medical transcription services, software vendors or
other business associates.
According to guidance from the Office of Civil Rights, an HIE:
“may receive protected health information from multiple covered entities, and manage, as a
business associate on their behalf, a master patient index for purposes of identifying and
linking all information about a particular individual. Disclosures to, and use of, a HIE for such
purposes is permitted as part of the participating covered entities’ health care operations
under the HIPAA Privacy Rule, to the extent the purpose of the master patient index is to
Appendix Q - HIE Implementation Model
Q48
DRAFT: Research and Recommendations for HIE Patient Consent Policy and Procedures Page | 17
facilitate the exchange of health information by those covered entities for purposes otherwise
permitted by the Privacy Rule, such as treatment.”
http://www.hhs.gov/ocr/privacy/hipaa/understanding/special/healthit/collectionusedisclosure.pdf
6.2.3 MOVEMENT OF A PATIENT HEALTH RECORD ACROSS THE STATEWIDE HIE
As previously mentioned, patient health records from multiple providers only will be available to a treating
physician if the patient has signed an HIE Consent form, identical to the current paper process for requesting
patient health records. If one thinks of the path that the health record will travel on as a highway, a patient’s
signature on the HIE Consent form allows the patient health record to board the on‐ramp and then the off‐ramp to
flow data into the office of a treating physician. A visual depicting the potential connections to the statewide HIE is
found in Diagram 2: Movement of a Patient Record Across the HIE. This diagram also shows that a treating
physician will only have accesses (after receiving patient consent) to the files of other HIE participants that have
met the OHIP two‐stage connection protocol process identified in Diagram 1 and have an executed Business
Associate Agreement, Participant Agreement and Technical Certificate with OHIP.
DIAGRAM 2: MOVEMENT OF A PATIENT HEALTH RECORD ACROSS THE HIE
Appendix Q - HIE Implementation Model
Q49
DRAFT: Research and Recommendations for HIE Patient Consent Policy and Procedures Page | 18
6.3 PATIENT ENGAGEMENT
OHIP will develop an educational campaign around patient consent and provide a policy and procedures toolkit.
OHIP recently hired a Communications Director who will lead the development of the plan. The Communications
Director has begun collaborating with the Privacy and Policy Committee, OHIP’s Regional Partners and the newly
formed Physician Association’s Advisory Council to develop the toolkit and campaign. The toolkit will be completed
by the end of December, with the campaign kicking off in January offering webinars and events and is planned to
continue through the July go live date. The campaign will include education on the state requirement for patient
consent for use and disclosure of patient information. A campaign to explain consent to the public also will be
developed.
6.4 CONSENT
The current laws that govern health information exchange were developed in a paper‐based world where the
decisions regarding what, how and to whom to communicate were generally made on a one‐to‐one basis by
clinicians and their patients. These current laws serve the patient’s privacy interests by restricting what can and
cannot be shared, and the terms which sharing takes place.
Human judgment and personal relationships play a major role
in information exchange decisions.
As previously stated, moving from a paper to an electronic
health system changes the information‐sharing dynamic. The
statewide HIE will facilitate a many to many relationship among
providers, enabling different information technology systems
and software applications to exchange information accurately,
effectively and consistently. This offers new opportunities to promote access to health care information, as well as
to facilitate the safety, quality and efficiency of health care. Patient control over health care information is
achieved through the requirement for HIE consent. Each participant in the statewide HIE must obtain an HIE
Consent from the patient that specifically references the statewide HIE prior to accessing her/his health
information.
Requiring patients to consent to the exchange of their information on the statewide HIE ensures that they know
how their information will be shared and used among statewide HIE entities. It also lets patients decide whether
to allow their information to be shared and used in this manner. Thus, the use of the HIE Consent form promotes
openness and transparency and stimulates patient choice as recommended by the Tiger Team. A provider or
payer organization participating in the statewide HIE must obtain an affirmative consent from the patient that
specifically references the statewide HIE prior to accessing the patient’s health information. This consent may be
executed by an electronic signature. The required consent may be obtained at the provider or payer organization
level and need not be at the individual clinician level. Once a provider or payer organization obtains patient
consent, it may access the patient’s information from any statewide HIE Participant that has information regarding
that individual. Diagram 3: Statewide HIE Patient Consent Process provides a visual to explain this process. It
depicts the consent process from the patient’s perspective. The first part of the process is explained in the pink
circle, obtaining consent for treatment and payment required by state and federal law. This currently should be
occurring in all provider offices. The second part of the process, identified in the grey circle, is the additional
“Each participant in the statewide HIE must
obtain a consent from the patient that
specifically references the statewide HIE
prior to accessing her/his health
information.”
Appendix Q - HIE Implementation Model
Q50
DRAFT: Research and Recommendations for HIE Patient Consent Policy and Procedures Page | 19
consent required for a patient to participate in the statewide HIE. The HIE Consent form will be used for this step
in the process.
DIAGRAM 3: STATEWIDE HIE PATIENT CONSENT PROCESS
6.4.1 APPLICATION OF CONSENT
Once the participant obtains consent, the consent may be used by the HIE participant for internal purposes during
that specific episode of care.
6.4.2 INFORMATION ABOUT PARTICIPATING ENTITIES
At the time a participant obtains an HIE consent from a patient, the participant must reference the OHIP website
that lists all of the statewide HIE participants that have signed Business Associate and Trust Agreements with OHIP
will be found. This list will be updated as entities are added and removed.
6.4.3 EXCEPTIONS TO CONSENT
6.4.3.1 PUBLIC HEALTH REPORTING
If the participant is required to disclose a patient’s record to a government agency for purposes of public health
reporting, including monitoring disease trends, conducting outbreak investigations, responding to public health
emergencies, assessing the comparative effectiveness of medical treatments, conducting adverse drug event
reporting without patient consent under applicable state and federal laws and regulations, the statewide HIE may
make those disclosures on behalf of the data supplier without consent, in the same manner as required with paper
based records.
Appendix Q - HIE Implementation Model
Q51
DRAFT: Research and Recommendations for HIE Patient Consent Policy and Procedures Page | 20
6.4.3.2 BREAK THE GLASS
Patient HIE consent will not be required for a provider to access a patient’s health record from the statewide HIE in
emergencies and the participant “may break the glass” if the following conditions are met:
Treatment may be provided to the patient without consent if in the practitioner’s judgment an emergency
condition exists.
The practitioner determines, in his or her reasonable judgment that information that may be held by the
Statewide HIE may be material to emergency treatment.
The practitioner attests that all of the foregoing conditions have been satisfied, and the OHIP software
maintains a record of this access.
6.4.3.3 CONVERTING DATA
Patient consent is not required for the conversion of paper records into electronic health record or for the
uploading of a health record from the records of a data supplier to the statewide HIE. If the statewide HIE is
serving as the Participant’s Business Associate (as defined in 45 C.F.R. 160.103), the statewide HIE does not make
the information accessible to participating entities until consent is obtained.
6.4.4 IMPROVEMENT AND EVALUATION OF STATEWIDE HIE
Affirmative consent is not required for the statewide HIE to access a patient’s record for the purpose of evaluation
and improving the operations of the statewide HIE for the benefit of the covered entities. Consistent with HIPAA,
access to a patient’s record should be limited to the minimum amount necessary to accomplish the intended
purpose of the use or disclosure.
6.4.5 TREATMENT AND COVERAGE NOT CONDITIONED ON CONSENT
Patients must be able to prevent any or all access to their personal health information from the statewide HIE
without being refused treatment or coverage. Provider or payer organizations must not condition treatment or
coverage on the patient’s willingness to provide access to the patient’s information through the statewide HIE.
6.4.6 CONSENT FORM
Consent to access information via the statewide HIE will be obtained using a model form developed by OHIP,
referred to as HIE Consent form in this document. Approval to access information will be denied in the absence of
this form. The form will include the elements identified in Table 5: HIE Consent Form Requirements.
Appendix Q - HIE Implementation Model
Q52
DRAFT: Research and Recommendations for HIE Patient Consent Policy and Procedures Page | 21
TABLE 5: HIE CONSENT FORM REQUIREMENTS
6.4.7 DURABILITY AND REVOCABILITY
The affirmative consent for accessing data on the statewide HIE has a time limit of one year. Revocation of
consent will prevent a participant from accessing information through the statewide HIE in the future. However,
any data that has been accessed by the participant in the past may remain part of the participants’ records.
6.4.8 AUDITS AND ENFORCEMENT
OHIP staff will implement the policies and procedures recommended by the Privacy and Policy Committee. With
the assistance of OHIP’s legal counsel, the Privacy and Policy Committee will develop a Participation Agreement
and Business Associate Agreement that will ensure all participants in the statewide HIE agree to adhere to the
policies and procedures when they are completed. OHIP staff will coordinate the execution and storage of all
required agreements and investigate any breaches, complaints and non‐compliance with the published policies
and procedures. System audit logs will be created and maintained for all events within the HIE. Utilizing IHE
Profiles ITI‐19 and ITI‐20, the HIE will preserve a consistent network time and record event data according to
recognized standards.
The HIE Consent form required to be signed for a physician to access a patient health record on the HIE will
include the following elements:
The information to which the patient is granting the participant access
The intended uses to which the information will be put by the participant
The relationship between the participant and the patient whose information will be accessed;
Certification that only those engaged in the intended uses may access the patient’s information;
Acknowledgement of the patient’s right to revoke consent and assurance that treatment will not be
affected as a result;
Whether and to what extent information is subject to re‐disclosure; information will be redisclosed
unless prohibited by state or federal law.
The consent will be valid for 365 days;
The signature of the patient or the patient’s Personal Representative; and
The date of execution of the consent.
Reference to all Participants at the time of the patient’s consent, as well as an acknowledgement that
Participants may change over time and instructions for patients to access an up to date list of
Participants through the OHIP website or other means
Appendix Q - HIE Implementation Model
Q53
DRAFT: Research and Recommendations for HIE Patient Consent Policy and Procedures Page | 22
The contractual language of the participant agreements will include periodic audits that will be conducted by an
outside vendor. The final version of these agreements and the Policy and Procedure manual will be made available
on the OHIP website and the OHIP help desk will answer questions about the policies and procedures.
7. NEXT STEPS
After the OHIP Board and stakeholders review the recommendations included in this document, the Privacy and Policy Committee will draft formal Policies and Procedures needed for the statewide HIE. In the interim, the Committee will address sensitive health information, privacy rights of minors, research and the transfer of non‐treatment related information. The result of these discussions will also be submitted for stakeholder review.
The next two phases that will result in a formal Policy and Procedure Manual and final BAA and Participant Agreements are identified below.
Phase III ‐ First Quarter of 2011
90 day period to solicit stakeholder feedback on recommended consent policies and procedures
The document will be posted on the OHIP webpage, sent to provider associations, RECs and a summary of the document will be prepared for consumer associations
Recommendations will be adjusted if needed and resubmitted to OHIP board
Items not included in original recommendations will be addressed including sensitive health information, privacy rights of minors, research and the transfer of administrative data and stakeholder feedback will be solicited
During this period of public comment, the Privacy and Policy Committee will draft Business Associate Agreements, Participant Agreements and a formal Policy and Procedures Manual
Phase IV‐ Second Quarter of 2011
• Final Policy and Procedures Manual approved by OHIP Board • Final Participant Agreements, Business Associate Agreements, and Technical Certificate Agreements
approved by OHIP Board • The Privacy and Policy Committee will address the consent required for administrative transactions in this
time period and undergo a public review process similar to that performed for consent for treatment
8. TERMS AND DEFINITIONS
Break the Glass‐ The ability of a health care provider, in the case of an emergency to access a patient’s protected health information without obtaining the patient’s consent. Business Associate Agreement‐ Under HIPAA, a “business associate” is an entity that assists a covered entity, such as a health care provider in performing certain health‐related or administrative functions, and receives, creates or maintains health record information in connection with these activities. HIPAA allows health care providers to give health records to “business associates” for these permitted purposes, including for purposes of an HIE, in exchange for the Business Associate’s agreement to pro ide privacy and security protections for the information. Consent‐ An express permission given by a patient for the exchange of his or her personal health information through an HIE in response to a clear and specific request for such permission or at the individual’s own initiative. Health record‐ A health record often contains demographic, clinical, financial and socioeconomic data. This paper provides recommendations for the consent required to exchange the demographic and clinical information required for treatment that is found in a health record. Recommendations for the consent requirements to
Appendix Q - HIE Implementation Model
Q54
DRAFT: Research and Recommendations for HIE Patient Consent Policy and Procedures Page | 23
exchange financial information about a patient will be forthcoming in later guidance from the OHIP Privacy and Policy Committee. HIE Consent Form‐ The form that must be read and signed by a patient before any HIE participant can access that patient’s health records on the HIE. HIE Participant‐ Hospitals, physician offices, community health centers, federally qualified health clinics, large academic medical centers, nursing homes, ambulatory surgery centers, labs and pharmacies are all potential participants in the OHIP HIE. HISPC‐ Health Information Security and Privacy Collaborative Ohio Law Consent form‐ The term “Ohio Law Consent” is used throughout the document to refer to the consent required by Ohio law for exchange of information for treatment and payment. This consent is the floor of consent in the state of Ohio and is a more thorough consent than that required by HIPAA. ONC‐ Office of the National Coordinator for Health Information Technology at the Department of Health and Human Services. Privacy and Policy Committee (Committee)‐ The Committee created by OHIP to address the privacy issues related to establishing OHIP’s HIE
Appendix Q - HIE Implementation Model
Q55