There are many new requirements that cause sleepless nights for a hospital CIO. The first one is obviously the requirement to implement electronic health records in a meaningful manner. This is not as easy as it sounds, as there are three stages to comply with, each with increasing requirements to achieve the goals of more efficient and higher quality healthcare delivery.
However, as Dr. Elliott Sloane mentioned during his presentation as part of the Meaningful Use Symposium, it is not all about Meaningful Use (MU), but, rather about Meaningful Interoperability. The MU requirements should not be the end goal but just the beginning, remember that even the stage-3 requirements of MU only scratch the surface as many of the requirements for interoperability may be met for less than 100% of true interoperability.
The next item that keeps a CIO turning over in bed at night is the ICD-10 conversion. In general, it appears to me that US-based executives often fail to look at the experiences of their counterparts abroad and learn from them. With regard to ICD-10, there are many lessons to be learned from our Canadian colleagues as they went through this experience. As a matter of fact, one could argue that it is about time the US begin migrating to ICD-10 clinical coding systems as the UK already migrated in 1995, and the Canadians did so in 2001. ICD-9 is outdated with some codes that originated as far back as 1979, and is severely limited with only 3-5 characters to cover about 14,000 codes.
The number of ICD-10 codes is approaching 70,000 and can easily be extended. ICD-10 implementation will have a major impact on coding, clinical documentation and workflow. The good news is that the new codes should provide benefits to providers, as more accurate data is available for decision support and business intelligence. This will come at a price though; the Rand Corporation estimated conversion to ICD-10 will have a price tag between $400 million and $1.2 billion; add to that training costs estimated by HHS at $1.6 billion.
The Canadian experience showed that there will be a significant initial negative productivity impact resulting from ICD-10 implementation. Data from a regional hospital in Toronto showed that the number of charts updated in their day surgery department dropped initially from 10.7 per hour to 3.8 per hour and it took a year to get to the current level of 8.5 per hour. The good news is that the amount of data available for data mining provides more precision for decision support with greater accuracy and much more granularity. For example, ICD-9 only has one code to indicate pain in a limb. The new coding system has 30 codes allowing specification of pain in the arm, fore-arm, toe, even which finger, and also a modifier to specify left or right. Another procedure, angioplasty went from a single code to 70 different codes.
Another issue depriving CIOs of sleep is the Jan. 1, 2012 deadline for meeting the HIPAA 5010 requirements. These requirements specify the electronic exchange between providers and health plans and includes the electronic exchange of administrative and financial information for patient care services, including eligibility inquiries, service (treatment) authorization and referrals, claims status requests, as well as, claims and remittance advice (claims payment). These changes are closely related to the ICD-10 implementation as the coding of the diagnosis is a critical component of the claim information.
As a matter of fact, the old 4010 standard does not support the new codes. The new security and privacy regulations, which are also referred to as HIPAA 2.0, overlap with some Meaningful Use requirements as it is mentioned that meaningful EHR implementations should address privacy and security concerns. Until now, HIPAA has not been that strictly enforced, and many institutions have been providing more lip service than substantive changes to the way they operate. Many institutions did not even perform comprehensive security and privacy risk analysis. Now, security and privacy are not optional but required in order to qualify for the HITECH incentives. A major impact of HIPAA 2.0 will be how covered entities deal with business associates and their subcontractors as the providers now have a more direct liability for compliance by their associates.
It is an exciting time to be involved with healthcare IT, however, one might need some sleeping pills to get the needed rest as there will be many challenges the coming few years. However, it will impact patient care only for the better.
Herman Oosterwijk, VP OTech Media, live from HIMSS