Healthcare leaders are engaging us in a variety of discussions to explore intelligent automation’s role for complex business challenges, ranging from efforts to enhance consumer trust and use artificial intelligence (AI) in effective ways, to navigating change that comes with prior authorization mandates. This series shares key insights coming from those discussions.  

As the saying goes, diamonds are made under pressure, and the most impactful opportunities are often those that challenge leaders the most. 

Prior Authorization, In a Nutshell

The CMS Prior Authorization mandate, which goes into effect on January 1, 2026, aims to reduce guesswork for healthcare consumers and the administrative burden on care teams, and to improve patient/member care by streamlining processes and enhancing the exchange of health information. 

Enabling prior authorization through API development is a good start; however, APIs are not a comprehensive solution. Rather, the introduction of multiple third-party APIs creates new processes and steps, often prompting manual follow-ups to track and connect data gathered from multiple sources. In addition, these new data points require new data models and methods to handle patient data.  

To address these inherent challenges, healthcare leaders are prioritizing investments in interoperability and automation technologies. 

Intelligent Automation Supports Prior Authorization and Business Efficiencies

True trust-enhancing transparency can be unlocked through intelligent automation. This is especially true as low-code, more-approachable AI, machine learning (ML) and Generative AI (GenAI) capabilities enter the mix. 

Intelligent automation connects digital process automation (DPA), robotic process automation (RPA), and artificial intelligence (AI) to deliver efficient and intelligent processes and align all aspects of your organization with the vision of constant process improvement, technological integration, and increasing consumer value. 

Although DPA, RPA and AI don’t make final decisions, they can streamline and leverage information, so the right decision gets made. Health insurers are always seeking access to actionable information about their members while adhering to data privacy laws and regulations. 

Getting to that actionable data requires multiple considerations: 

• Using best practices to assemble and curate the right data fields for any given use case 

• A continuous process of identifying and resolving issues in core systems 

• Appropriate environments in which to store data to maintain its integrity, security, and accessibility 

• Only then can you effectively enable specific sub-functions (i.e. functions that ingest the data then act or recommend actions) to happen accurately and on time 

Streamline and Optimize Prior Auth Processes

Every step in the prior authorization process has potential for improvement using intelligent automation. It can support, enhance, and accelerate based on rules engines, event logs, decision rules, and simple automations of high-volume processes. 

These intelligent tools streamline information sharing between payers and providers, reducing the need for repeated exchanges and guesswork, enhancing clinical review, and ensuring timely, accurate decisions. 

Intelligent automation rapidly optimizes the prior authorization workflows that occur at the edge of what can conveniently and cost-effectively be managed through APIs. AI and machine learning (ML) can assist required communications, reporting, and decision flows in many ways, including: 

• Orchestration: Automate the coordination of tasks and data flow between disparate systems and stakeholders. 

• Monitoring: Continuously track the status of prior authorization requests and flag any issues or delays. 

• Standardization: Ensure consistent repeatable workflows and processes across all systems to facilitate smoother information exchange. 

YOU MAY ALSO ENJOY: Evolving Healthcare: Generative AI Strategy for Payers and Providers 

Best Practices to Transform Prior Authorization Experiences

Intelligent automation enhances and overlays existing systems, helping to accelerate the prior authorization process with greater efficiency and generating insights into any recurring root causes in process breakdowns. 

As you’re approaching your prior authorization initiatives, we recommend the following transformation best practices: 

Transformation Tip #1: Cross-Functional Feedback

Maintaining cross-functional feedback is essential to identify and address pain points effectively. Automation allows for healthcare providers to quickly identify and communicate common pain points, such as inaccurate or incomplete record keeping, avoiding common pitfalls in the prior authorization process. 

Transformation Tip #2: Measurement and Tracking

Automated processes provide valuable insights for contracting, reporting requirements, and more. By measuring and tracking these processes, efficiency, effectiveness, and consumer experience are greatly impacted. This information can be used to improve upstream messaging to patients and members about prior authorizations.  

The overlay of technology not only increases operational efficiencies, but it also provides valuable insights that can be used to improve communication and support for consumers. 

Empowering Solutions for Healthcare

We partner with healthcare leaders to optimize prior authorization experiences and drive transparent, consistent engagement with consumers.  

Interested in learning more? In a recent webinar, our experts explored how better prior authorization experiences could enhance consumer trust in healthcare. 

Discover why we’ve been trusted by the 10 largest healthcare systems and 10 largest health insurers and are consistently recognized by Modern Healthcare as a leading healthcare consulting firm. Contact us today to explore how we can help you forge better experiences and improve outcomes.

The Hype Around Generative AI Continues

Many healthcare leaders are wondering if (and how) generative AI, the shiny new tool, could drive value in their organization.

Our recent discussions with Chief Medical Officers, Chief Information Officers, Chief Medical Information Officers, and a VP over Nursing point to this: AI can provide a huge amount of value when it comes to care delivery (e.g., point of care).

You may notice that I mentioned AI there and not, more specifically, generative AI.

Frankly, several of the most interesting care delivery use cases do involve generative AI, but they are not the only examples. And any truly innovative approach shouldn’t self-limit based on what’s absolutely hot in the market place. (Looking at you, generative AI.)

Many provider CIO’s and CDO’s tell us that the revenue cycle side of the equation is already supported by a number of helpful AI solutions. But, they stress, that doesn’t solve for some of the most vexing problems when it comes to clinician burnout. So in this post, I’ll focus on use cases for care delivery and how AI can help.

Care Delivery Use Cases: AI (and Generative AI, Too)

These use cases are just that – a list of possible uses for AI/ML and predictive analytics that drive some sort of value. AI can do a lot, but every use case assumes that the AI model or tool can be used with a system of engagement like an EMR.

SEE ALSO: Evolving Healthcare: Generative AI Strategy for Payers and Providers

I’ll break each of the use cases down by category:

Accelerate Imaging Decisions

We’ve helped our clients identify multiple imaging use cases, including the ability to:

• Flag radiology concerns: Use AI to review an image and perform a preliminary radiology modeling assessment. The focus is to help radiologists start with pre-identified concerns on a given x-ray, CAT scan, or MRI.
• Identify patients who need specialty support: This is similar to radiology in that an assessment occurs, but it would be for pulmonary nodules, liver transplant, kidney transplant, etc.

Streamline Referral Processes

AI could help to better manage the referral process. Of course, it would have to be paired with engagement technology and capabilities (which we also drive for our healthcare clients).

• Manage referrals: Receive a referral and apply an AI model to review referral data and determine the correct doctor or other component of the referral.  You can make this part of a referral management workflow which automates this step.
• Improve experiences: You can also automate the actual experience with the patient. communicate via the preferred channel, send emails or text with the referral info, and allow the patient to interact with an AI chatbot to schedule an appointment.

Support Operations With Deep Learning (DL) Insights

Delays in hospital throughput have negative impacts on financial and hospital optimization results. Insights derived from AI could help close the gap.

• Length of stay: Define potential length of stay in a variety of situations including pediatric, time study, overall patient population, etc.
• Readmission risk: Define the risk of readmission and identify the most likely cause of readmission; this AI model should identify the risk and then push the insight to an EMR.
• Left without being seen: Identify who will leave the ER before being seen.
• PT/OT/OT: Determine which patient should be treated with therapies; this becomes an aid to help the clinician diagnose and prescribe.

Support Patient Care Decision Making

Well-crafted models could support teams as they make decisions to support patient care.

• Testing decision-making: Define appropriate (and unnecessary) testing under certain conditions
• Evidence-based clinical decision-making: again, this AI model will help define clinical decisions that a clinician can then use in their decision making process
• Digital twins: digital twin data could be used to help define the overall best care for a patient

Auto Generate Medical Records

• Using ambient clinical intelligence, capture conversations between a patient and doctor or nurse and then generate an encounter in the EMR with any needed prescription or other information. Ideally, the doctor would review and approve the record and any actions coming from the visit. (This approach should be used for any patient interaction, whether it be a doctor, physician’s assistant, nurse practitioner, or nurse.)

Streamline Clinicians’ In-Baskets

Most clinicians feel buried in their in-basket and need help to quickly identify what needs quick action and what can be delayed or even automated. AI and generative AI could support in a number of ways:

• Better manage the in basket. Auto-categorize the message and make it easy for the important things to rise to the top. Auto-forward messages where appropriate. Auto-generate forms and filters to help in quick response to a given in basket message.

Support the OR

• Optimize the schedule: Based on a variety of factors
• Help with surgical correct counts: Help to automate or even review to ensure no foreign elements remain inside post surgery

Elevate Patient Charts

Every clinician reviews a chart before and after speaking with a patient. You can use AI models for variety of purposes:

• Auto-flag risk profile or patient risk scoring
• Auto compile quality data results (in many hospitals, this is still a fully manual process)
• Auto-chart review to auto-populate frequent screens
• Pull in SDOH predictors of delayed discharge

Support Quality Audits

• Auto compile data audits. Take the manual process, feed data to a model and compile a quality audit. This is technically a generative AI use case but one not top-of-mind.

Ease Digital Interactions, Using the Digital Front Door

What you’ll quickly notice is that this category differs from the others.  It deals more with digital interactions either before or after the point of care. That said, AI can still impact care delivery for things like correct identification of issues before a patient arrive.

• Use AI to schedule appointments. Remember that scheduling an appointment many times relies on a practitioner’s skills and knowledge before actual creating the appointment.
  • Is the physician seeing patients?
  • Is this a specialist who can only be scheduled under the right conditions?
  • Will the physician be in a location at the time the patient wants to schedule?
• Self-triage with a suggested appointment time and scheduling options
• Use AI in a symptom checker and pair it with a chat bot to push to an e-visit, if applicable

Better Outcomes for Patients and Clinicians

One thing you will notice is that care delivery use cases focus on two main needs: 1) clinician burnout – in essence, making a doctor or nurse’s life easier – and 2) better care for the patient – getting them to the right care more quickly. AI offers tremendous potential to create better outcomes for both patients and clinicians.

In my next post, I’ll focus on correct prioritization.

Expert Digital Health Services: Imagine, Create, Engineer, Run

Our healthcare and data experts can help you identify AI opportunities and build a pragmatic implementation plan that holistically considers data, technology, and people.

Drive Outcomes in Healthcare With AI

This is a continuation of my previous discussion on PHI and Online Tracking.  We know you have to be extremely careful when using tracking technologies. This is even true on .com site where you don’t login.  Even with extra care there are a number of ways in which you can track activity and events on healthcare related web sites.

What you can and cannot do

Remember that the guidance stresses that you have to treat analytics under the same constraints as other technologies which access PHI.  HIPAA still applies.  This means you can work with HIPAA.

Can Do

• Communicate with patients and members as you create the right conditions for better health outcomes
• Use all tools as long as there is no chance of gathering PHI.
• Work with patients and members across many channels a
• Use a tag manager to funnel data to HIPAA compliant repositories
• Can send form submits via a POST

Cannot Do

• Use any web or social analytics tool that cannot meet HIPAA guidelines
• Use a Tag Manager to funnel events that may contain PHI to non-compliants tools
• Send form data with PHI in the clear to any tool. This includes HIPAA compliant tools
• Cannot send form submits via a GET which puts potential PHI in the url

Implications of HHS Guidance

When you look at the various ways in which site do their tracking, there are implications that you need to think through and address.

1. Must choose the correct tag management and analytics solution. Remember that tag management solutions send tracking data to a range of possible sources
2. It’s not feasible to just disable analytics tracking on certain pages.  Yes, you can disables tracking on form pages, in find a doctor apps and other areas.  However, I would refer to this as cutting off your nose to spite your face.  You can do it but why would you disable tracking when it’s most important and you want to know what and when a potential member or patient converts?
3. Any tracking should be reviewed.  Facebook, Google, and other vendors have a variety of tracking tools.  Whatever you use on your sites including hotjar should be reviewed.
4. All authenticated experiences fall under HIPAA
5. Many un-authenticated experiences fall under HIPAA
6. Outbound campaigns are less impacted by this.  Yes, you still need to be HIPAA compliant but if your campaign is compliant then tracking the results should also be compliant

Technologies

The good news is that you can still use tracking technologies. The vendor needs to be HIPAA compliant and if the solution is in the cloud, the vendor must sign a BAA.  There are solutions out there and I’ll address that in a future post.

Now that bad news, the most common solution used by a very large majority of healthcare organizations, Google Analytics, cannot be used.  Google has done their own analysis based on this guidance and has published the resulting note:

Customers must refrain from using Google Analytics in any way that may create obligations under HIPAA for Google. HIPAA-regulated entities using Google Analytics must refrain from exposing to Google any data that may be considered Protected Health Information (PHI), even if not expressly described as PII in Google’s contracts and policies. Google makes no representations that Google Analytics satisfies HIPAA requirements and does not offer Business Associate Agreements in connection with this service.

For HIPAA-regulated entities looking to determine how to configure Google Analytics on their properties, the HHS bulletin provides specific guidance on when data may and may not qualify as PHI. Here are some additional steps you should take to ensure your use of Google Analytics is permissible:

• Customers who are subject to HIPAA must not use Google Analytics in any way that implicates Google’s access to, or collection of, PHI, and may only use Google Analytics on pages that are not HIPAA-covered.
• Authenticated pages are likely to be HIPAA-covered and customers should not set Google Analytics tags on those pages.
• Unauthenticated pages that are related to the provision of health care services, including as described in the HHS bulletin, are more likely to be HIPAA-covered, and customers should not set Google Analytics tags on HIPAA-covered pages..

Note that this guidance states that a healthcare organization should not use Google Analytics or Google Tag Manager where HIPAA may be present. Many organizations use these tools under conditions that the new guidance suggests they should not.

In my next post, I’ll explore possible solutions to this challenge.

Recently, the Health and Human Services Department (HHS) came out with guidance regarding the use of online analytics technologies.  This guidance will impact a lot of Provider and even some payer websites.  This includes hospitals, clinics, medical groups, imaging centers, and more. It gives more insight into how healthcare organizations can better ensure patient data is not inadvertently revealed.

Why Guidance and Not a Rule

This guidance has to with HIPAA which is an existing law and for which many organizations already spend a lot of effort ensuring the privacy of that data.  the guidance focuses on where most people might think there is no issue. Many think that Patient data is behind firewalls and logins and not available on a simple .com site. Why should we worry?  It turns out that there is risk and we need to ensure we do incorrectly expose the wrong data.  Here’s what the HHS have to say about this guidance on their web site.

Tracking technologies are used to collect and analyze information about how users interact with regulated entities’ websites or mobile applications (“apps”). For example, a regulated entity may engage a technology vendor to perform such analysis as part of the regulated entity’s health care operations.⁵ The HIPAA Rules apply when the information that regulated entities collect through tracking technologies or disclose to tracking technology vendors includes protected health information (PHI).⁶ Some regulated entities may share sensitive information with online tracking technology vendors and such sharing may be unauthorized disclosures of PHI with such vendors.⁷Regulated entities are not permitted to use tracking technologies in a manner that would result in impermissible disclosures⁸ of PHI to tracking technology vendors or any other violations of the HIPAA Rules. For example, disclosures of PHI to tracking technology vendors for marketing purposes, without individuals’ HIPAA-compliant authorizations, would constitute impermissible disclosures.⁹

What Advice Does HHS give?

Let’s break down the advice around tracking and HIPAA

• This is applicable to online tracking technologies. (web analytics, embedded scripts, etc.)
• HIPAA rules apply when information collected is disclosed to the tracking tools
• Providers are NOT permitted to use tracking technologies that result in PHI disclosures
• This applies to authenticated and unauthenticated scenarios
• For example, gathering PHI during an online appointment schedule
• IP addresses count as PHI
• You need to determine if a tracking vendor requires a BAA

What Do Providers Need To Address

Even simple web sites like your hospital’s main site can collect PHI.  Let me walk you through some examples of where you must be very careful about the use of web tracking technologies.

Find a Doctor

When you schedule an appointment you collect PHI in the form of  name, address, reason for the appointment, type of doctor you are seeing, etc.  If you use a web tracker of any kind as you capture this information and that web tracker captures this PHI in their public, unencrypted cloud, then you have a HIPAA violation.

Class or Interest Forms

Many hospitals provide classes and newsletters but as they capture information to register interest or register for the class, they may tie identifying information to a condition.

Clinical Trial Finder

In the same vein, registering interesting in a specific clinical trial then that interest has a potential to capture PHI if you also use non-HIPAA compliant tools to track these transactions.

The Bottom Line

Providers need to be very careful when using web and social analytics tracking tools on their public facing sites.  These sites do capture PHI.  All Providers sites already securely capture it in a variety of forms for transfer to their internal systems.  Providers just need to ensure that other analytics tools don’t capture that data and deposit it in their public cloud.

I’ll discuss some additional challenges and do’s and don’t around PHI and web analytics next time.

The other day a question came up on what extra due diligence do we need to do as we adhere to HIPAA compliance requirements. My first thought was that, of course, we do comply by embracing that extra due diligence in everything we deliver.

But of course, the devil is in the details. Those details get a little thorny when you create good front-end experiences without crossing the line and sharing any information.

Let me discuss three examples of how you can create a better consumer experience while still taking HIPAA into account:

1. Register for a patient portal
2. Patient Registration with an online form
3. Personalization on a site

Registering on a Patient Portal

Many hospitals commonly require physical signatures and ID before giving access to your patient portal. Technically, this meets all the demands of HIPAA and ensures your privacy. But it requires a lot of extra time just to get access to something most patients won’t access all that frequently. You can set up a process like this, but consider other options.

Other industries commonly use information about you to help with self-verification. What if you could:

1. Start registration with your name, MRN, and a couple of other pieces of information
2. Go through a process where you answer very specific questions like, “Where you got your first loan?” or “What car did you buy in 1999?”
3. Finish with some additional email verification

This type of an approach makes it possible to let patients register for the portal without a physical signature or a trip to hospital. It ensures it’s you because you have key pieces of information known only to you. It ensures your patients don’t start with a bad experience in the digital world they share with you.

Of course, any process like this must be vetted with your compliance organization and with legal. We found that a combination of those two helps to get past issues where one group may only focus on the perceived issues and not on how to adhere to the law and give a better experience.

Online Forms

We’ve all been there. You fill out a pre-registration form and it goes through seven different screens. 98% of that information already exists somewhere in that clinic or hospital records, but you get to do it all over again.

It’s as if they don’t know you despite having access to that very information. It is possible to solve this frustration, but you must be careful. You want to use this data to pre-populate a form, but you must do this in a safe and effective manner.

Here are some thoughts:

1. If you have a custom portal, don’t store PHI on that portal. Make real-time calls to more secure back-end systems to get that information
2. Don’t key information like social security number in the open. You can partially mask it and have a user confirm that the last four digits are correct
3. Verify that the information you “need” is truly what you need and not too much
4. Have two versions of forms: One longer form for new patients and one shorter for existing patients. Once they login, you can give them a better experience.
5. Use these types of events to suggest that now is a great time to sign up for the portal.

Remember that you can take small steps to create a better digital experience. It just takes thought and effort.

Personalizing the Experience

Regardless of industry, every company or organization wants to create a more personalized experienced. Most find it to be incredibly difficult. Health Care Organizations (HCO’s) find it even more so.

How do you use insights about a patient having high blood pressure to help them learn more about their diagnosis and provide options to proactively address the issue? You shouldn’t just come right out and state it. That’s especially true when they are on a public, non-logged in site.

But you can provide insights.

For example, you can have an area with relevant articles from a health library. If you have online classes or other events, you can make them aware of it without explicitly saying anything.

Finally, if they click on these personalized article or classes, you can also make them aware of excellent clinicians who can treat someone with their condition and why anyone who has it needs to take a first step.

This approach isn’t perfect, but it ensures that if someone is curious enough to come to your site and identify themselves, then you can guide them in the right direction to addressing their health needs.

YOU MAY ALSO ENJOY – Hip On HIPAA: The Secret Sauce to Successful Marketing Campaigns

Struggling to Meld HIPAA Compliance and Great Experiences?

We can help. Reach out, and let’s talk.

At Perficient, we see a lot of our partners investing in healthcare in general.  Most of our partners have evolved to the point where their tools are HIPAA compliant and many are willing to sign BAA’s.  I think it’s significant then that Microsoft’s recent announcement that Microsoft Cloud for Healthcare is generally available. Getting beyond core compliance demands that software vendors meet core business needs.  In healthcare, that’s harder than it looks.  Microsoft has chosen to go about this in a variety of ways.  Cloud for Healthcare brings together a range of products into one offering:

1. Azure Cloud
2. AI Healthbots
3. Microsoft 365
4. Dynamics 365
5. Integration in the cloud that support FHIR and other key interoperability standards

Bringing together an assortment of tools bodes well when it comes to meeting the range of challenges Healthcare organizations face and that is good news.

We can finally talk about the actual investment being made in strategy.  Most people want a strategy to start at, “What steps am I going to take?”  Most people find it painful to think about and do the Insights and Ideas steps discussed in previous posts. While those other elements are essential, it’s where the rubber meets the road that you finally fill the gap. It’s here that you get to make a plan that justifies the investment, and that delivers the actual value.  That said, this final strategy phase contains more than just a roadmap.  It’s here that you plan, justify the investment, and start the work.  Think of it as three key elements:

1. Outcomes
2. Program
3. Roadmap

Outcomes

While many skip this step, it’s good to define your specific objectives and key results. By critical results, we mean the actual measurable outcomes you expect.  Don’t fall back on simple measures like the number of page views and the number of downloads.  If your investment will increase customer engagement, sell more product, sign up more subscriptions, schedule more appointments, etc., then focus on that.  Be as ruthless as your CEO is going to be when asking if this is worth what is probably a substantial investment.

In the process, don’t forget about a benefit model, e.g., what specific benefits do you get?  How can you measure those?  Can the benefits provide enough value to justify the actual cost?  Doing your homework here aligns everyone early on and dissipates any complaints later in the project.

Program

The program focuses on the basic set of the project or the “program”  It should also include any change management needs you have. We find that Organizational Change Management (OCM) is needed in every single large program or initiative.  You need to make a case for change, identify the differences, communicate the plan/results, and train people to successfully roll out new functionality.  From an OCM perspective, remember one best practice, start early. Don’t start two weeks before you launch a crucial system.

If your strategy involves multiple projects or workstreams, then you should plan on forming a program and managing these at a program level.  Allocate resources to the program. This includes program management and technical expertise.

Roadmap

The roadmap represents the culmination of the effort. Here you develop your 18-24 month roadmap. Anything beyond 24 months is unrealistic.  You will see too much change at that time to plan beyond it.  When working on the roadmap, remember these best practices:

1. Put your roadmap in a tool where it’s easy to change.  I use Excel for that reason. This is a living document. It will change.
2. Communicate and iterate.  Show the roadmap to everyone involved. Let them know what you plan and why.  Take the feedback and incorporate it.
3. Start with a straw man.  Don’t start with a blank slate and have a meeting with 15 people.  No one deserves that kind of painful meeting. Take a core team of 2-3 and create your first draft. Then fill it out as you get feedback from a larger group.
4. Let the roadmap take into account people and processes.  You will need to incorporate governance, change management, hiring, and training.
5. Show the delivery of capabilities.  Yes, you should model many elements that are more technical in nature, but you want people to see progress as you deliver value to your end-users.
6. Take into account priorities.  No one will approve a roadmap that only delivers value in the 2nd year.
7. Take into account the level of effort.  What are the easy wins?  Have you mapped those activities in where it makes sense?
8. Do not forget critical dependencies.   If you are a retail organization that wants to use your physical locations to enhance a digital experience, then look at all needed, like process automation, inventory, employee communication tools, etc.  If you are a hospital that wants to allow for online scheduling, then take into account not just the delivery of a front end but also of the scheduling system and the API’s involved.
9. Don’t overload too much in any one time period.  This is a long-haul effort.  Get the team and resources allocated for the long haul.
10. Model in how you will measure the value of the effort.
11. Do plan on Agile, Cloud, and other technology best practices.  Strategy implies change, so make changes that set you up for the future.

Bottom Line

Let me hearken back to the initial challenge of a gap in strategy from my first post in this series

“These strategies by their very nature can only go so far. They identify high level actions to take but naturally don’t get into the detail. That’s for the specific initiatives and projects that come from it. Many companies just launch right into it which can result in ineffectual results”

The overall framework for strategy takes a beautiful high-level strategy and gives it enough detail to become actionable.  This final step shows the exact action you want to take and what kind of results you can expect.  It closes the gaps and puts a lovely ribbon on it.

This is part 3 of filling the gap in strategy. You can find a general introduction and a deeper dive into insights if you want to catch up.  We believe that there tends to be a gap in strategy when a business strategy meets the operational elements.  In other words, a beautiful strategy may point you in the right direction, but you typically need a plan on how you will implement the strategy. That plan cannot start with a roadmap, though. You have to understand where you are and how you are going to get there.

Today we are going to transition from insights to ideas.  In other words, how to create your plan by making critical decisions from a business and technology standpoint.  Think of it in terms of some friendly descriptors:

• Explore: explore options, define your customers’ experience, understand what you are trying to achieve
• Iterate: Dive deeper, engage both customers and a range of employees in your organization, map capabilities to what you are trying to achieve
• Decide: Make operations and technology decisions that align with your defined customer experience and plan.

Now that probably sounds a bit soft. You can’t make a plan on explore, iterate, and decide. You can use these as guiding principals. Specifically, you want to do the following:

1. Experience: What experience do you want to create for your customers?  What experience will employees need to make that experience?
2. Operations: What capabilities do you need to create the experiences defined above?
3. Technology: Which technologies will enable those capabilities and experiences?

Experience

I’ve referenced before that you can’t start with vision and goals.  Now is the time to state your vision based on your overarching business strategy and the insights you gained from the previous strategy phase.  So do it, define your vision. Make goals on how you can measure success. Once that’s done, then use a few tools that ensure you know where you are going. If you are creating a customer experience with both front end interfaces powered by back end systems, then define the journey for these customers.

At the same time, don’t forget about your employees. What do they need to create those experiences?  Do they need sales tools? Relationship management tools?  Hardware?  Training?  Define it and make all of that part of your plan.

Finally, you can experiment in this phase. Perhaps you need to prototype a few systems or tools just to ensure that your plans are possible.

Operations

You have to focus on operations to make all this work.  While governance and process mapping sound boring, they drive success. We suggest three high-level activities:

1. Digital Capabilities: Look at your experience and define the capabilities needed to deliver that experience. For example, if you are a retail shop and want to provide digital commerce to the store, what does that look like?  What capabilities do you need to allow someone to order a customized product and arrive in the store?  What do employees need to create an excellent experience for that customer when he walks in to pick up the product? Do you need additional tools in the store to do final customization?   Create a capabilities map on this and the entire spectrum.  At the same time, begin to prioritize what brings the most significant business value.
2. Business Process Mapping: map out the process.  How will you do the intake?  What can be automated?  Who needs to participate?
3. Digital Operating Model: The model is the full set of operating elements. Bring it all together, so you know how you will address the needs.

Technology

As always, we expect technology to fulfill a large part of your plan. Whether it be grassroots systems like storage and automation, a new mobile app, or better and more scalable experience driven by AI, you need to map digital capabilities to technology.  Start with what you have. What can you reuse or upgrade?  With the gaps, define which products will get you moving fastest.  Choose the new tools and create the standards for their use. Remember that business has a seat at the table too. If they can’t see the technology meeting the need, they will go buy their own tools. That can and will create inefficiencies.

Bottom Line

What Perficient calls “Ideas” represents an intermediate step. Here you make decisions that drive experience, matures your business, and aligns technology.  You haven’t reached your end state from a strategic perspective. You still need to define your specific outcomes, create your program, and represent a roadmap.  But this phase gives you the building blocks that will allow you to make those final blocks.

The CMS Final Rule sparked some interesting conversations and problem-solving among the interoperability team at Perficient. It’s one of the first times payer or health insurers had to react to these types of rules. The way they treat the data and the location of all the data makes this a different ball game than what you have to follow if you were a hospital. That means that while the basic rules understanding remains the same, the solutions you consider are actually quite different.

The Ask

Earlier this year, CMS / ONC released their much anticipated “Final Rule” which mandates that payers who have anything to do with federally related plans have to do the following:

• Patient Access API: Provide a FHIR-based API that lets patients access their claims and encounter information through 3rd party applications
• Provider Directory API: Make Provider Directory information available through a publicly available FHIR-based API
• Payer-to-Payer Transfer: Allow members or patients to request transfer of their records to another payer

Payers that meet key criteria must make these capabilities available and must do it following open standards like FHIR, SmartIG, and OpenID.

READ MORE: Fast Healthcare Interoperability Resources (FHIR) Explained

The Challenge

While many payers already have data and integration platforms available, most are not set up to make this data publicly available. In addition, a lot of this data resides in a range of systems. Those systems also have overlapping data. Therein lies the issue. Overlapping data means you have to find it, transform it, and deduplicate that data. It’s possible to make a real-time call, but the more duplicates you have and the higher the overlap of data, then the more you need to do.

In other words, just creating a FHIR API won’t allow you to meet the need.

YOU MAY ALSO ENJOY: Healthcare PowerByte: Interoperability – Make Data a Strategic Business Asset  

Deciding on Solutions

Most of the early debate in our team was what type of architecture would meet the criteria demanded by the CMS Final Rule. Unfortunately, no one architectural approach will work for every payer. This allows integration platforms with FHIR support and FHIR server type solutions to enter the mix. They can even co-exist depending on your ecosystem of platforms and data sources.

In order to make a decision, you need to take into account the following:

• Where does your patient / member information reside? Is it in multiple location for claims, eye exams data, clinical data, etc.?
• Where does your provider information reside?  Is it easily accessible via an API?
• Is there a lot of overlap of data in the various data sources?
• Do you have a hard time pulling from the data sources and mapping it to the correct member?
• Do you already have (or will you soon have) an integration and API management platform? (NOTE: Both can be needed.)

A Few Thoughts on Possible Solutions

As noted, not everyone will land on the same solution.

Larger organizational structures and larger numbers of data sources drives you toward a more complex solution set. I would put the solution in a few categories:

1. For those that have few data sources like mainly just claims data, you can consider using an integration and API management vendor to front both provider and patient data and to serve up the FHIR-based resources.
2. For more complex, you can consider a FHIR Server or FHIR “solution.” This may need to be paired with the enterprise integration and API Management platform. This approach means the following:
   • You pull all the data into one central location
   • You perform data transformation and de-duplication on it so that patient data is correctly defined
   • This data will not be real time; by it’s nature, there will be some latency
   • The normalized data can then be called securely by whatever is fronting your API’s
3. A hybrid option can work if your provider data is easily accessible and already centralized
   • API platform calls provider data and enables a FHIR API
   • Centralized patient data platform for the more complex patient data scenarios

SUCCESS STORY: Empowering Healthcare Consumers and Their Care Ecosystems With Interoperable Data

The bottom line is that each organization has a variety of options. You always have to take your systems and your data into account to create your final architecture.

Just remember that FHIR is the standard and not the solution. Most of the heavy lifting occurs behind the actual FHIR call.

Have questions about your near- or long-term integration and interoperability goals. Our experts can help. Contact us to get started.

I introduced filling the gap in strategy in my last blog post and want to dive in deeper on one element.  Many times, people want to start with Vision or a similar exercise.  The idea being that if there is a gap in your strategy then the obvious next step is to discuss your vision for it and what you are going to do.  It’s an obvious step but it shouldn’t be the next step. Too often, we make decisions in a vacuum. People make decisions without enough data.  I want to focus on the preferred next step which is insights. At Perficient we think of insights in three ways:

1. Market: what’s happening in the marketplace?
2. Business: What are the pain points with your business?
3. Systems: What technology do you have today? Is it up to date?  Does it work well?  Is it capable of scaling? Is it agile enough to meet your needs?

Market

You can use a variety of tools and research to get this insight.  We don’t suggest you do everything but we do suggest you take the time to focus on where you are today.   You want concrete reliable information that tells you if you are winning or losing and for what reasons.  You can’t react to your competitors if you don’t know what they are doing and if it’s impacting you.  Here’s a couple ideas on what you might do.

• Purchase research from your industry group, Forrester, Gartner, etc.
• Interview your customers who are leaving for a competitors
• Contract someone like Perficient to do a market analysis and who likely has a clients in your industry
• Do research on your own on what’s happening. Industry web sites, magazines, and even simple Google search can yield a significant amount of information

Business

What is your business doing right?  How happy are your customers?  Focus on the specific area. If you are talking Customer Experience then focus on that. If you are talking about other areas or are specifically focused on a portal for example then ask relevant questions to that area.  You want to understand what’s working and what’s not so you know where to focus. As always, you must focus on what’s important to the customer.  There are a lot of activities you might include in this area:

1. Internal surveys to gauge how needs are being met in a range of areas
2. External surveys to gauge how your customers feel
3. User research around the current customer experience, pain points, etc.
4. Analytics to determine trends. You can even dive into predictive analytics. One customer used predictive analytics to understand when a customer is about to leave.  That drove additional insights into what the business needs to change

Systems

If strategy drives you to what your next steps should be, technology tends to be an enabler of those steps.  The bad news is that it tends to be expensive and no one wants to bolt on 3 different systems to meet a need unless new technology is critical to the need.  You want to assess the current state and ask key questions related to your specific area.

• What are the technologies that are used in this area?
  • Focus on front and back end systems.  Don’t just think about the lipstick experience component.
• What will be sunset as an old technology?
• What gaps exist in your technology tools

Bottom Line

Take the time to take a step back and understand where you are from a variety of viewpoints.  Then you can move forward to decision making.  It will make the overall strategy process easy and will make it more collaborative as everyone aligns to to true vs perceived inputs.

As many who follow Perficient know, we recently completed our largest acquisition to date with bringing PSL on board.  Our healthcare practice is excited for a number of reasons that I want to explore but it boils down to quality offshore development. We think it makes a lot of sense for Healthcare Organizations (HCO) to look closely at an offshore practice like PSL.  But first, let me give some highlights before diving into why we think this makes sense for Perficient and for our Healthcare clients.

By the Numbers

In this day and age, you don’t buy a fledgling offshore firm. That’s especially true when Perficient already has significant quality capability in our various India and China offices.  So you want quality and scale and that’s what brought us to them

I want to highlight that the scale of people and the scale of technologies is key here.  Perficient takes on work we can succeed at and that only works if you have the necessary skills.

Then of course there’s the quality side of things. Our first offshore office in China was the first that we know to achieve CMMI Level 5 for Agile certification in the world.  PSL was the first to achieve it in Latin America and was the 8th in the world.  The focus on quality makes a difference.

By Alignment

Anyone who has been through a merger knows that cultural fit and alignment are kings.  When you take two different business cultures and push them together, success only comes if they can merge together in shared values and shared goals.  If you have widely divergent goals and values then you increase the likelihood of failure.  Now think about what this means for consulting projects in general and offshore projects in particular.  You must create those same share values and goals. The first time I heard from PSL and then the first time I spoke to them the following came shared value came through

1. Focus on Quality Offshore Development.  I mentioned that they too received CMMI certification very early on.  We share that not because we love the certification but because of what the certification brought us
2. Success.  Every one says they want success but I heard on sentence from PSL that we at Perficient use quite a bit.  “We have told a client we won’t do certain work if it’s not within our skill set.”  In that particular case 2/3 of the project mentioned was alignd but we didn’t focus on one technology that was key to the project.  They walked away.  We’ve done that ourselves rather than take on something where we would have a high likelihood of failing out client.
3. Evolution.  Over time, Perficient has reinvented itself several times. PSL seems to have done that as well.  They evolve technical capabilities. They focus on improving their employees skills. They focus on constant internal improvement with Agile methodologies, testings, and DevOps.
4. Culture.  In my discussions it was obvious the cultural fit was high.  It makes for an easier understanding between our teams and with our clients

What It Means to Healthcare

You’ll notice that I have yet to discuss a single technology capability yet.  That will come a little later.  In reality, we’ve learned that just having offshore capability doesn’t lead to success.  You have to set the offshore project up for success.  There are best practices.  Both the client and the consulting firm have to invest in it.  That’s why we are excited about what our new capabilities with PSL will bring value to our healthcare clients.  Here’s a couple reasons

1. Our partners in Colombia have a consulting mind set.  The first answer to the question, “Will you do this” isn’t necessarily yes. Sometimes you have to help clients understand the pros and cons of what they want to do to ensure they make the right decisions.  This leads to quality offshore development
2. Time zone.  Being in the same time zone as the US (Eastern) means it’s easier to communicate.  Since communication is one of those important ingredients then we can work less hard at it
3. Wide range of technical capabilities.  This includes testing, devops, integration, data, and cloud.  If there’s a common theme we see among our healthcare clients it’s that they are starting to move towards cloud and agile in a big way.  That includes the use of cloud for data and integration capabilities.  The alignment of skills makes a lot of sense
4. Lower overall costs. Like other offshore centers, our Colombia GDC has significantly lower costs than what you find in the United Stated.  This helps when you only have so much budget but you still want to maintain high quality
5. Product and Agile mind set.  Many of the Colombia GDC clients use them to create and improve products.  In many ways they are the product development team.  Now you might wonder why is that relevant to healthcare?  Many of our more innovative clients in the payer, provider, and medical device worlds are actively creating products that they want to use internally and market to others.  Our Colombia GDC bring the right mindset and experience to do this.

I’ll focus the next post on more in depth details on how our Colombia GDC aligns to healthcare.

It should be no surprise to hear that Healthcare Organizations (HCO’s) of all kinds are moving to the cloud.  I see most of our provider and payor clients, making significant investments. Some of the platforms they use were evaluated in The Forrester Wave: Enterprise Health Clouds, Q3 2019, a taste of which can be found in this Forrester blog post.

If you read the actual report, you’ll see that each vendor has specific strengths. IBM Cloud differentiates with its breadth of healthcare analytics. Google Cloud Platform shines bright with its healthcare API. And Microsoft Azure stands out with its healthcare-savvy partner network. I believe each vendor needs to focus on a well-rounded approach. Let me give you our list of essential requirements culled from several clients cloud projects:

1. Support key healthcare standards like FHIR, HL7, SmartIG, and OpenID.  Of course, it’s a given that any solution is HIPAA compliant.
2. Provide API management and other API related capabilities
3. Provide additional tools to manage data flow. This includes ETL / ELT.
4. Provide a data warehouse and data lake capabilities.  You want to store a lot of this data and make it available.
5. Give a payor or provider options to integrate and interact with existing tools and systems.  It’s not all cloud tools all the time.
6. Provide tools and options to enable heavy lifting and processing in the cloud.  What I’m really talking about is the porting and/or creation of scalable apps in the cloud.
7. Make it easy to gain insights from the data in the cloud.
8. Make it easy to transfer the insight to some system of action.

Examples of How Cloud Trends With Our Clients

While not an exhaustive list, we see a lot happening with our healthcare clients.  Hopefully, it gives you some ideas on general trends and why Enterprise Health Cloud is essential.

• Data Warehouse.  Many clients are using the cloud for data warehouse and analytics needs. What’s interesting is that many of our clients use the data warehouse in the cloud but continue to use 3rd party ETL tool for transfer and transformation.
• Analytics: Less of a huge trend and more of a note that many HCO’s see a synergy between data tools and analytics tools that leads to an Azure /PowerBI approach, for example.
• Predictive Modeling: Almost by default these days we see many HCO’s use cloud-based tools to create models
• Enterprise Heavy Lifting.  Both payors and providers are going to the cloud and using a variety of vendors to create native cloud apps that scale and are cost-effective. In one case, a client even used cloud-based services to replace a well-known vendor workflow-based platform.
• API, and API management.  Gone are the ESB and SOA days.  We see many of HCO’s using cloud-based tools. Not all choose this route, but enough do that it’s a trend, and we are starting to see clients just expect the cloud platform to do the integration.
  • We should note that since all the major platforms support HL7, FHIR, and other essential standards, there aren’t any major roadblocks in this area.
• Smart Chatbot: I want to say AI and Machine Learning, but the reality is that while many are using AI/ML for chatbots, this is still an evolving area.  Many HCO’s are still dipping their toes in the water for more advanced usage

The Bottom Line

No one doubts that the enterprise health cloud is here to stay.  All the major cloud vendors will continue to make significant investments in cloud capabilities. Those investments will extend far beyond support for regulatory standards and policies.  You should look closely at both their current support and where each vendor’s healthcare roadmap will take them.