Tag Archives: Health

CMS takes Blue Button 2.0 API offline due to coding error

A bug in the Blue Button 2.0 API codebase has potentially exposed the protected health information of 10,000 beneficiaries and caused the Centers for Medicare & Medicaid Services to pull the service offline.

Blue Button 2.0 is a standards-based API that gives Medicare beneficiaries the ability to connect their claims data to apps and services they trust.

In a blog post, CMS said a third-party application partner reported a data anomaly with the Blue Button 2.0 API on Dec. 4. CMS verified the anomaly and immediately suspended API access. The bug could cause beneficiary PHI to be shared with another beneficiary, or the wrong Blue Button 2.0 application, according to the post.

CMS said access to the API will remain closed while the agency conducts a full review, and restoration of the service is pending. The agency has not detected intrusion by unauthorized users or an outside source.

The incident is playing out against a backdrop of federal regulators like CMS pushing for healthcare organizations to use APIs that would give patients greater access to their health data. Yet a concern among healthcare CIOs is that the drive toward interoperability is ahead of app developers’ technical ability to safely facilitate that sharing of health data, said Clyde Hewitt, executive advisor for healthcare cybersecurity firm CynergisTek Inc., in Austin, Texas.

CynergisTek executive advisor Clyde HewittClyde Hewitt

“There is a massive push for data interoperability, and organizations that spend a lot of time looking at the security and privacy issues around this realize that the need to share data is probably outrunning the technical savvy of the developers to get solid interface specification,” Hewitt said.

The issue

Medicare beneficiaries authorize third-party apps to use their Medicare claims data through Blue Button 2.0, and the Blue Button 2.0 system verifies users through a CMS identity management system. The identity management system uses a code to provide randomly generated, unique user IDs, which Blue Button 2.0 uses to identify each beneficiary.

The data anomaly was “truncating” user IDs from a 128-bit user ID to a 96-bit user ID, which was too short to be sufficiently random to “uniquely identify a single user,” according to the blog post. As a result, Blue Button 2.0 began assigning the same user IDs to different beneficiaries.

The root cause of the problem is unclear. CMS said the code causing the bug was implemented Jan. 11, 2018 and that a comprehensive review of the code was not completed at the time, which may have identified the coding error.

CMS also said the identity management system code was not tested, stating that “assumptions were made” by the Blue Button 2.0 team that the identity management system code worked but was not validated.

The coding error should be a warning to healthcare organizations as they march toward interoperability and the use of APIs, according to Hewitt. They should, for example, put greater emphasis on regression testing, which is used to make sure a recent code change hasn’t negatively impacted existing software. CMS failed to do just that.

“You can’t make changes to your system without looking at how it’s going to impact other systems,” Hewitt said. “As this spider web continues to grow, doing an end-to-end test becomes more and more complicated.”

What CMS is doing now

The Blue Button 2.0 team has implemented a new review and validation process to make sure coding errors are caught before being implemented within Blue Button 2.0 or other CMS APIs, according to the blog post.

The team is also adding additional monitoring and alerting for Blue Button 2.0, and CMS is updating Blue Button 2.0 code to store full user IDs instead of shortened versions, meaning all users will be asked to re-authenticate with Blue Button 2.0 so the system can generate new user IDs.

Fewer than 10,000 beneficiaries and 30 apps were affected by the issue, CMS said, and it was contained to Blue Button 2.0 users and developers. The issue didn’t affect Medicare beneficiaries who do not use the API.

Before bringing the API back online, CMS said the Blue Button 2.0 team will be adding additional auditing layers at the API database level, as well as the API level to give more details into user activity and provide greater traceability to actions the API takes. Monitoring and alerting capabilities are also being enhanced to notify CMS of unexpected changes in data.

Constellation Research vice president and principal analyst David ChouDavid Chou

David Chou, vice president and principal analyst at Constellation Research in Cupertino, Calif., said while the PHI exposure from this incident may not be as damaging as in other incidents, if CMS discovers more security issues after it conducts its review, it will cause alarm in the industry.

“This is a learning experience and I am optimistic that CMS will get past this with a new and improved Blue Button,” he said.

Yet Chou believes the Blue Button 2.0 initiative has been a good thing overall, and said CMS should be recognized for their effort to improve interoperability in healthcare.

Go to Original Article
Author:

For Sale – Mid-2011 iMac 21″, i5, 8Gb RAM, 500Gb HDD

Hi all, I’m selling my mid-2011 iMac which runs with 8Gb of RAM and a 500Gb hard drive (health check approved). It’s the 21″ screen version.

The device is in great condition aside from a scratch on the front of the bottom bezel (down in photo).

It’s currently running Mac OS X High Sierra.

The official wireless keyboard and mouse are included in the sale.

Feel free to ask any questions, collection preferred due to the size (TS18 – Stockton)

Many thanks

Go to Original Article
Author:

Google-Ascension deal reveals murky side of sharing health data

One of the largest nonprofit health systems in the U.S. created headlines when it was revealed that it was sharing patient data with Google — under codename Project Nightingale.

Ascension, a Catholic health system based in St. Louis, partnered with Google to transition the health system’s infrastructure to the Google Cloud Platform, to use the Google G Suite productivity and collaboration tools, and to explore the tech giant’s artificial intelligence and machine learning applications. By doing so, it is giving Google access to patient data, which the search giant can use to inform its own products.

The partnership appears to be technically and legally sound, according to experts. After news broke, Ascension released a statement saying the partnership is HIPAA-compliant and a business associate agreement, a contract required by the federal government that spells out each party’s responsibility for protected health information, is in place. Yet reports from The Wall Street Journal and The Guardian about the possible improper transfer of 50 million patients’ data has resulted in an Office for Civil Rights inquiry into the Google-Ascension partnership.

Legality aside, the resounding reaction to the partnership speaks to a lack of transparency in healthcare. Organizations should see the response as both an example of what not to do, as well as a call to make patients more aware of how they’re using health data, especially as consumer companies known for collecting and using data for profit become their partners.

Partnership breeds legal, ethical concerns

Forrester Research senior analyst Jeff Becker said Google entered into a similar strategic partnership with Mayo Clinic in September, and the coverage was largely positive.

Forrester Research senior analyst Jeff Becker Jeff Becker

According to a Mayo Clinic news release, the nonprofit academic medical center based in Rochester, Minn., selected Google Cloud to be “the cornerstone of its digital transformation,” and the clinic would use “advanced cloud computing, data analytics, machine learning and artificial intelligence” to improve healthcare delivery.

But Ascension wasn’t as forthcoming with its Google partnership. It was Google that announced its work with Ascension during a quarterly earnings call in July, and Ascension didn’t issue a news release about the partnership until after the news broke.

“There should have been a public-facing announcement of the partnership,” Becker said. “This was a PR failure. Secrecy creates distrust.”

Matthew Fisher, partner at Mirick O’Connell Attorneys at Law and chairman of its health law group, said the outcry over the Google-Ascension partnership was surprising. For years, tech companies have been trying to get access to patient data to help healthcare organizations and, at the same time, develop or refine their existing products, he said.

“I get the sense that just because it was Google that was announced to have been a partner, that’s what drove a lot of the attention,” he said. “Everyone knows Google mostly for purposes outside of healthcare, which leads to the concern of does Google understand the regulatory obligations and restrictions that come to bear by entering the healthcare space?”

Ascension’s statement in response to the situation said the partnership with Google is covered by a business associate agreement — a distinction Fisher said is “absolutely required” before any protected health information can be shared with Google. Parties in a business associate agreement are obligated by federal regulation to comply with the applicable portions of HIPAA, such as its security and privacy rules.

A business associate relationship allows identifiable patient information to be shared and used by Google only under specified circumstances. It is the legal basis for keeping patient data segregated and restricting Google from freely using that data. According to Ascension, the health system’s clinical data is housed within an Ascension-owned virtual private space in Google Cloud, and Google isn’t allowed to use the data for marketing or research.

“Our data will always be separate from Google’s consumer data, and it will never be used by Google for purposes such as targeting consumers for advertising,” the statement said.

Health IT and information security expert Kate Borten Kate Borten

But health IT and information security expert Kate Borten believes business associate agreements and the HIPAA privacy rule they adhere to don’t go far enough to ensure patient privacy rights, especially when companies like Google get involved. The HIPAA privacy rule doesn’t require healthcare organizations to disclose to patients who they’re sharing patient data with.

“The privacy rule says as long as you have this business associate contract — and business associates are defined by HIPAA very broadly — then the healthcare provider organization or insurer doesn’t have to tell the plan members or the patients about all these business associates who now have access to your data,” she said.

Chilmark Research senior analyst Jody Ranck said much of the alarm over the Google-Ascension partnership may be misplaced, but it speaks to a growing concern about companies like Google entering healthcare.

Since the Office for Civil Rights is looking into the partnership, Ranck said there is still a question of whether the partnership fully complies with the law. But the bigger question has to do with privacy and security concerns around collecting and using patient data, as well as companies like Google using patient data to train AI algorithms and the potential biases it could create.

All of this starts to feel like a bit of an algorithmic iron cage.
Jody RanckSenior analyst, Chilmark Research

Ranck believes consumer trust in tech companies is declining, especially as data privacy concerns get more play.

“Now that they know everything you purchase and they can listen in to that Alexa sitting beside your bed at night, and now they’re going to get access to health data … what’s a consumer to do? Where’s their power to control their destiny when algorithms are being used to assign you as a high-, medium-, or low-risk individual, as creditworthy?” Ranck said. “All of this starts to feel like a bit of an algorithmic iron cage.”

A call for more transparency

Healthcare organizations and big tech partnerships with the likes of Google, Amazon, Apple and Microsoft are growing. Like other industries, healthcare organizations are looking to modernize their infrastructure and take advantage of state of the art storage, security, data analytics tools and emerging tech like artificial intelligence.

But for healthcare organizations, partnerships like these have an added complexity — truly sensitive data. Forrester’s Becker said the mistake in the Google-Ascension partnership was the lack of transparency. There was no press release early on announcing the partnership, laying out what information is being shared, how the information will be used, and what outcome improvements the healthcare organization hopes to achieve.

“There should also be assurance that the partnership falls within HIPAA and that data will not be used for advertising or other commercial activities unrelated to the healthcare ambitions stated,” he said.

Fisher believes the Google-Ascension partnership raises questions about what the legal, moral and ethical aspects of these relationships are. While Ascension and Google may have been legally in the right, Fisher believes it’s important to recognize that privacy expectations are shifting, which calls for better consumer education, as well as more transparency around where and how data is being used.

Although he believes it would be “unduly burdensome” to require a healthcare organization to name every organization it shares data with, Fisher said better education on how HIPAA operates and what it allows when it comes to data sharing, as well as explaining how patient data will be protected when shared with a company like Google, could go a long way in helping patients understand what’s happening with their data.

“If you’re going to be contracting with one of these big-name companies that everyone has generalized concerns about with how they utilize data, you need to be ahead of the game,” Fisher said. “Even if you’re doing everything right from a legal standpoint, there’s still going to be a PR side to it. That’s really the practical reality of doing business. You want to be taking as many measures as you can to avoid the public backlash and having to be on the defensive by having the relationship found out and reported upon or discussed without trying to drive that discussion.”

Go to Original Article
Author:

For Sale – Mid-2011 iMac 21″, i5, 8Gb RAM, 500Gb HDD

Hi all, I’m selling my mid-2011 iMac which runs with 8Gb of RAM and a 500Gb hard drive (health check approved). It’s the 21″ screen version.

The device is in great condition aside from a scratch on the front of the bottom bezel (down in photo).

It’s currently running Mac OS X High Sierra.

The official wireless keyboard and mouse are included in the sale.

Feel free to ask any questions, collection preferred due to the size (TS18 – Stockton)

Many thanks

Go to Original Article
Author:

Forus Health uses AI to help eradicate preventable blindness – AI for Business

Big problems, shared solutions

Tackling global challenges has been the focus of many health data consortiums that Microsoft is enabling. The Microsoft Intelligent Network for Eyecare (MINE) – the initiative that Chandrasekhar read about – is now part of the Microsoft AI Network for Healthcare, which also includes consortiums focused on cardiology and pathology.

For all three, Microsoft’s aim is to play a supporting role to help doctors and researchers find ways to improve health care using AI and machine learning.

“The health care providers are the experts,” said Prashant Gupta, Program Director in Azure Global Engineering. “We are the enabler. We are empowering these health care consortiums to build new things that will help with the last mile.”

In the Forus Health project, that “last mile” started by ensuring image quality. When members of the consortium began doing research on what was needed in the eyecare space, Forus Health was already taking the 3nethra classic to villages to scan hundreds of villagers in a day. But because the images were being captured by minimally trained technicians in areas open to sunlight, close to 20% of the images were not high quality enough to be used for diagnostic purposes.

“If you have bad images, the whole process is crude and wasteful,” Gupta said. “So we realized that before we start to understand disease markers, we have to solve the image quality problem.”

Now, an image quality algorithm immediately alerts the technician when an image needs to be retaken.

The same thought process applies to the cardiology and pathology consortiums. The goal is to see what problems exist, then find ways to use technology to help solve them.

“Once you have that larger shared goal, when you have partners coming together, it’s not just about your own efficiency and goals; it’s more about social impact,” Gupta said.

And the highest level of social impact comes through collaboration, both within the consortiums themselves and when working with organizations such as Forus Health who take that technology out into the world.

Chandrasekhar said he is eager to see what comes next.

“Even though it’s early, the impact in the next five to 10 years can be phenomenal,” he said. “I appreciated that we were seen as an equal partner by Microsoft, not just a small company. It gave us a lot of satisfaction that we are respected for what we are doing.”

Top image: Forus Health’s 3nethra classic is an eye-scanning device that can be attached to the back of a moped and transported to remote locations. Photo by Microsoft. 

Leah Culler edits Microsoft’s AI for Business and Technology blog.

Go to Original Article
Author: Microsoft News Center

Success of healthcare APIs hinges on data safety, patient awareness

The Office of the National Coordinator for Health IT is steadfast in fostering interoperability through healthcare APIs. But health IT leaders are asking for more nuance: specifically, how APIs can also keep patient data safe.

During ONC’s 3rd Interoperability Forum this week, Don Rucker, national coordinator for health IT, made it clear that the federal agency is dedicated to pursuing greater patient access to data through healthcare APIs, or code that enables software programs to talk to each other.

Earlier this year, ONC and the Centers for Medicare and Medicaid Services proposed new rules on interoperability and information blocking. The proposed rules would require healthcare organizations to use APIs, which ONC hopes will create a market for healthcare apps and inject competition into the mix.

“We are very serious in getting the American public to have the benefits of interoperability on their smartphone,” he said.

Rucker and ONC are focused on the interoperability rule and getting patient data access through apps, as well as keeping data secure. But during the forum, a panel of healthcare experts raised other issues that could affect the use of healthcare APIs.

Patient data safety

We are very serious in getting the American public to have the benefits of interoperability on their smartphone.
Don RuckerNational coordinator for health IT

Based on more than 2,000 comments on the proposed rules from the healthcare community, ONC is taking a harder look at a growing concern: secondary uses of data when healthcare apps store medical records.

Indeed, concerns about patient data safety were voiced even before the comment period on the rules concluded. During a hearing in May held by the U.S. Senate Committee on Health, Education, Labor and Pensions, several Senate members questioned whether patient data would be safe in an app ecosystem.

The community’s worry has to do with end-user license agreements, which users are asked to sign off on when using an app. The agreements are often cumbersome, long and filled with small print that, in part, detail potential secondary uses of data, something a patient could overlook or accept blindly.

The agreements “don’t work in this modern world,” Rucker said, and the agency is working to find more transparent ways of getting patient consent.

Patient awareness

Healthcare organizations are not yet required to use APIs so that patients can download their electronic health information into healthcare apps — nor are they incentivized to make it known when they do. Indeed, another concern the panel raised had less to do with functionality and more to do with awareness.

Philip Parker, CEO at Boston-based Coral Health, said as a tech company with a healthcare app, he works closely with EHR vendors and provider organizations to connect to APIs they have available. One of the issues he sees is lack of patient awareness about the availability of healthcare APIs enabling them to download their data into an app.

“There’s a big gap there where patients aren’t asking for this yet because they don’t know about it, and it makes it difficult,” Parker said.

While ONC’s proposed rule requiring organizations to use healthcare APIs has not been finalized, early adopters have seen dismal results, according to new research in the “Journal of the American Medical Association.”

Researchers studied 12 U.S. health systems with at least nine months of experience using healthcare APIs. From March to December 2018, the study found that only 0.7% of patients who logged into their patient portal also used an API to download their health data into an app.

The study acknowledged that because the capability is new, few applications are able to access and use electronic health information. But it also stressed that there has been “little effort by healthcare systems or health information technology vendors to market this new capability to patients, and there are not clear incentives for patients to adopt it.”

While APIs will be a good way to share information once patients become more familiar with the capability, another challenge is the content, according to panelist Jim Barnett, director of strategic intelligence analysis at AARP. Clinical or claims data doesn’t always make sense to consumers and can be difficult to interpret, he said. “We need more work there,” he said.

Go to Original Article
Author:

Naveego launches tool for analyzing data quality and health

Naveego has launched Accelerator, a tool that analyzes data accuracy and checks the health of multiple data sources.

Naveego Accelerator checks data health by auto-profiling and doing a cross-system comparison. It calculates the percentage of data with consistency errors that would affect a business’s operations and profitability by doing a cross-system comparison.

The tool then delivers analysts results and data health metrics within minutes, according to the vendor. Users can also have Accelerator set data quality checks to investigate issues further.

Data cleansing has long been an important part of data management for businesses. The process fixes or removes data that is wrong, incomplete, formatted incorrectly or duplicated. Data-heavy industries, such as banking, transportation or retail, can use data cleansing to examine data for issues by using rules, algorithms and lookup tables.

Naveego’s flagship product is the Complete Data Accuracy Platform, which aims to prevent issues stemming from inaccurate data. It is a hybrid, multi-cloud platform that manages and detects data accuracy issues.

Naveego has also expanded its Partner Success Program, partnering with Frontblade Systems, H2 Integrated Solutions, Mondelio and Narwal. The Partner Success Program provides a support package for partners that includes sales personnel, technical training and expertise, and marketing and promotional support.

As an emerging vendor in the data quality software market, Naveego must compete with market giants such as Informatica and IBM.

Informatica offers a portfolio of products designed for data quality assurance, including Axon Data Governance, Informatica Data Quality, Cloud Data Quality, Big Data Quality, Enterprise Data Catalog and Data as a Service. Informatica Data Quality ensures data is clean and ready to use, and it supports Microsoft Azure and Amazon Web Services.

IBM offers a handful of data quality products, as well, including InfoSphere Information Server for Data Quality, InfoSphere QualityStage, BigQuality and InfoSphere Information Analyzer. These products work to cleanse data, monitor data quality and provide data profiling and analysis to evaluate data for consistency and quality.

Go to Original Article
Author:

Social determinants of health data provide better care

Social determinants of health data can help healthcare organizations deliver better patient care, but the challenge of knowing exactly how to use the data persists.

The healthcare community has long-recognized the importance of a patient’s social and economic data, said Josh Schoeller, senior vice president and general manager of LexisNexis Health Care at LexisNexis Risk Solutions. The current shift to value-based care models, which are ruled by quality rather than quantity of care, has put a spotlight on this kind of data, according to Schoeller.

But social determinants of health also pose a challenge to healthcare organizations. Figuring out how to use the data in meaningful ways can be daunting, as healthcare organizations are already overwhelmed by loads of data.

A new framework, released last month, by the not-for-profit eHealth Initiative Foundation, could help. The framework was developed by stakeholders, including LexisNexis Health Care, to give healthcare organizations guidance on how to use social determinants of health data ethically and securely.

Here’s a closer look at the framework.

Use cases for social determinants of health data

The push to include social determinants of health data into the care process is “imperative,” according to eHealth Initiative’s framework. Doing so can uncover potential risk factors, as well as gaps in care.

The eHealth Initiative’s framework outlines five guiding principles for using social determinants of health data. 

  1. Coordinating care

Determine if a patient has access to transportation or is food is insecure, according to the document. The data can also help a healthcare organization coordinate with community health workers and other organizations to craft individualized care plans.

  1. Using analytics to uncover health and wellness risks

Use social determinants of health data to predict a patient’s future health outcomes. Analyzing social and economic data can help the provider know if an individual is at an increased risk of having a negative health outcome, such as hospital re-admittance. The risk score can be used to coordinate a plan of action.

  1. Mapping community resources and identifying gaps

Use social determinants of health data to determine what local community resources exist to serve the patient populations, as well as what resources are lacking.

  1. Assessing service and impact

Monitor care plans or other actions taken using social determinants of health data and how it correlates to health outcomes. Tracking results can help an organization adjust interventions, if necessary.

  1. Customizing health services and interventions

Inform patients about how social determinants of health data are being used. Healthcare organizations can educate patients on available resources and agree on next steps to take.

Getting started: A how-to for healthcare organizations

The eHealth Initiative is not alone in its attempt to move the social determinants of health data needle.

Niki Buchanan, general manager of population health at Philips Healthcare, has some advice of her own.

  1. Lean on the community health assessment

Buchanan said most healthcare organizations conduct a community health assessment internally, which provides data such as demographics and transportation needs, and identifies at-risk patients. Having that data available and knowing whether patients are willing or able to take advantage of community resources outside of the doctor’s office is critical, she said.

Look for things that meet not only your own internal ROI in caring for your patients, but that also add value and patient engagement opportunities to those you’re trying to serve in a more proactive way.
Niki BuchananGeneral manager of population health management, Philips Healthcare

  1. Connect the community resource dots

Buchanan said a healthcare organization should be aware of what community resources are available to them, whether it’s a community driving service or a local church outreach program. The organization should also assess at what level it is willing to partner with outside resources to care for patients.

“Are you willing to partner with the Ubers of the world, the Lyfts of the world, to pick up patients proactively and make sure they make it to their appointment on time and get them home,” she said. “Are you able to work within the local chamber of commerce to make sure that any time there’s a food market or a fresh produce kind of event within the community, can you make sure the patients you serve have access?”

  1. Start simple

Buchanan said healthcare organizations should approach social determinants of health data with the patient in mind. She recommended healthcare organizations start small with focused groups of patients, such as diabetics or those with other chronic conditions, but that they also ensure the investment is a worthwhile one.

“Look for things that meet not only your own internal ROI in caring for your patients, but that also add value and patient engagement opportunities to those you’re trying to serve in a more proactive way,” she said.

Go to Original Article
Author:

With the onset of value-based care, machine learning is making its mark

In a value-based care world, population health takes center stage.

The healthcare industry is slowly moving away from traditional fee-for-service models, where healthcare providers are reimbursed for the quantity of services rendered, and toward value-based care, which focuses on the quality of care provided. The shift in focus on quality versus quantity also shifts a healthcare organization’s focus to more effectively manage high-risk patients.

Making the shift to value-based care and better care management means looking at new data sources — the kind healthcare organizations won’t get just from the lab.

In this Q&A, David Nace, chief medical officer for San Francisco-based healthcare technology and data analytics company Innovaccer Inc., talks about how the company is applying AI and machine learning to patient data — clinical and nonclinical — to predict a patient’s future cost of care.

Doing so enables healthcare organizations to better allocate their resources by focusing their efforts on smaller groups of high-risk patients instead of the patient population as a whole. Indeed, Nace said the company is able to predict the likelihood of an individual experiencing a high-cost episode of care in the upcoming year with 52% accuracy.

What role does data play in Innovaccer’s individual future cost of care prediction model?

David Nace, chief medical officer, Innovaccer David Nace

David Nace: You can’t do anything at all around understanding a population or an individual without being able to understand the data. We all talk about data being the lifeblood of everything we want to accomplish in healthcare.

What’s most important, you’ve got to take data in from multiple sources — claims, clinical data, EHRs, pharmacy data, lab data and data that’s available through health information exchanges. Then, also [look at] nontraditional, nonclinical forms of data, like social media; or local, geographic data, such as transportation, environment, food, crime, safety. Then, look at things like availability of different community resources. Things like parks, restaurants, what we call food deserts, and bring all that data into one place. But none of that data is standardized.

How does Innovaccer implement and use machine learning algorithms in its prediction model?

Nace: Most of that information I just described — all the data sources — there are no standards around. So, you have to bring that data in and then harmonize it. You have to be able to bring it in from all these different sources, in which it’s stored in different ways, get it together in one place by transforming it, and then you have to harmonize the data into a common data model.

We’ve done a lot of work around that area. We used machine learning to recognize patterns as to whether we’ve seen this sort of data before from this kind of source, what do we know about how to transform it, what do we know about bringing it into a common data model.

Lastly, you have to be able to uniquely identify a cohort or an individual within that massive population data. You bring all that data together. You have to have a unique master patient index, and that’s been very difficult, because, in this country, we don’t have a national patient identifier.

We use machine learning to bring all that data in, transform it, get it into a common data model, and we use some very complex algorithms to identify a unique patient within that core population.

How did you develop a risk model to predict an individual’s future cost of care? 

You can’t do anything at all around understanding a population or an individual without being able to understand the data.
David NaceChief medical officer, Innovaccer

Nace: There are a couple of different sources of risk. There’s clinical risk, [and] there’s social, environmental and financial risk. And then there’s risk related to behavior. Historically, people have looked at claims data to look at the financial risk in kind of a rearview-mirror approach, and that’s been the history of risk detection and risk management.

There are models that the government uses and relies on, like CMS’ Hierarchical Condition Category [HCC] scoring, relying heavily on claims data and taking a look at what’s happened in the past and some of the information that’s available in claims, like diagnosis, eligibility and gender.

One of the things we wanted to do is, with all that data together, how do you identify risk proactively, not rearview mirror. How do you then use all of this new mass of data to predict the likelihood that someone’s going to have a future event, mostly cost? When you look at healthcare, everybody is concerned about what is the cost of care going to be. If they go back into the hospital, that’s a cost. If they need an operation, that’s a cost.

Why is predicting individual risk beneficial to a healthcare organization moving toward value-based care?

Nace: Usually, risk models are used for rearview mirror for large population risk. When the government goes to an accountable care organization or a Medicare Advantage plan and wants to say how much risk is in here, it uses the HCC model, because it’s good at saying what’s the risk of populations, but it’s terrible when you go down to the level of an individual. We wanted to get it down to the level of an individual, because that’s what humans work with.

How do social determinants of health play a role in Innovaccer’s future cost of care model?

Nace: We’ve learned in healthcare that the demographics of where you live, and the socioeconomic environment around you, really impact your outcome of care much more than the actual clinical condition itself.

As a health system, you’re starting to understand this, and you don’t want people to come back to the hospital. You want people to have good care plans that are highly tailored for them so they’re adherent, and you want to have effective strategies for managing care coordinators or managers.

Now, we have this social vulnerability index that we have a similar way of using AI to test against a population, reiterate multiple forms of regression analysis and come up with a highly specific approach to detecting the social vulnerability of that patient down to the level of a ZIP code around their economic and environmental risk. You can pull data off an API from Google Maps that shows food sources, crime rates, down to the level of a ZIP code. All that information, transportation methods, etc., we can integrate that with all that other clinical data in that data model.

We can now take a vaster amount of data that will not only get us that clinical risk, but also the social, environmental and economic risk. Then, as a health system, you can deploy your resources carefully.

Editor’s note: Responses have been edited for brevity and clarity.

Go to Original Article
Author: