Fail-Safe is a new service line of Suncoast RHIO. It permits Minimum Price "save-a-spot" Hotsite reservations for key business compliance, reporting, and electronic audit functions. The service permits immediate fall-over to our certified software should your current vendor fail so you don't have to miss a beat. For the first service in this line, we are offering our electronic audit notification and evidence reporting software and made available at a low cost monthly fee. Think of it as your "Preparedness Premium Guarantee". Suncoast RHIO is active in the Health Technology government and interoperability space. Watch for more announcement from us n support of the various government agencies' harmonization and confluence efforts of these technology programs.
CONTACT US
-- Please Use "Get a Free Quote" Button Below to Contact us.
Fail-Safe Detail
In today’s system of healthcare, your patients, affiliates, business partners and your community, all expect operational and financial prudence, consistent efficiency, innovation, and value. A small step you can take now towards achieving these goals is by embracing a culture of assurance to those you deal with and to bullet proof your operations with compliance and a reputation of safety. Consider a “Fail-Safe” option from Suncoast RHIO, Inc., a national health technology company.
When you reserve and set up a "Fail-Safe" spot, it will permit instantaneous fail-over of your key business software supporting your critical systems thereby allowing continuous processing when the unexpected happens.
After setup, your subscription kicks in should you have a key vendor failure or a temporary suspension of services affecting your HIH, EHR, or MIPS vendor. If we use any third party, we monitor and approve them first utilizing the CORL Technologies “CORLCleared” service for TPRM (Third Party Risk Management). Suncoast RHIO is also in a contract with HiTrust (Formally HiTrust Service Alliance) for our own certification). TPRM is serious business.
Six of Our Most Common FAQ’s in Section Below
ABOUT SUNCOAST RHIO:
Suncoast RHIO is a national healthcare technology company specializing in interoperability, quality metric optimization, and compliance/electronic audit reporting.
The company is located in Florida and has a customer base made up of hospitals, clinics, and provider practices that may purchase services as clients or join as members and qualify for bundled discounts. Recently, Suncoast entered into discussions with the payer segment thanks to expertise and software tools utilizing the HL7 FHIR protocol.
Suncoast RHIO additionally has a consumer information and call-to-action web page. The company is primarily an HIE vendor service organization for providers using government certified software for its reporting and connectivity activities. RHIO is an acronym for Regional Health Information Organization. HIE is an acronym for Health Information Exchange.
Suncoast RHIO Corporate Website
Interoperability Product Descriptions and Prices -
Coming in June 2023
"We list our many testimonials from over the years from all taxonomies we serve. Check back after June 2023 when this section is scheduled for population".
We strive to stay in communication with our clients. Have a question about us, or want to see if we match your needs? Send us a message, or give us a call, 941 426 6093.
900 North Roberts Avenue, Arcadia, Florida 34266, United States
Please reach us at suncoastrhio@yahoo.com if you cannot find an answer to your question by clicking on each below.
Click Each -
What is the potential liability to my facility if my audit software vendor fails or if I don’t have a vendor and my audits increase beyond the capabilities of my current staff’s capabilities?
There are different forms of potential liability to be aware of. Here are a few starting with a high level direct answer:
Affected Costs- $50,000 per year average per facility is the conservative operational cost to simply process paper audits. If an online vendor becomes suddenly unavailable to process these audits, the estimated liability is $10,000 per month in operations expense not including penalties and any claims pay back.* So a small hospital subscription investment reduces this carried liability by 90% ROI or more and reduces the risk of it happening to zero. We'll discuss the probability of these failures below.
*(Methodology: We averaged a cost based on 2015 American Hospital Association report. In that report, over 40% of hospitals expended upwards of $100,000 in just operations per year on manual RAC audit processing. We extrapolated the cost downwards by estimating the advantage of having a software certified vendor perform some of the functions electronically and we conservatively estimated $20,000 per year, down by 80% of the manual number. However, this is only for RAC audits.
Today, the number of audit types has increased by over tenfold. Enforcement is up and types of hospitals and other facilities such as nursing homes, hospice, DME, and ambulance providers are receiving audit letters and must respond. On a per facility basis and assuming an electronic HIH vendor processing of all audit types instead of a manual process, we now derive the annual number at $50,000 per year. For every month that your vendor is unavailable and, taking all other factors explained below into consideration, this equates to an operational loss of $10,000 per month unless another HIH such as with Suncoast RHIO and its Fail-Safe program is engaged and provides the services with a surety to perform during the vendor downtime. With this option, the loss of $10,000 per month is avoided. See 2015 graphic BLOG below from the American Hospital Association RACTrac project which identified workflow costs involved with paper or electronic audit response required to answer an ADR).
Here are the factors that go into the breakdown of the operational costs processing an audit:
1. Increased staff efforts and time that now must be dedicated to finding, gathering, packaging the audit response;
2. Missed audit letters (ADR’s) getting lost in the mail or going to the wrong department causing missed deadlines;
3. Missing an audit deadline and then having to pay back questioned claims reimbursement or incur the cost of choose of an appeal;
4. Cost impact arising from the utilization of the facility’s computer hardware and storage resources. (Audits can occur every 45 days and based on hospital size from what we’ve seen, can range from 50 audits per month to as high as 250. Audits must be responded to in PDF format and are only allowed to be electronically submitted through an HIH. Without an HIH, the facility must copy and send paper, FAX, or encrypted CD ROM. We have seen an average of approximately 150 PDF pages as evidence response per audit. However, to give an appreciation of the range, Suncoast RHIO’s record for size audit for one patient was 19,000 pages. These have to be delivered to the contractor during a typical response window in the ADR (Additional Documentation Request) of 30 days. Suncoast RHIO gives the facility a legal receipt in the form of a unique CMS successful transaction number.)
5. Without accounting for potential penalties or any payback requirements, a 2015 report showed annual cost pertaining to 40% of hospitals to manage “non-electronic” RAC audits (today there are many more types) averaged $100,000 per hospital per year as reported by the American Hospital Association RACTrac program. The good news is that the majority of these cases are decided in favor of the facility; however, you still need to go through the documentation transmission procedures. (Infographic Below in our "About Us Blog" at the bottom of this site.)
Other less common considerations include:
6. You incur administrative fees if you are late and in an appeals stage especially when the next step is an administrative judge;
7. Reputational risk;
8. Potentially having to lock up budgeted operational funds allotted to the claims in question that represent encumbrances to spending funds in question because they may have to be used to pay back the claim if the audit is judged in favor of the auditor;
9. Penalties for non-compliance or non-response;
10. Further audit examinations if a history of failure in justifying past claim audits is established;
11. Third Party Risk if the HIH or its partners and affiliates procedures', consents, and safety/security guardrails are in question or are not HIPAA compliant (See upcoming "Consent Blog" and Blog Part 2, "The Statistical Ease in Finding De-Identified Patients using Common Approaches");
12. Exacerbating a bad situation by falling behind while your vendor is unavailable and while new audits keep coming in daily. These build up against the 30 day per audit ADR deadlines.
Do electronic audit notification and evidence submission companies like Suncoast RHIO ever fail; if they do, how could this affect my facility? Let's look at some brief facts:
Beside the obvious threat of dealing with the dangers of having sloppy vendor business partners, a current University of Pennsylvania research study found that nearly all US acute care hospitals transfer data to third parties. A large portion of that data goes into third party marketing tracking; which is a double threat of operational and ransomware risk with the additional threat of inviting a violation of the HIPAA Omnibus marketing and advertising PHI and consent firewall rules.
As a certified HIH since 2012 as described below, here is a short list of the more common reasons observed in HIH temporary or permanent failures:
A) Physical - Incapacity of an HIH to perform may be based on local geographic events or power grid, weather, and network communication issues. Our service provides protection given we are not affected by the same conditions so we can insure your business continuity from events out of your control.
B) Non- Physical - Here are the "non-physical" events leading to Administrative Suspension or Discontinuance:
1. Being “de-certified” by CMS. Some causes include-
a. Failure to send a provider’s audit evidence to the auditor on-time even though the provider supplied the evidence within the acceptable period.
b. Falling behind on having security certificates (certs) from a CMS designated “Certificate Authority.”
c. Not upgrading and testing new code or features when required.
d. Not taking part in required administrative processes.
e. Passing PHI from the client provider through the test (UAT) systems instead of through the Production System or, sending provider test data
f. Showing consistent disregard for reconciling HIH audit processing with daily reconciliation and Quality Assurance reports.
g. Not notifying provider client of issues with their transmissions or not reporting client issues to CMS or the auditor when requested.
h. Violations of the annual CMS agreement.
i. Violations of HIPAA consent or “Omnibus Rule” guidance when acting as a proxy for provider PHI data*.
2. Fines, warnings, and penalties – An HIH will be required to shut down their esMD processing if found to be under review for violations or being penalized for violations by CMS (or other agencies’ within HHS such as ONC) or if fines are levied from OIG (Offices of Inspector General) or the OCR (Office of Civil Rights), or the HHS “HEAT Task Force.”
*(HIPAA Omnibus (marketing PHI) consent issues are in focus. This is a developing issue in line with recent announcements around protecting patients from unwanted marketing in Medicare Advantage Plans and in Prior Authorization. In fact, this rule has been in effect for many years but enforcement has been lagging. See the upcoming "Consent" Blog coming soon.)
What if I don’t currently engage with an HIH? Do I need one; how do I find one?
Unless your organization is small and does not receive ADR audit letters or if you are a non-CMS participating facility, certified audit notification and evidence reporting capability can help in many ways. If your facility does not have an audit software vendor and an unexpected increase in audit volume hits, you can now be prepared for a low cost premium.
(Note, for hospitals and other healthcare organizations that are now manually processing audits, you can evaluate and consider engaging with an HIH such as Suncoast RHIO at www.cms.gov/esMD )
Let's look at some brief facts about what an HIH is:
- Companies that provide audit reporting and notification functions are sometimes known as Health Information Handlers or HIH's. This term evolved from the federal government's esMD program that was originally launched by CMS, the Medicare and Medicaid Agency, over 10 years ago as a pilot. The goal of the pilot was to use contracted auditing companies to combat inaccurate and potentially fraudulent claims submitted by hospitals encompassing a 5 year look-back period. In the early days, these auditors were known as RAC’s or Recovery Audit Contractors.
If a claim was found to be inaccurate, the provider had to reimburse CMS for the past paid claim amount. The auditors were also required to return funds to the provider if an inaccurate claim review resulted in finding the provider did not claim enough and was entitled to a larger amount. These original audits were called “post pay.” Today, CMS also audits on “pre-pay” situations where they do not pay if there are questionable issues. This is similar to the process used by audits performed by commercial payers. Today, there are many more audit contractors and they are collectively referred to as RC’s, or Recovery Contractors.
An HIH is a company that stands in the middle of the auditor, the provider, and the agency. HIH’s utilize specialized code that allows providers (hospitals), to respond to the audits by sending the evidence requested electronically and securely. A new feature called eMDR also allows the HIH to send the audit notification letter electronically. You can go to www.cms.gov/esmd to find one and reach out through each company's website contact form.
This code is complex and must be certified by CMS before it can be processed by the HIH. HIH’s are in a constant cycle of re-certification through upgrades, testing, and an annual consent and security/compliance agreement with Health and Human Services or HHS. Without an HIH in the middle or a hospital that certified its own esMD code (very rare), the only option for the hospital (and now other taxonomy types) is to send the paper medical records evidence via mail or FAX, or on an encrypted CD ROM that is also sent by mail. Today, and since the program initiation, there are only 15 to 18 CMS listed HIH’s of which Suncoast RHIO is one.
Your Health Information Management (HIM) Medical Records operations department is the heart of your legal records processing division. They keep things running and, because of their integral role at your organization, they are also the area of highest risk if something were to go wrong. They should be involved in this decision.
Without an HIH, your facility is still receiving audit letters (ADR’s) in the mail and you are already dealing with this manually. With an HIH, you get a longer timeline because it is electronic; you save on copying, labor, and postage, and you get breathing room to respond to deadlines and a guarantee that the audits were sent and received through an electronic receipt.
Depending on hospital size, CMS auditors are capped on the number of audits they can send every 45 days to a hospital and it ranges from 50 to 250 audits per 45 day period. This is only the Federal piece. If you have to deal with commercial payer audits and RAD V, those get added.
If your facility is sent an ADR on a particular patient for a claim submitted by the hospital, doctor, clinic, long term health organization, Skilled Nursing Facility, Hospice or any other taxonomy for Medicare, Medicare Advantage RAD Audits, Medicaid, CHIP, or plans covered in the Health Insurance Marketplace (ObamaCare Affordable Care Act), you are expected to provide answers on these items.
Aren’t all HIH’s the same?
This is both a “Yes” and “No” answer. It is “Yes” when the question pertains to the required software needed to be an HIH. There is no differentiation between a large HIH or a small one. The software, the rules, and the testing all the same for all. There are no added benefits ,software wise, from one HIH to another. The software is prescribed and no variations are permitted.
HIH reporting software is approved and tested by the CMS agency of the Federal Government and other oversight offices. We are sized for any volume in both capacity and performance. If overflow were to ever happen, it is addressed by contractual arrangements with large capacity networks and vendors such as Vengroff Williams Inc. (VWINC.com, our operations partner in Sarasota Florida).
CMS does not restrict the number of HIH's a provider can use, or if the provider uses more than one at a time, or if the provider splits HIH functionality between services such as using one HIH for sending esMD evidence, and another for eMDR electronic audit notification.
The “No” answer to this is based on volume and added value an HIH may provider. HIH companies evolved from Medical Record Department outsourcing firms, many of which were known as ROI companies or Release of Information. Lawyers - These companies evolved from a specific and focused razor sharp margin business that saved pennies per transaction for the hospitals HIM or Medical Records department. In fact, unlike Suncoast RHIO, many of these companies were started by HIM people. There are few added benefits such as HIE, EHR, or networked interoperability with other departments or other hospitals or third party vendors with traditional HIH's and which are areas where Suncoast RHIO stands out in our offering of all of these functions.
Additionally, because larger third party HIH’s have unique positions with many hospitals, as their central point of legal patient information or HIPAA protected PHI, someof those HIH’s de-identify patient data records and combine them to sell analytics to their clients or other 3rd parties. Suncoast RHIO does not use this practice. This is being challenged in legal arena’s as being potentially out of sync with the HIPAA Omnibus rule regarding making marketing data available on patients without patient consent. If OIG decisions on this practice go South, both the HIH using the data and the hospital that supplied the data to the HIH without patient consent will be both at stake for Omnibus liability challenges. This is a sticky area that is being discussed today.
In other words, if an HIH controls patient data from a hospital and acquired it for ROI purposes and then sells it as de-identified, is the hospital at risk for not collecting patient consent for the use of the data; is the HIH at risk; or is it an acceptable use case? The jury is out but the risk of a negative ruling exists and can potentially shut down HIH operations that practice this and affect the hospital's patient privacy policies. Being on the wrong side of class action suit by the public for a HIPAA violation is not a pleasant place to be.
Can I work with more than one HIH?
CMS does not restrict the number of HIH’s a provider can use, or if the provider uses more at one time, or if the provider splits HIH functionality between services such as one HIH for esMD evidence, and another for eMDR electronic audit notification.
Your company may have a contractual arrangement with the vendor you are using as an HIH, but since all esMD HIH code is identical across all certified HIH’s and since the code is available to all in the public domain, there would be no violation of an exclusive use contract clause for the purposes of business continuity or leverage. No contract can ever deny prudence affecting sound business continuity procedures,
Why is Suncoast RHIO so Committed to Innovation and Blockchain Technology?
US Healthcare is not just any other industry. By constantly looking for cheaper ways to create component based functions that lend themselves to “Commodity Based Code” has its place in technology and healthcare is not immune. But the nature of changing situations in patient care and care in such a highly regulated industry makes this field more unique. The need to always be able to adapt to different situations for different patients or patient groups differentiates healthcare from the more general manufacturing or financial industries for example. It is by nature, always changing.
In general industry, component based commodity program modules lend themselves to offshoring or outsourcing and is a commonly utilized approach. It is also sometimes advantageous to bring in foreign labor to work here if the companies chose to have a physical team present. Many of the home countries of these workers prioritized computer programming above all else and, to a large extent, they hold a significant portion of the available labor market for many healthcare technology firms today. Of course, there are exceptions. Some of our larger US based health technology vendors use domestic labor but many times, cost is prohibitive to smaller facilities.
Past decisions made that de-emphasized STEM curriculum may have come back to haunt us. As technology has become more of an critical component of our healthcare industry, Suncoast RHIO decided to engage with local programmers where possible and to avoid computer code that we can’t understand or can't recreate ourselves. Also, commodity based coded software programs are more subject to ransomware because the code is so ubiquitous.
Besides ransomware, other "Blackswan" events can slow down or even freeze a healthcare business and in many cases, cause financial losss that puts the facility out of business, or worse, cause patient harm. Experience in Suncoast RHIO is deep and some of our staff are decision makers who lived through September 11 keeping major banks alive and functioning that were at ground zero not to mention catastrophic weather events and acts of terror over the years.
Jamie Dimon, JPMorgan Chase chairman and CEO, in his 2023 annual letter to shareholders recently stated that the “Frayed American Dream” can only be fixed in 2 ways and one of those ways is “bridging the skills gap.”
“Open Source Healthcare” and “Blockchain” technology together make an attractive alternative to be embraced while they are still in early stages and before anyone else can get a lock on the code. The US government is a large user of Open Source and does not allow staff outside of the US to touch their online systems. And with all of the negative attention and press lately exposing the weaknesses of crypto currencies and security law issues, it is very important to remember that Blockchain is NOT a currency. Crypto currencies use Blockchain but the Blockchain technology itself is applicable to many other applications already in use today.
If we want to get out of the technology morass that has shaped our economy for decades, we need to embrace the future. We need to include a technology inventory that includes systems that haven’t yet had time to become co-opted by others. Blockchain is the only future technology that fits that bill today and it is fully supported in the open source programming and network community
Alternative Asset Investment Club
Consumer Membership Feature
Interview with Suncoast RHIO Founder
Lou Galterio by DirectTrust.org- Here
ChatGBT AI Visual Rendition of "Fail-Safe" Concept
2015 RACTrac Summary American Hospital Association
OnMed.com: Provider visits are now possible with convenience of patient choice of location and time.
As a CMS qualified MIPS Registry, Suncoast RHIO
combines with OnMed to give providers Real-Time MIPS quality data
capture and to provide enhanced practice digital payment revenue &
payer outreach.
OnMed offers a self-contained Care S
OnMed.com: Provider visits are now possible with convenience of patient choice of location and time.
As a CMS qualified MIPS Registry, Suncoast RHIO
combines with OnMed to give providers Real-Time MIPS quality data
capture and to provide enhanced practice digital payment revenue &
payer outreach.
OnMed offers a self-contained Care Station with full
diagnostic vitals and a secure pharmacy vault. These virtual health kiosks can be deployed in public places like schools, community
centers, libraries, and county health department buildings to provide
access to healthcare services.
Copyright © 2023 Suncoast RHIO Optional Services - All Rights Reserved.
Powered by GoDaddy Website Builder