Reminder: Do not include any PHI or PII in Confluence. If you require 508 accessibility assistance or any other support for this system, then please send an email to onc-jira-questions@healthit.gov
For technical difficulties email cryan@irishealthsolutions.com
#HcDIR2019
Disclaimer: The content in this space is DRAFT and will change in the next coming weeks once recordings have been listened to.
MORNING- DISCUSSION 1
Group discussion of the governance, access controls, and operations of a validated healthcare directory,
facilitated by a specific use case based on data priorities and verification discussion in Day 1 exercises.
(The boxes below will be updated in real time based on the in-room flip charts)
PRINCIPLES | GOVERNANCE | FUNDING | OPERATIONS | LEGAL |
---|---|---|---|---|
Understanding WHO is doing the work/bot the provider but indiv. health systems. NPI- validate it first. No wrong door approach or are we being prescriptive?
Standards- data claims need to be standard regardless of door
Provider Burden- what is required of the provider? Not clear who is responsible for updating info (provider/org) Independent of authoritative source, its ok if auth. source for electronic endpoints- needs to be defined. Many data come from auth. source. Different data has different auth. source- needs to be handled via governance Trust on certain elements by specific data Group effort to attest Providers need to own specific data NPESS authoritative for specific content (must account for in Cascade)
Data Practitioner Huge amount of rules! Has to be grounded in regulations JCAHO credentialing Data vs. information- how are we sending it? Creating a solution-source not revising directory structure. Information is also for the patient. This can change by the hour. Med advantage- ex. helps provider attest. Think of "web of data"- tells where to go to get additional data. Diff. verification based on data. If data is already validated, do not need to repeat
TAXID number as well as EIDN? (Virtual attendee added) Validation tasks for now includes cleaning up data. Variable data that is time sensitive, providers often do not know the answers. Need confirmation within practice. Look at:
Data accuracy needs to be lightweight and quick | Tree structure- collected from auth source/distribution of data may be different No single way to connect, should be one door for each type of data Avoid technical governance? Where I got it and how it was validated. Reach agreement about what is "durable": what if it changes? Need provider expectations on time needed to verify. Need structure at a data level. "Durable"- not a lot of this that "cannot" change. System of record: need master data mgmt.- there is high probability of producing bad data. Decide who gets to adjudicate "speciality" or different data. Attestation vs. data use need standards Need to address multiple different master data sources. Consider different ideals for doing ahead of time vs. on the spot. "emergency management". Not just talking about stds for validating but a std that everyone follows (NPI Chain) Do we want to say this should be done one time and one time only (validation) Certification Authorities Fed entity- where PD are RHIO Trust of authority is at the local level (diff levels to choose from) Identify activities that drive human level of verification before they happen.
Multiple "sources of truth"- How do we break down use case silos? We keep limiting access
Clinical side- "data provenance" who did data come from, who is the source?
Credentialing assertion cannot be "free" text | Verify economically Who pays now? Who wants to pay? Who should pay? | Diff states have diff. requirements for validated data Health Plan Sites will vary by site/location, this information has to be done by provider type and at a cadence that satisfies that site.
There will be things ppl have to get to source of truth
Multi-source verification- what is correct in a mess of data? Difficult when there is no single source for data; reality is that we won't have it. Receiver may need to choose level of verification due to their use case.
Need to build "feedback loop" to report bad data. Need to verify provider auth. prior to delving into public health 70 different groups- if many doing do not have std method to correct data. | Safe harbor structure- provider is on the hook- will get involved. "users on hook by regulations will not be penalized for errors".
|
Use Case
What "is" vs. "what should be".
Root cause- significant bugs w/ systems with no way to express bugs back and say "this is a priority". Need a way to communicate that there are important details not being fixed.
- proposal: GitHub repository with no code which is issue tracker for NPESS
- How can we simplify & distribute?
Need an authoritative source
CMS- already discussing issues but want to hear feedback
"Source" must validate; Gov't cannot automatically validate
Ideal word "1 single directory, 1 single source of truth" due to inconsistencies of diff master data sources
- Matter of connecting indiv data sources.
Cara (Virtual attendee) need to understand how others ingest data. Not all entities are JSON/FHIR enabled or budgeted for this shift in technology.
- Proposed next steps we have a health plan payer workshop, vendor workshop and provider (defined in the regulatory mandate) workshop. This process will increase awareness, obtain additional representatives to help support the technology shift and/or our use cases allow for multiple languages like EDI 274 Provider Directory/Credentialing/Contracting TR3. Thid TR3 will be available for multiple language transaction as well as allow the user to transact with multiple entities within one single transaction so the user does not have to enter the data in mult applications or infrastructures.
Verify accurately, verify for everyone, if primary source should validate for everyone who needs to do the job and do accurately. Shouldn't have to "know someone".
Do credentials exist, but are not validated? (NPESS is auth of NPI)
HcDir- needs to use auth source based on- de-aggregation of multiple sources of truth to a single source of truth for a provider
- create golden record
DEA, Data Sources to validate the providers.
Consumers could drive the process for validated data (ie. opioid crisis)
Cultural Competencies, certain things that "we" "care about".
- site dependent data may still needed
If we have a "Golden Record" then authenticate user so that they have access to the data.
Data sources that conflict within one master database; creates data problem for next level
Need guidance on how auth source arrived at verification