Health Care's Napkin NetworkBy Baselinemag | Posted 2002-02-04 Email Print
WEBINAR: On Demand Webcast As identity theft and credential-based attacks escalate, organizations wonder how this can be when they're investing so much time and effort deploying identity and access management solutions. Despite their best efforts, identity has become the most consequential attack vector to the modern enterprise. Organizations are essentially outmatched by increasing identity risks.
Modernizing Authentication — What It Takes to Transform Secure Access REGISTER >
The health care industry has been slow to comply with new federal requirements for the electronic exchange of medical data. So how did one cooperative find a way to complyfour years ago?
John Halamka and John Glaser stood overlooking New Orleans' legendary Bourbon Street from the balcony of the Royal Sonesta Hotel. Below, knots of revelers were getting an early start on Mardi Gras, set to begin the next morning. It was a strange venue for the group assembled on the balcony that night. These chief information officers from major Massachusetts health care companies had gathered in New Orleans for a symposium on the security of electronic patient records and medical information systems.
|Cost out a data exchange network (
A time line for implementation (Microsoft Project 98 file).
It was against this backdrop that health care CIOs and CTOs from across New England sipped their drinks and chatted over the Mardi Gras noise above Bourbon Street that night in 1998.
Suddenly, for the first time, the health care industry faced a drop-dead deadline to solve two challenges that had bedeviled it for the past decade:
Many of the companies in New Orleans that night had toyed with developing their own software for complying with HIPAA. Others were hoping software vendors would come up with a solution in time. But for all, the HIPAA deadline was a sword hanging over their heads. And the penalties for failing to comply ranged from hefty monetary fines to jail time.
This group of pragmatic technology executives, which came to call itself the Bourbon Street Coalition, wasn't about to wait for years to go by before finding a way to comply. It was ready to find a solution, immediately.
Even as health care payment organizations such as Blue Cross and Blue Shield would seek to push the need for compliance beyond 2002, Halamka, Glaser and cohorts would find a way to be up and running by the end of 1998almost four years ahead of time. This is the story of the secure patient information network sketched out on a napkin at Mardi Gras 1998and why this group of health care executives could find a system that worked without major pain or investment, while other institutions pleaded for more time.